When Compliance Becomes Pivotal to Managing World Events

We’re less than 48 hours into Russia’s invasion of the Ukraine, and my household has been glued to the TV, watching the nightmare unfold. During this time, economic sanctions have been enacted, putting intense pressure on the financial system to be able to comply with these new rules. While federally-imposed economic sanctions aren’t new, many banks are scrambling to tighten up AML/KYC routines, at individual, entity, and regional levels.

This is already causing stress and headaches for the teams who need to go all hands on deck not just to complete the screening, but also to provide appropriate reporting during and after the crisis – without disrupting service for non-affected customers. Long after the fact, examiners will dig into what was done during this challenging time. I’m willing to place a wager that findings will emerge of not just incomplete compliance, but also of inadequate data quality routines on BSA reporting. Spoiler alert: These findings are already all over the consent orders today.

Let’s ask ourselves why this has to be a crisis for our banking system. Perhaps the banking community should do a bit of crisis-scenario planning on its own so it’s ready to flip a few switches based on any number of current events coming to fruition. Why?

1. The Ukraine isn’t the end of it. Maybe China makes its final move on Taiwan next, while everyone’s staring at Russia. More sanctions, more restrictions, more account freezes, more reporting. If not China, then maybe North Korea … or Canada. Mr. Trudeau froze bank accounts showing it could happen anywhere. Regardless of the filter or trigger, we know the banking system is going to be compelled to comply with governmental mandates. Creating a flexible framework to handle a wide range of scenarios in advance will make it easier to comply.
2. The Pandemic reminded us that money policy can be driven by anything – war, disease, weather. Forbearances, stimulus checks, payment deferments… all of which needed to be handled according to new rules in short order. But we knew this before Covid too – natural disasters (Hurricanes, Earthquakes, Wildfires….) trigger disruptions to banks and their consumers in the affected geographical locations, often with very little advance warning.

All of this is to say that we KNOW there will be disruptions to banking business-as-usual. There have been non-stop disruptions, yet we never fail to be surprised by what comes out of the Capital(s) or Mother Nature. Then we scramble to comply and pop the aspirin.

What if there was a better way?

We could anticipate this week’s military action happening well before it did. My husband, who is not in the government and has no security clearance whatsoever, called this in late December. He studies the news and is a brilliant critical thinker. We debated over cocktails with Russian friends weeks ago over whether Mr. Putin would invade the Ukraine. They said no way. He predicted it would be immediately after the Olympics closing ceremony in Beijing.

If a layperson saw this coming, certainly so could our intelligence community. If the intelligence community’s not going to give advance warning to the banking system, then the banking system should conduct its own scenario planning and be ready for whatever may come.

WarGames was a 1983 box office smash, cinematically introducing the idea of hacking and computer-driven thermonuclear warfare to the general public. It was an early machine learning algorithm, where Joshua, the WOPR (War Operation Plan Response, pronounced "whopper") computer, ran non-stop scenarios to assess and refine attack and counter-attack strategies at the end of the cold war. It was the ultimate scenario planning and optimization machine.

We’ve come a long way in machine learning and artificial intelligence since the cold war. What if we turned that capability toward identifying the countless scenarios that would require scrambles to comply with – and made our banks’ systems flexible enough to make dynamic compliance [and reporting] easy?

Long after the fact, examiners will dig into what was done during this challenging time. I’m willing to place a wager that findings will emerge of not just incomplete compliance, but also of inadequate data quality routines on BSA reporting. Spoiler alert: These findings are already all over the consent orders today. When short-notice compliance is easy, it becomes a true competitive advantage. When you can prove it through reporting, your regulators have only praise to offer.