Lean Six Sigma Tackles a Bank’s Regulatory Requirements for SARs
Lean Six Sigma processes help a global financial institution eliminate its SARs backlog, improve productivity by 66% and cut cycle time in half.
The Currency and Foreign Transactions Reporting Act of 1970, commonly referred to as the Bank Secrecy Act, or BSA, requires financial institutions to help the U.S. government detect and prevent money laundering. To do this, financial organizations must expeditiously file suspicious activity reports (SARs) so that law enforcement agencies gain maximum benefit from the information. SARs play a critical role in the country’s ability to utilize suspicious transactions to combat terrorism, terrorist financing, money laundering and other financial crimes.
In general, banks monitor and report suspicious activities using programs that include four key, interdependent components:
- the identification of unusual activity (which may include employee identification, law enforcement inquiries, referrals and transaction and surveillance monitoring system output)
- management of alerts
- SAR decision making
- SAR completion and filing
Since one purpose for filing SARs is to bring violations or potential ongoing violations of the law to the attention of appropriate authorities, FinCEN’s guidelines suggest that banks should review suspicious activity at least every 90 days and, if necessary, file a SAR. Since preparation errors and filing weaknesses, including late submissions, can reduce SAR effectiveness, good bank risk managers recognize that the quality of SAR content is critical to the adequacy and effectiveness of the suspicious activity reporting system.
In this paper, we:
- briefly outline how one global financial services company used Lean Six Sigma methodologies to meet the challenges of its SAR 90 day follow up process
- review the results the new solution achieved
A global financial institution’s US-based operations were subject to FinCEN’s 90-day continuing activity monitoring guidelines. The existing process (similar to the bank’s regular review of suspicious activity triggered alerts) had two steps: an initial review of the SAR, called a scrub, followed by further investigation. Plagued with inefficiencies and encumbered by duplicated time, the rolled throughput yield for the existing process was 14%, the scrub yielded another 30% and further investigation yielded 48%. The following challenges were identified:
- volume surges coming into the 90-day continuing review queue from an increasing number of SARs via the investigation queues
- an increased risk of missed FinCEN regulatory deadline
- decreasing productivity per investigator
- inadequately trained resources for handling duplicate review processes
- lack of transparency and performance management tools
Based on this list, Alacer created a task plan that included:
- identifying specific actions to help optimize the scrub and investigative processes
- determining if a “one-touch” process should replace the current two-step review process using productivity differentials as dispositive
- creating performance management transparency to ensure regulatory guidelines are met
- training compliance personnel in Lean Six Sigma to drive the culture for continuous improvement
The Alacer Group had previously applied Lean Six Sigma tools in different process areas within the same financial institution’s risk management and compliance functions. Based on our experience, we knew that these tools could work on the organization’s SARs backlog and processes if skillfully applied. Initially, we focused on establishing a fact-and-data derived baseline that could provide an accurate view of the institution’s current performance across the following dimensions: incoming SAR volumes, aging SARs, costs, productivity, mean and dispersion of review cycle times, and levels of adherence to performance management practices. Once these processes were mapped, we took the following actions:
- “walked the process,” modifying and validating the existing 90-day follow up process map
- created a fishbone analysis that identified 32 root causes limiting desired productivity levels
- identified 38 potential solutions to the root causes
- prioritized the options by weighing each solution’s potential impact against ease of implementation, then winnowing the list to 22 potential fixes (three with high impact)
- identified quick hit, near term and longer term opportunities
- developed final recommendations and an action plan
The remarkable results stretch across several dimensions of value to the institution:
- 80% of the review team now uses a one-touch process, eliminating duplicative efforts, resulting in a 65% improvement in process yield
- a new aging, or vintage, report is now generated daily to deliver insight into productivity levels as well as to forecast risk of non-compliance with regulatory time lines
- productivity improved by 66% and, with the adoption of the one-touch process, cycle time decreased by 50%
- 100% of SARs are now reviewed within the required regulatory time line; none have fallen outside the 90-day review period
- after Lean training sessions were held with line managers and investigators, the organization experienced increased adoption of Lean tools and methodologies in the review process, especially with waste identification.
Like other business processes, risk management and compliance functions can be streamlined through the skillful deployment of Lean Six Sigma principles. The 90-day follow up requirement for SARS is an area of higher risk for financial institutions, and non-compliance comes with hefty fines. Filing a SAR, while not dispositive, at least suggests that the financial institution needs to conduct a timely review of that account or customer as required by law. Missing the deadline for conducting the review is unacceptable. As experienced by this banking institution, meeting the challenge of designing a new review process using Lean Six Sigma practices can not only help law enforcement agencies, it can also result in lower costs and higher productivity.