How Process Intelligence Accelerates GRC Efforts for Financial Services

The focus of all organizations and leaders this year has, rightfully so, been to protect its customers and employees. Over 90% of the workforce is now working remotely, outside the boundaries of the traditional office, while customers forge ahead into uncertainty. Indeed the world now looks very different from what it did at the start of the year. But one thing is clear: this is the new normal.

But as financial services institutions (FSI) look to overcome ongoing challenges to managing risk, the need to improve governance and exert control over processes and activities remains critical. Add in digital transformations, upgrades to aging technology, and dealing with increased regulatory scrutiny, there is immense pressure on governance, risk, and compliance (GRC) teams. Between 2019 and 2020, regulatory fines and penalties on FSIs have exceeded over $11 billion, largely due to financial crimes, a lack of adequate supervisory controls, and governance and risk management failures.

Managing GRC in our new normal requires a new approach. Detailing the interconnectedness of people, process, technology, and data is crucial to mitigating risk, improving compliance, and aligning governance with business goals. Leveraging artificial intelligence, computer vision, and deep learning models, also known as process intelligence, is now an important tool in the toolkit for the GRC practitioners, and officers across multiple lines of defense.

Where Process Intelligence Makes the Difference
Only by understanding the reality of your business processes can you be effective in improving internal controls. FortressIQ decodes work to provide the detailed current-state assessments, which give you the process intelligence to make data-driven decisions. It captures tasks at the most granular level, with no bias or digital blind spots. It works across all applications, through each department across the enterprise, and for every single process. It’s also faster and less expensive than traditional process mapping and mining methods, yet provides much higher accuracy to reduce rework and accelerate improvements.

Process intelligence provides GRC a powerful tool, and extends into financial crime, audit and assurance, operations, lending, and many other areas requiring execution of manual, repeatable tasks and usage of multiple systems and applications. With a deeper understanding of how your business actually works, strategic and tactical changes can be implemented effectively and efficiently, and with better oversight.

Converting Process Risk into Data Transparency
Below are key areas where process intelligence helps FSIs understand their current-state processes at the most granular level, and which can be leveraged effectively at scale:

  1. Enterprise-wide Risk Management (ERM): Process intelligence provides a detailed understanding of end-to-end processes at the enterprise level across key functional areas. This detail improves how risks are identified, captured, aggregated, and reported. Specifically, end-user computing tools are identified to highlight when and where manual workarounds occur. Examples include complex compilation and computation tasks performed by Risk Management, Operations, Finance, and Treasury to calculate market risk, credit risk, liquidity risks, capital and liquidity ratios, and more. Additionally, these granular process insights can then be leveraged for operational risk and control self-assessments (RCSA).
  2. Data Governance: To ensure effective management of BCBS standards, the Data Management office can leverage process intelligence to track which data points are captured manually. That’s essential to running the business and managing risks. Understanding the key sources of data (internal or external, such as regulatory websites or third-party data) and how the data is consumed (data inputs and outputs) within the organization can be tracked and measured.
  3. Compliance Risk Management: Compliance officers can leverage process intelligence to ensure adequate procedures are in place for process governance. In addition, simplified and standardized regulatory reporting processes. For example, a leading FSI mapped its trade reporting (blue sheets) processes, which included heavy user intervention and dependency on multiple applications and platforms, to execute regulatory requests. The number of regulatory requests had quadrupled in just a few months due to market volatility, which slowed down efforts and created a constant backlog. Within 7 days of deploying FortressIQ, and without disruption or utilization of a compliance officer’s time, the FSI was able to map end-to-end processes from request receival to submission. Compliance is now fully aware of the current state procedures and its complexities, and the output is being used as a business requirement document for process re-design and automation.
  4. Internal Controls: By understanding business processes at the most granular level, as well as detailing how key applications and platforms are used at the user level, internal controls can be strengthened and validated by all lines of defense. The procedure documentation, analytics, and insights can then be leveraged by Compliance, Risk Management, and Internal Audit to understand processes, manage risks, and validate and strengthen internal controls.

Process Intelligence for Every Line of Defense
Process intelligence brings visibility into each line of defense within an FSI by following the human and the process instead of application logs or consultant interviews. Advanced computer vision, machine learning, and artificial intelligence capture every process step quickly and accurately, with zero integration and universal compatibility. This automated business process discovery, modeling, and documentation surfaces data and insights unattainable with traditional methods, but instantly usable by GRC across their purview and across the enterprise.

Three Lines of Defense Model

Process Intelligence is a valuable tool that uncovers the real usage of all governance, risk and compliance workflow tools and technologies. FSIs require transparency above all, and FortressIQ delivers real-time, data-driven insights that create a detailed map of your business – across all applications, through each department, and for every single process.

We can help your GRC efforts, too. Just click here to let us know how to get in touch.

