AML Model Validation for a US Bank Holding Company

Client: US Bank Holding Company

 

Objective

 

Helping a US bank holding company meet regulatory requirements by validating its anti-money laundering (AML) model.

 

Key Challenge

 

A US bank holding company needed to validate its AML model, a vendor model from Actimize. The validation of this model was key to meeting the requirements of Bank Secrecy Act (BSA) /AML regulatory guidelines, because the model helps identify the high-risk entities who may be partaking in money laundering and terrorist financing activities. The model is also central to customer due diligence (CDD), know your customer (KYC) for new customers, and real-time monitoring of the existing customers. Validation needed to be completed on a stringent deadline.
 

 

Business Objective

 

  • Ensure that the model is aligned with the regulatory requirements and effectively captures risk factors and scores
  • Data, process, and system validation
  • Complete the exercise within the stipulated (rigorous) time-frame

 

CRISIL's Solution

 

CRISIL designed a validation process that met all operational and regulatory requirements. It consisted of the following activities:

1. Model documentation alignment

  • BSA/AML regulatory guidelines. For instance, establishing whether the model identifies a PEP, gives a higher risk to the geography which has been identified as high-risk, etc.
  • Internal model documentation standards (based on SR 11-7 guidelines). For instance, establishing whether the model documentation contains results for the User Acceptance Testing (UAT), results for the system integration testing, assumptions with their relevance, risk and limitations, roles and responsibilities for the model implementation, validation, and use.
  • Values in the production system. For instance, confirming that the risk factors, attributes and scores, and LOBs covered are same in the production system as provided in the model documentation/other documents.

2. Data validation/integrity check

  • Sufficiency of controls around the data mapping process.
  • Results of data mapping process done as part of UAT to assess whether the model is capturing complete and accurate information from the source data.
  • M&M plan to determine if the data mapping process will be monitored on a regular basis in the future.

3. Model Tuning

  • The Model Tuning done during implementation would determine the performance of the model and provide basis for further tuning.
  • Implemented changes, in various tuning processes, to the risk factors, attributes of the risk factors, and scores given to various attributes of the risk factors.

4. Evaluation of overrides (identified false positives)

  • Made during the model production, establishing whether overrides are being tracked and monitored on a regular basis.
     

Client Impact

 

  • The models were validated within a stringent deadline. Model documentation deficiencies were identified and resolved, and multiple processes including tuning process, were improved.

Request for services

Error Msg
Error Msg
Error Msg

Questions



Looking for high-end research and risk services? Reach out to us at:

 

United States
1-855-595-2100/
+1 646 292 3520

 

United Kingdom
+44 (0) 870 333 6336

India
+91 22 33 42 3000 /
+91 22 61 72 3000