AML for the autodidact


I’m a big fan of surveys and reports: give me a sniff of a group of compliance types being asked for their take on AML, and I’m there with my hand in the air, begging for the results, like the girlie swot I am.  So when LexisNexis recently published “What Keeps AML and CFT Professionals Awake at Night?”, I downloaded like a demon.  Turns out it’s not – as it so often is for me – trying to figure out why all the women in “Mad Men” love Don Draper when he’s so obviously a cad marinated in Brylcreem, but rather matters more professional in nature.

[A tangential observation, if you’ll permit.  When people ask what I do, I struggle to find the right words.  “AML consultant” is a bit watery, while “AML expert” is boastful.  But the foreword to this report is written by someone described as a “financial services regtech pioneer and expert”.  Now there’s someone not unduly troubled by pesky modesty.]

Anyway, I’ll leave you to read the report yourself, as everyone will take something different from it.  For my part, you’ll not be surprised to hear, I was particularly interested in what the “300 financial crime compliance professionals from a variety of different types and sizes of financial institutions across the UK & Ireland, including banks, asset management firms, fintech and challengers” had to say about staff [AML] training.  And here it is:

  • 77% of respondents “have a formal training process in place to keep staff updated on new criminal methodologies”
  • 72% of respondents expect that staff will seek external training
  • “Half of banks also expect their staff to independently seek external training to supplement their understanding of emerging financial crime methodologies, resulting in inconsistency across the sector”.

In theory, this expectation for staff to seek external training should be positive (knowledge = good, more knowledge = better), but unfortunately I see several problems.  For a start, regulatory expectation across all sectors is that AML training should be tailored specifically to the business and to the job role of the trainee – and any training that a member of staff sources independently is very unlikely to achieve this.  Then if staff are left to their own devices to research “new criminal methodologies”, who knows what rabid, prejudiced or plain wrong accounts they will read, with click-bait and spam lying in wait.  And just how does this DIY, pick-and-mix approach to learning fit with the risk-based approach for the firm, where decisions about who is taught what is supposed to be decided in a cool-headed manner against a background of risk assessment?

Of course, I imagine that most firms will provide in-house training and hope that staff will then augment that (rather than replacing it) with their own reading and learning.  But – back to the survey report – the numbers suggest that there are still plenty of firms (23% of respondents) with no formal training process for keeping their staff abreast of “new criminal methodologies”.  Surely the least a financial sector employee can expect is to be given the information he needs to be able to do his job to the correct legal standard.  Thank heavens for the “training defence” (e.g. section 330(7)(b) of the UK’s Proceeds of Crime Act 2002) – you might need it.