Safeguarding Financial Institutions: What Are Transaction Lookback Reviews and Can They Be Prevented?

At a glance

• By law, financial institutions must monitor the transactions that pass through their systems. Ideally, in-house transaction monitoring systems catch potentially fraudulent transactions in real time. But out-of-date alert criteria, inattention and flaws can slip through undetected.
• Independent Reviews can help identify the scope of systemic flaws and offer recommendations for correcting the weakness.
• Larger issues may require a transaction lookback review. While laborious and expensive, a qualified, independent AML compliance partner can help your financial institution complete the review.

Aprio’s Anti-Money Laundering (AML) compliance review services are comprehensive and can help your company weather a suspicious activity storm.

The full story:

Financial institutions are required to monitor the transactions that pass through their systems by law. Ideally the institutions’ in-house anti-money laundering (AML) protocol and transaction monitoring systems are robust enough to catch potentially fraudulent transactions in real time, but that isn’t always possible. Whether it’s due to out-of-date alert criteria, inattention, or a flaw in the systems themselves, potentially suspicious transactions can and do slip through the cracks. 

If a financial institution learns of a flaw in their system or a deficiency in their monitoring criteria, it is common practice to conduct an internal review to identify the problem, its scope, and possible options for resolving the issue.

If the problem is determined to be of sufficient size and severity, it is usually in the financial institution’s best interests to conduct a transaction lookback review – an often laborious and expensive process that may require outside help.

What is a Transaction Lookback Review?

A transaction lookback review is a process by which internal and/or external AML professionals review transactions occurring during a defined period of time to resolve past suspicious activity alerts. The time frame, scope, objectives and types of transactions reviewed differ based on the financial institution in question, as does the amount of time and resources required to perform the review.

A large bank may have to comb through hundreds of thousands or millions of transactions with the help of a small army of external AML consultants, whereas a small or mid-size institution may need a more limited and focused review performed by a lean team of AML specialists from an external consultancy.

Though transaction lookbacks can be very different depending on the institutions and objectives in question, they share several common characteristics.

• They involve reviewing transactions to identify suspicious activity that has already occurred.
• They are perceived as burdensome, intrusive, and often have punitive measures.
• They strain departments ranging from compliance to operations to IT.

Simple in theory, transaction lookbacks are burdensome and expensive. Particularly when they come at the behest of regulators, lookback reviews are disruptive, overwhelming events that can take entire teams away from their ongoing, daily responsibilities.

When Are Transaction Lookback Reviews Necessary?

In theory, transaction lookback reviews should never be necessary. Financial institutions with perfect, up-to-date transaction monitoring systems and dedicated AML teams should be able to catch every suspicious transaction in real time.

Unfortunately, no person, system, or institution is perfect, and there’s always the risk of some part of the process failing to catch all the suspicious activity flowing through the system.

Transaction lookback reviews are usually necessitated by the results of an internal audit or a regulatory review. Financial institutions that identify problems with their controls or transaction monitoring systems may voluntarily perform a lookback review. Voluntary disclosures are almost always desirable compared to the alternative, as regulators are more likely to treat honest and proactive financial institutions more favorably than those who fail to catch or disclose their problems.

As a general rule, the worse the problem, the longer it goes without being addressed, and the greater degree to which regulators must get involved, the worse the resulting fines and penalties will be. To get a sense of just how severe penalties can be, consider what happened to Habib Bank.

Habib Bank: A Cautionary Tale

Habib Bank Limited (HBL) is a multinational bank based in Karachi, Pakistan. Their footprint includes branches in areas such as Kenya, Belgium, Singapore, Cairo and a number of other countries.

HBL opened its New York City branch in the early 1970s. The branch voluntarily closed in 2020, and HBL no longer does business in the United States.

The Department of Financial Services (DFS) conducted an examination of HBL in 2016 and identified compliance failures over anti-money laundering and sanctions violations at HBL’s only U.S. branch. An independent consultant was eventually enlisted to perform a lookback on the bank’s dollar-clearing transaction activity from October 2014 through March 2015.

The results of the lookback and lack of AML controls and compliance spurred two additional lookbacks, one from October 2013 to September 2014, and the other from April 2015 through July 2017. The independent consultants enlisted to perform the lookbacks found a laundry list of alarming violations – so many that DFS sought up to $630 million in penalties against the bank.

The ordeal came to a head in 2017 when then-Financial Services Superintendent Maria T. Vullo announced that the DFS had fined HBL and its New York branch $225 million. It was much less than the original fine, but still became the largest fine ever levied against a Pakistani financial institution.

HBL provides a stark example of what not to do in this situation, as well as the risks and potential fines and penalties that come with regulator-enforced transaction lookbacks.

Cryptocurrency Transaction Lookbacks

Some customers and even cryptocurrency exchange operators may think they are out of reach of regulators because of the exotic and decentralized nature of digital currencies. And while that may have been true in the past, financial regulations are beginning to catch up. Financial regulators aren’t far behind.

A case from 2021 provides an instructive example of potential regulatory actions and penalties imposed on cryptocurrency exchanges. The Financial Crimes Enforcement Network (FinCEN) dug into the AML program (or lack thereof) at the exchange BitMEX, one of the oldest crypto exchanges operating at the time. An investigation found that BitMEX had failed to maintain a compliant AML program, implement a customer identification program, and report suspicious activity on its platform.

Further investigations and lookbacks also found over $200 million in suspicious transactions involving high-risk jurisdictions and fraud schemes, and that BitMEX had failed to file suspicious activity reports on at least 588 suspicious transactions.

These investigations resulted in a $100 million fine levied against BitMEX.

An Ounce of Prevention

Transaction lookback reviews aren’t worst-case scenarios for financial institutions, but they’re definitely undesirable. Every financial institution is advised to do what they can to avoid getting to that point, lest they face the kind of fines and penalties that can potentially damage an otherwise thriving business.

Taking proactive measures is the best way to avoid running afoul of regulators, and Aprio’s AML consultants are uniquely qualified to help.

An AML Independent review, which financial institutions are  required to perform every 12 – 18 months, using Aprio’s AML compliance service is an easy way to check that your AML program is compliant. It’s also a good way to identify gaps in your AML program.

And if your business does need of a transaction lookback or any other AML-related services, Aprio’s AML professionals offer a unique combination of efficiency and versatility that help turn AML-related headaches into success stories.

Related Resources/Assets/Aprio.com articles/pages

Accounting Services for Technology Companies

Blockchain Accounting and Tax Services

Supply Chains: Leveraging Blockchain Can Enhance Transparency

Connect with Aprio’s AML professionals today about your compliance gaps and needs.