Timely and effective analysis of data is key to reducing the risk of financial crime, according to executives from Fiserv Inc., a global provider of payment and financial services technology solutions.
The security of financial information is an important worldwide issue with increasing local impact.
Ivo Distelbrink, head of Asia Pacific at Fiserv, encourages businesses and financial institutions to take steps to ensure the accuracy, integrity, and lineage of the data they handle in order to better manage the risk of financial crimes such as money laundering.
Have you read “Financial services can do cybersecurity better with the right tools”?
Ensuring data accuracy, integrity, and lineage requires collaboration among multiple parties within a business, including the CFO, chief risk officer, technology and compliance teams. Davies outlined how these three data requirements can be supported in these five steps:
Planning. This critical first step determines what data is needed to assess the risk of financial crime. Objectives have to be documented and the risks defined, so one can hone in on the data that is relevant to the task. Then, it is important to choose the right technique to obtain data, whether in real-time, in batches of updates, or from third parties. Once these evaluations are complete, the data plan has to be documented, allowing for contingencies in case products and services or attack vectors change over time.
Data Profiling and Security. Next, determine what data is already available and if it needs to be enhanced. For instance, a bank account holder may need to be validated as being the same owner of a phone number used to initiate a mobile transaction, ensuring both are the same person before a transaction is processed. This is particularly important because, with today’s global supply chains, initial suppliers can be obscured, and no business wants to find their money has been flowing back to a sanctioned company.
Data Cleansing. This step ensures that data is accurate and in a form that can be readily analyzed. It includes the necessary process of data de-duping or eliminating possible overlapping copies of the same file, so they do not skew results. Data controls should be put in place to make sure all needed data is included, and all excluded data is documented.
Process Documentation. Once processes are established, they need to be documented so they are well understood and so checks and balances can be implemented as needed. This includes establishing default values for missing data and determining when escalations can be triggered.
Testing, Activation and Maintenance. Testing ensures that the data that is expected compares to that which is observed. Activation includes the implementation of a change control process that allows for new sources, new data, and new or updated regulatory requirements to be incorporated. Maintenance includes ongoing fine-tuning, to identify and address at the source any alerts stemming from bad data, and to continue enhancing the program through ongoing reviews and validation.
“Data is the foundation for the successful management of financial risk,” said Distelbrink. “Having high quality, well-managed data also enables businesses to build trust and transparency with stakeholders, including regulators, employees, and customers.”