The term FRAML (abbreviation of Fraud Prevention + Anti Money Laundering) is gaining traction in the compliance industry. Some embrace it, while others remain skeptical. However, amidst evolving regulations and heightened fraud risks, it’s clear that FRAML is poised to become an essential component of daily compliance practices.
The compliance industry is subject to constant change and new regulations. Ignoring it is not an option.
However, before doing anything, it is important for the organization to carry out a proper self-assessment to understand if such an approach can be beneficial to them.
To decode and understand FRAML well, it is worth diving into the two key parts of the FRAML concept.
What is money laundering?
Money laundering is the process of disguising the origin of illegally obtained money so that it appears to come from legitimate sources.
This process allows criminals to use the proceeds of their crimes without attracting the attention of law enforcement. The most common examples of such crimes may include several typologies. Such as drug trafficking, human trafficking, migrant smuggling, counterfeit goods, etc.
This process typically involves three main stages: placement, layering and integration, and the main aim is to separate the money from the illegal source (crime) by using a web of transactions that make it difficult to trace.
What is fraud?
Meanwhile fraud is a deliberate act of deception designed to obtain an unfair or unlawful advantage. It involves deliberately misleading or deceiving another party in order to obtain money, property, services or other benefits to which the perpetrator is not entitled.
Fraud can be categorized in a number of ways. But in this case we will look at several examples from different perspectives:
a) Methods used: Identity theft, phishing, insurance fraud, asset misappropriation, financial statement fraud
b) Population targeted: Consumer fraud, business fraud, government fraud, financial institution fraud
c) Sector Based: Healthcare fraud, Retail fraud, Property fraud
d) Perpetrator Based: Internal Fraud, External Fraud
e) Mechanism Based: Online fraud, Telemarketing fraud, Mail fraud
f) Scheme Based: Ponzi scheme, pyramid scheme
g) Product Based: Credit card, cheque fraud, mortgage fraud
Internal fraud risk
It is important to note that internal fraud is different from the others. It requires a different approach compared to other fraud methods.
Internal fraud (also known as occupational fraud) can be perpetrated by employees, managers or even directors. And such activity usually falls outside the scope of existing money laundering and fraud regulations.
This poses numerous internal threats to all organizations. And it can result in immediate financial loss, long-term reputational damage, operational disruption, etc.
To protect themselves and their reputations from internal fraudsters, companies must take proactive measures and remain vigilant at all times. The risk of internal fraud must be mitigated by implementing robust internal controls, conducting regular audits, promoting a culture of ethical behavior, encouraging whistleblowing and ensuring compliance with regulatory requirements.
Fraud vs. Money laundering
While money laundering and fraud are both financial crimes, they involve different actions, intentions and processes. Here are some differences between the two risks that we need to be aware of:
a) Objectives – Money laundering is focused on “cleaning” funds that have been obtained in an illicit manner, whereas fraud is focused on obtaining certain resources (money, property, resources) through deception.
b) Origin/source of funds – before the three stages of money laundering can occur, there must be a crime that generates the illicit funds, whereas fraud (in most cases) will involve funds that have been earned by the victim in a legitimate way (e.g. salary, pension, etc.), therefore the placement stage may not be relevant.
c) Process – Money laundering in many cases follows the standard 3 stages, while the process of fraud varies depending on the type and can be a single act or a series of acts. For example, a single act may involve an advance payment/fee scenario where the fraudster asks for a single transaction of a larger amount to be sent. When the victim notices that the product or service has not been received, they will understand that they have been tricked and will not want to send any more money. On the other hand, there are series of transactions, such as romance scams, where the victim sends money over a longer period of time until they run out. After that, they understand what has happened and tend to feel ashamed and may not report it to the police, so the crime remains undocumented.
There are other examples, but the key idea is that the detection methods for these two crimes are different. This is where FRAML comes in.
What is FRAML?
In short, FRAML stands for Fraud and Anti-Money Laundering. It is a term more and more used in the compliance world. It describes an integrated approach to managing both fraud and money laundering risks within financial institutions. The term has emerged recently as some financial institutions and regulators have recognised the overlapping nature of fraud and money laundering activities.
In the past, fraud and money laundering were often treated as separate issues, with separate departments, systems and processes. However, as the complexity and sophistication of financial crime has increased, it has been recognised that these two activities are interrelated and that two separate approaches may not be necessary. As a result, organizations should be able to identify, prevent and respond to financial crime risks more effectively.
So, is FRAML the new approach that all financial institutions should strive to implement? Let’s look at some of the arguments for and against adopting such an approach.
