Latest Products

Getting the SMR right

Thursday 26 April 2018


AML & Financial Crime Congress 


‘Regulatory fatigue’ was the phrase of the day at the Thomson Reuters Australian Regulatory Summit. Yet, regulators still expect to see compliance.

The Australian Transactions Reports and Analysis Centre (AUSTRAC) has demonstrated that, while it wants to collaborate with industry to protect the Australian financial system, they still expect organisations to have robust financial crime compliance programs. As such, the regulator has low tolerance for late suspicious matter reports (SMRs) and threshold transaction reports (TTRs).

At the GRC Institute’s AML & Financial Crime Congress, held in Melbourne last week, AUSTRAC’s Rachel Challis, Director of Strategy, and Daniel Kelen, Intelligence Manager, highlighted what they expect to see in a SMR and what happens to SMRs after they have been submitted.

“Some people are concerned when reporting an SMR that AUSTRAC will think their business is not meeting its other obligations,” Challis said. However, it is actually the reverse. A good SMR is the result of a strong financial crime compliance program.

The regulator can take a company that is in breach, if they accrue 100,000 penalty units, or if an individual accrues 20,000 penalty unity, with each penalty unit being valued at $210; however, this is subject to review later this year.



What happens after an SMR is lodged?
Kelen outlined the details that organisations must include when lodging an SMR. He also highlighted some of the details that are often included, but which can actually be left out. He also agreed that, while it might be easy for AUSTRAC to say suspicious matters need to be reported, the reality is not always so clear-cut.

“From your point of view, it must be infuriating to be monitoring and collecting all this information, and writing all these reports, only to send them through to AUSTRAC and then not receive enough feedback,” he said.

Kelen empathised with this because once AUSTRAC receives a report, they build it into their own products and send it to other agencies. But they don’t always get feedback on the usefulness of these reports from their partners.
 
The Process
So far in 2018, Challis said they have already received around 70,0000 SMRs—a sobering figure, considering in the past such a number has represented the annual total.

She suggested it might make it up to 90,000 before the year is out.
Kelen agreed, saying there is a lot information coming through the door—more information, in fact, than they can look at on an individual basis.

“When I first started in the SMR analysis team as an analyst, I think we were getting about 40,000 SMRs a year,” he said. “That represented the generation beyond being able to look at every single report.”

A prioritisation system was introduced: the Business Rules Engine.

“Business Rules Engine runs over every SMR that comes into the system and basically scans it for things that raise its risk level prioritisation. More often than not, this comes in the form of key words like terrorism, drugs, and organised crime,” he explained.

They also employ triage analysts, who are able to go through approximately one fifth of all the SMRs that come through the engine.

This means once a SMR has been prioritised and has gone past the analyst, it has reached the point where the regulator can look at correlations between the reports coming from their 14,000 REs and discover connections in their partners’ databases.

“Once we look at what we and our partner agencies hold, we make the decision as to whether the activity is worth further dissemination, and whether it is something that might be meaningful to our partner agencies,” Kelen explained.

The other 80% that has not yet been looked at by the triage analysts can help with their work examining broader themes. In addition, they have the ability to go back and look at the first SMR that was ever reported.

Thus, while AUSTRAC may not have not looked at a report, the partner agencies are always working their way through the AUSTRAC database.
 


How to write a good SMR
What to include
  • An SMR is basically is an intelligence product; thus, clarity and timeliness are the two key elements the financial intelligence unit would like to see.
  • Make sure to set the bottom line or the suspicion up-front to avoid it becoming lost in the document.
  • Include all the relevant transaction component details. One of the things AUSTRAC’s rules engine looks for is the volume of activity.
  • Analysts don’t understand every entity and sector AUSTRAC regulates. This means including an explanation as to why your organisation believes a transaction is suspicious, from your own perspective, is very relevant.
What not to include
  • Unnecessary definitions, such as defining Google.
  • Irrelevant data. Ensure all included data is relevant to the suspicious matter.
  • Names of police officers or attachments.
  • Inappropriate images, especially when it comes to suspicious matter reports that might be related to child exploitation.