Transforming BSA/AML and KYC with Process Intelligence Technologies

The U.S. Bank Secrecy Act (BSA) of 1970 was one of the first Anti-Money Laundering (AML) and Know Your Customer (KYC) laws. It required companies and financial institutions to establish and report on internal controls and other measures put in place to prevent the facilitation of financial crimes. Other similar laws exist in countries around the world, creating a complex web of potential compliance issues for financial services companies.

Between 2008 and 2018, financial institutions worldwide have paid an estimated US$26 billion in fines and penalties as a result of violations to these regulations. That’s an average of $2.6 billion per year. However, government scrutiny of money laundering is now at an all-time high. Financial Institutions were fined US$5.6 billion in the first half of 2020 alone for non-compliance with AML, KYC, and related regulations. If the trend continues, it would represent a 430% increase over the previous ten-year average.

It is increasingly clear that compliance with these regulations is critical to the sustainability of every financial institution. Unfortunately, the traditional means of transforming your BSA/AML processes are woefully inadequate. But there are new technologies helping accelerate and increase the success of BSA/AML transformation.

Does Your AML/KYC Process Add Risk?

While it is the responsibility of all employees, partners, and suppliers to prevent an organization from facilitating financial crimes, Client Lifecycle Management (CLM) and Compliance are the two departments playing key roles in defining and implementing the required internal controls. CLM is the first line of defense within any organization. Compliance acts as the second line of defense, responsible for policy making, escalation, and resolution, as well as performing independent risk management. Auditors, the third line of defense, ensure any risk governance framework complies with regulatory guidance.

Three Lines of Defense Model

Before taking on a new client, a due diligence process is generally conducted to evaluate the client’s risk rating. It begins with a basic understanding of the client’s identity, the risk involved, and an understanding of their financial habits. Onboarding high-risk customers and politically-exposed persons requires enhanced due diligence with additional assessments of the client’s geographic location, source of funds, and purpose of the transaction, and may require ongoing monitoring.

This is an important task that typically happens as follows:

  1. Pre-onboarding checks are conducted by working with Sales, Risk Management, Legal, Compliance, and others to collect and review relevant client data, product information, and documents as mandated by the regulatory authorities.
  2. Teams then update multiple systems of record to ensure a client’s readiness to transact.
  3. Post-onboarding processes then include on-going client reviews and continuous monitoring, managing client and counterparty data and records, and potentially, client off-boarding.

This process can quickly become complex, especially at global organizations spanning multiple geographies with various policy interpretations, competing rules and regulations, and related data housed in multiple and disconnected software applications. That last point adds risk, especially when data is not integrated, thereby forcing considerable amounts of manual, repetitive, error-prone work. The result is increased operational, reputational, and financial risk.

Additional risks arise from policy interpretations and potentially incorrect execution of processes, which both depend on the experience of KYC analysts. It is indeed demanding for analysts to make critical decisions that require focused thinking while concurrently performing important yet mundane manual data-entry tasks.

Add it all up and your AML/KYC process is exposing you to more risk, which is exactly the opposite of what it is supposed to do!

Transforming BSA/AML with Success

Transforming any enterprise process can be daunting, for good reason. A study by McKinsey & Company indicates that a staggering 70% of large transformation projects fail to deliver expected results. Reasons may include unclear objectives, lack of leadership, and lack of commitment. But looking deeper, transformation projects are frequently derailed when teams underestimate process complexity. It’s a huge undertaking to identify the appropriate processes, perform detailed current state assessments, develop business requirements, and keep an eye on budgets. Then, for any transformed process, adequate training is required, and even minimal employee turnover can add to the challenges.

When focused on AML/KYC processes, the need for a successful transformation can be critical to your organization’s survival.

But help is available from point solutions such as Microsoft Power Automate, which uses Robotics and artificial intelligence (AI) to help organizations streamline, standardize, and automate routine tasks. Many financial institutions are also leveraging cognitive natural language processing (NLP), with focused solutions such as DDIQ by Exiger, to accelerate adverse media and sanctions screening processes related to clients.

AML/KYC platform providers can help streamline end-to-end processes. But successful implementation of these types of platforms largely depends on the quality of the business requirements and clearly defined compliance policies. It’s also dependent on the prevailing regulatory rules, final user acceptance testing and training. In reality, it takes many months for organizations to fully understand and effectively leverage these platforms, which adds further delays to already complex transformation projects.

FortressIQ is playing a key role in a successful AML/KYC transformation by converting a process problem into a big data problem. FortressIQ performs detailed current state assessments to provide near real-time process intelligence. It then provides the insights to make data-driven decisions.

Using computer vision, NLP, OCR, and deep learning algorithms, FortressIQ will:

  • Capture tasks at the most granular level, with no bias or blind spots;
  • Provide faster time to value by generating detailed, enterprise-wide process insights in just 2-4 weeks and without consuming worker time; and
  • Cost much less than human consultants, including eliminating documentation errors and the related rework.

