The Reserve Bank of India issued ‘Internal Risk Assessment Guidance for Money Laundering/Terrorist Financing Risks’ on October 10. The guidelines are timely and germane. RBI Annual Report 2023-24 shows that the total number of fraud cases jumped from 13,564 in 2022-23 to 36,075 in 2023-24.

What makes the newly released recommendations unique is the focus on a data-driven quantitative approach to fraud risk management; and stress on the risk-based framework in its entirety. The growing number and the changing dynamics of frauds are a cause of concern.

The concerns regarding money laundering are not merely over the use of banking channels to launder dirty money but use of funds in terrorist financing and other illegal activities. The laundering process involves ‘placement’ of money earned through illegitimate means in bank accounts, the ‘layering’ of such funds through movement in various accounts, and finally an integration into the formal economy through use of such money in legitimate transactions.

As cash deposits above a certain limit are shunned by the banking system, deposits of cash just below the regulatory threshold in multiple small saving accounts are used to camouflage the ‘placement’. The ‘layering’ of funds involves use of cross-border trade and capital flows. ‘Integration’ is achieved through payment of legitimate transactions like international trade payments. In fact, such has been the misuse of these payments for ‘integration’ that trade-based money laundering is a major concern for the Financial Action Task Force (FATF). Evidently, without ‘using’ financial institutions it would not be possible to place, layer or integrate ‘dirty’ money.

While money laundering is as old as formalisation of financial systems, the additional concern now is the use of bank funds for the money laundering: the menace of credit frauds. Credit frauds are not just non-performing assets: when the money is siphoned off and used for the financing of illegitimate activities by unscrupulous borrowers, banks are unknowingly turned into a conduit in such activities. RBI has been concerned about financial frauds in general and credit frauds in particular.

Why risk-based assessment?

While RBI had earlier given a comprehensive list of early warning systems that banks must follow, continuous monitoring of early warnings can be demanding on resources. It is here the RBI’s guidelines on risk-based assessment system becomes pertinent. This entails treating business units’ compliance in view of the ‘risk’ associated. For example, while KYC and customer due diligence are important, for customers engaged in international trade payments the risk is heightened.

The due diligence to be followed for such customers would include not only the inclusion of documents like the proof of business, IEC (import export code) but also a continuous monitoring of their business activities and international transactions.

Focus on a data-driven approach in identification and quantification of risk is extremely important. The newly released guidelines have a detailed system for calculation and assignment of weights to risk categories and emphasise the need for banks to use their internal data, in addition to external data sources.

Banks have internal data which can be a rich source of information for early warning signals and transactions alerts. Mining data and qualitative information are essential for banks to optimise the use of existing data.

Further, use of tools like Natural Language Processing (NLP) can help analyse documents to understand the early signals to fraud. This is important for credit frauds, as these have a gestation period with early warnings building up over time, which are subjective and very qualitative. With NLP tools, observations in internal documents like credit notes can be used optimally for quantitative assessment of fraud.

On November 6, the RBI updated the existing Master Direction on KYC to enable a robust use of Central KYC Records Registry (CKYCR). Incremental or new information will be updated on CKYCR by reporting entities which, in turn, would be informed to other financial institutions dealing with the same customer. This entails a better use of the common pool for information banks have access to.

The RBI’s risk assessment guidance for money maundering, with the sharp focus on data driven approach will be a pivotal tool for banks to revamp their internal systems.

The writer is Associate Professor at National Institute of Bank Management, Pune. Views are personal

Related Topics