No silver bullet

About once a month, I get an email or phone call from someone who has produced a software “solution” to help MLROs – often a CDD system, or a transaction monitoring gizmo.  And what they want is to show me their product (that’s what they say) so that I will recommend it to my clients (that’s what they mean).  And I always say no.  This is partly because I’m really not that interested in software – my love is for face-to-face training and advice, and for the written word.  But it is also because I feel that, in order to maintain my usefulness to MLROs, I need to remain free of any commercial bias; all I ever say to those MLROs is that there are software packages out there, and some like them and some people don’t, and the best thing is to ask other MLROs for their recommendations and warnings.

All of this is on my mind thanks to the recent(ish) BBC story about HSBC and World-Check.  Well, I suppose the headline story was about HSBC and de-risking, but inevitably it turned to the question of reliance on automated CDD systems.  Like Peter Oborne, the author of the article, I have not seen World-Check in action, but the lesson seems to be the familiar one that I have parroted in countless workshops and training sessions: these systems (World-Check and their competitors alike) are not a silver bullet.  They do not have access to special, secret information denied the rest of us.  As the BBC article quotes from World-Check itself: “World-Check uses only reliable and reputable public domain sources (such as official sanctions lists, law and regulatory enforcement lists, government sources and trustworthy media publications) for risk-based information or allegations about an individual or entity.”  World-Check and other similar services provide consolidation and standardisation of information – which is a pretty great service, of course, but not in any way a replacement for the MLRO’s own experience-based judgements.  As with so many aspects of AML, you can outsource the work, but not the legal responsibility for that work being done properly.

This entry was posted in AML, Due diligence, Money laundering and tagged , , , , , , , , , . Bookmark the permalink.

2 Responses to No silver bullet

  1. Robert Long says:

    I think a common problem in regulatory areas is the notion that a piece of software can solve all your problems or in fact that a decision made purely by software is of better quality than one made by a individual. The former issue I think is partly caused by software suppliers who are very careful to put a appropriate limit on capabilities sin documentation but I very, very keen to play it up in sales process. Given a lot of the people who sign off on software acquisition are not necessarily the individuals who have to use it or know the area the software is being applied in some poor buying occurs.

    The second problem I think is the bigger one though. There seems to be just enough understanding of cognitive fallibility and bias among management that a decision made by software is considered superior to one without, to the point that if software was to say X and a human expert said Y the average manager will pick X, (cynically you can say that blaming the software also gives a organization some external to sue/blame etc). Of course it isn’t a binary choice between human opinion and software in these cases but the crutches of having a system give the appearance of making the decision (as opposed to just advising the decision) is hard to avoid. It can be difficult for even relatively strong minded individuals to go against what a piece of neutral software says (where into Milligram and other disturbing social psychology experiments here).

    All of which doesn’t help with your final point that you can mitigate the legal responsibility. I do wonder though if I was to go through cases if there is some evidence courts are slightly more lenient on individuals who can show they relied upon a piece of software and that it seemed reasonable to do so?

  2. You make some excellent points, Robert. I do think there is an element of “deep pockets” about relying on software solutions, and also the danger of a little knowledge being a dangerous thing. These computer systems are much more complicated than people realise, and they sometimes take them on without really knowing how to configure them to get the most accurate results.
    Best wishes from Susan

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.