Insights provided by FortressIQ can be leveraged by functional and transformation teams to collaborate on areas that matter: process enhancement, automation, and training.

Effectively managing your AML/KYC risk is critical to the success and reputation of your organization. Process intelligence and emerging technologies can help mitigate these risks, speed up the transformation journey, and enhance the customer and employee experience. It could also prevent a AML/KYC violation, which is becoming an increasingly expensive prospect.

FortressIQ Exits Stealth with $16 Million in Funding to Bring Cognitive Process Analysis to the Enterprise

Its Virtual Process Analyst combines Computer Vision + Natural Language + Sequence Modeling to accelerate digital transformation projects for the Global 2000, reducing current state assessments from months to weeks, lowering costs by up to 90%

  • Innovative AI platform automates the understanding of processes, amplifying an organization’s ability to leverage technologies such as Robotic Process Automation and Conversational Agents
  • Process comprehension surpasses existing technologies by connecting disjointed processes and uncovering business rules–without any integrations, log access or manual data mapping

SAN FRANCISCO, December 4, 2018 – FortressIQ, creator of a cognitive automation platform that powers and accelerates digital transformation through imitation learning, today announced it has raised $12 million in Series A financing from Lightspeed Venture Partners. This new capital extends $4 million in seed funding from Boldstart Ventures, Comcast Ventures and Eniac Ventures, bringing the total funds raised to date to $16 million.

Founded in 2017, FortressIQ pioneered a fundamentally new way for Global 2000 companies to achieve their transformation goals. Recognizing that the largest obstacle to digital transformation is the lack of detailed information on current state of operations, FortressIQ spent 18 months working with corporate transformation teams building AI to solve their most pressing needs. This powerful platform addresses Peter Drucker’s age-old maxim that “If you can’t measure it, you can’t improve it,” by delivering the quantified workforce and providing the data today’s enterprise needs to optimize their transformation initiatives.

“FortressIQ’s technology provides the insights necessary for a global organization to integrate the digital workforce into their operations,” said Nakul Mandan, partner at Lightspeed Venture Partners. “We think the company’s strong management team, with its data-driven approach, is uniquely positioned to alter the expensive, slow and inefficient methodologies that prevent businesses from fully realizing their digital transformation initiatives today.”

Each year, billions of dollars and millions of hours are spent with process analysts interviewing users and generating documentation. The large diversity, age and customization of enterprise applications has made traditional technical solutions to this problem impossible, forcing organizations that want a detailed understanding of their complex operations down a laborious and often error-prone path that can take months for a single business function. As PwC puts it, we should “imagine a world in which automation tools watch how we work, then use artificial intelligence (AI)-driven insights to tell us how to work better (or upgrade our work efforts for us) on the fly.” FortressIQ delivers that vision.

How the FortressIQ Cognitive Automation Platform Works

At the heart of the platform is the FortressIQ Virtual Process Analyst, which structurally changes how companies acquire knowledge of their operations, learning the same way that humans do, through observation. The Virtual Process Analyst transparently learns a business process and all its permutations as they occur in real-time, then assesses, analyzes and provides valuable insights to guide operational change in days.

Leveraging computer vision instead of user interviews, APIs or transaction logs, the Virtual Process Analyst requires zero integration and can work with any application, on premise or cloud based, instantly. FortressIQ provides a time to value in weeks, and meets all the needs of compliance, IT/Infosec and operations.

“We’re thrilled to partner with a premier enterprise investor like Lightspeed, which has deep knowledge of the Global 2000 and their digital needs,” said Pankaj Chowdhry, founder and CEO of FortressIQ. “After speaking with hundreds of companies it became clear that the dollars being wasted on process assessments and documentation are a ‘tax on innovation,’ syphoning dollars from transformation initiatives. To address this grim reality, we’re delivering on the promise of cognitive automation with the GA release of our platform, putting us in a strong position to build on the sales momentum and traction we’re already experiencing with Fortune 500 companies.”

FortressIQ will be at the Intelligent Automation Austin conference on December 4-5. Stop by booth 35 to learn more and see a demo of FortressIQ’s imitation learning technology in action.

About FortressIQ

FortressIQ is the creator of a cognitive automation platform that powers and accelerates digital transformation through imitation learning. Using an innovative type of AI that combines computer vision, natural language and sequence modeling, FortressIQ learns how a business functions through live activity analysis. By radically lowering the cost, effort and time required to document business processes, Global 2000 customers can use FortressIQ’s platform to quickly gain the insights necessary to improve business operations. The FortressIQ platform requires no integration or API access, works with all applications whether proprietary or commercial, and delivers a time to value in weeks.

Founded in 2017, FortressIQ is backed by Lightspeed Venture Partners, Boldstart Ventures, Comcast Ventures and Eniac Ventures. To learn more please visit: https://www.fortressiq.com/

Media Contact: Jill Reed Sift Communications jill.reed@siftpr.com