Arguments for using FRAML
There are a number of arguments for using the FRAML:
Common techniques
Money launderers and fraudsters often use similar techniques to achieve their goals. Some examples include high frequency of transactions, sending large volumes of transactions, using shell companies, false identities, etc. Therefore, having policies and procedures that simultaneously address the interrelated nature of fraud and money laundering can be a sign of maturity.
Specific industries & business models
Some industries and business models have different risk exposures to money laundering (e.g. no cash payments, use of domestic products). If fraud is the key risk for the business and it needs to comply with money laundering standards, then it seems logical to combine these two areas.
Team synergy
A combined team can streamline operations more effectively, making it easier to share data, insights and best practices between the two areas. This approach can ensure a more efficient use of company resources, especially if the company is small. When the organization is large, separate teams focusing solely on their tasks can create internal barriers and prevent employees from taking a more holistic view.
Regulatory pressure
With fraud figures rising year on year, regulators are increasingly emphasizing the importance of a comprehensive risk management approach. As a result, more emphasis is being placed on the importance of conducting a fraud risk assessment. So having a fraud risk management framework in place can help meet regulatory requirements and avoid penalties. If the organization already conducts an AML/CFT risk assessment, then it makes sense to include a fraud risk assessment.
Technological advancements
Recent advancements enable the integrated analysis of large volumes of data. Such as machine learning, big data analytics and artificial intelligence. And it leads to more accurate detection of suspicious activity across all financial crime compliance areas (preferably in a single unified system).
Arguments against using FRAML
At the same time, the list of arguments for not using the FRAML is also no shorter:
Integration difficulties
Imagine the organisation is already using two different systems for fraud and AML. Combining them can be a complex and/or costly task. Many systems use different architectures and distinctions. This can make integration difficult. While there are companies that promote such FRAML solutions, they may not be suitable for all organisations as they vary in size and needs. In addition, moving to this approach may disrupt existing internal processes for compliance teams. And it may require changes to organisational structure and workflow.
Loss of specialization
Although fraud and AML may share common techniques, they remain two distinct risks. Integrating these two risks under the same category can dilute the specialized knowledge and skills of staff required to effectively detect and investigate financial crime risks.
Need for training
Such an approach may require additional compliance training to explain the similarities and differences between AML and fraud, which can quickly become a time-consuming and expensive task. Even after all this investment, the end result may not be the same level of expertise as specialised teams.
Regulatory risks
FRAML is a new term in the compliance world. That is why regulators may scrutinize the newly integrated approach to ensure it doesn’t compromise either fraud prevention or AML efforts. Regulations for both can differ significantly (depending on the country), so regulators may be looking at areas that may conflict with each other.
Analysis paralysis
New volumes of data from both risks could slow decision making, as analysts may become overwhelmed trying to process and prioritize too much information at once.
Strategic misalignment
Fraud prevention and AML compliance objectives may not always align perfectly. This can potentially lead to misalignment of focus and objectives. A FRAML approach can make it difficult to identify critical threats and take timely action. This is because urgent fraud issues may overshadow critical AML tasks, or vice versa. This can lead to potential gaps in coverage.
Organizational resistance
The human factor is one of the most important things to consider. Of course, not everyone embraces change. It can be scary, so employees and management may resist moving to the new approach. They may prefer to maintain the status quo with specialised teams and processes. After all, they already know what to do. Different teams may have their own cultures, which may disappear after the merger. This can lead to conflict, low morale, high staff turnover and, ultimately, backlogs.
AMLYZE approach to FRAML
Large financial institutions tend to have large, completely separate fraud prevention teams. Meanwhile, smaller and younger financial institutions, neobanks, often fully integrate fraud and AML/CFT teams and operations. The degree of FRAML integration depends largely on a financial institution’s needs, actual resources and capabilities.
Understanding this, AMLYZE, as a provider of AML/CFT solutions, has also integrated the FRAML concept into its product to varying degrees.
From the very first days, AMLYZE has started with the integrated real-time transaction monitoring tool, which helps to stop fraud in its very early stages. In addition, AMLYZE’s transaction monitoring rules library provides a number of specialized anti-fraud rules (you can read our article about transaction monitoring rules here). This is critical because the key difference between using this technology for fraud and for AML/CFT is timing.
AMLYZE continuously implements solutions that effectively identify fraud threats and collaborates on AML/CFT solutions through strategic partnerships.
Despite the level of FRAML integration, the key elements for a holistic approach to fraud risk remain the same in both places: advanced tools, appropriate reporting, communication and organization-wide trainings.
Conclusions
While the FRAML approach offers several benefits, including potential efficiencies and a holistic view of financial crime risk, it also presents significant challenges.
The complexity of integration, potential loss of specialized expertise, regulatory complications and resistance to change are key factors that financial institutions need to consider.
Ultimately, the decision to adopt a FRAML approach depends on the specific circumstances, resources and strategic objectives of the organization.