You could be an AML analyst, the head of AML, or a compliance officer. Managing manual processes has left you feeling burdened with growing compliance requirements, more customers and data to manage. Or you might have an in-house solution, but with competing priorities in the IT team it's not being kept updated or in line with what you need. The result is that you’re not confident that your system meets all the requirements of your AML programme and mitigates your company’s risk.
So you’ve made the decision that you need an external solution now. You can clearly see a future where compliance is simpler, a dedicated team is there to help you with questions and keeps you ahead of changing regulations with their knowledge and an always updating system.
Now your task is to get the executives, who will ultimately have to approve this purchase, on board with a clear understanding of what benefits can be realised across the business from an AML technology solution.
While AML compliance has traditionally received begrudging allocation of resources as a requirement, there has been a marked increase in interest from boards and executives following the Westpac case, which has made the risks of significant financial and reputational damage clear. There is an increasing need for internal assurance, ensuring that the program addresses the correct level of risk, that your company is compliant, and that any systems and processes in place as part of the AML programme are working as they should.
While compliance can be viewed as a cost to the business, it's important to show that there is much more than the balance sheet to be considered. While ROI is not as easily calculated with the avoidance of potential fines, there is a financial case that can still be made. Using and maintaining manual or outdated systems can be costly not just for the additional time or people that it takes, but also results in time being spent on low value, repetitive tasks and not being able to investigate suspicious activity in-depth and potentially not detecting some types of financial crime.
Here are some top tips for making your case to your senior executives and board:
Know your audience
Ensure you know who you will be presenting to, and what level of involvement they will have in the final decision. What keeps them up at night? Make sure you keep the concerns of these people front of mind when constructing your case. The C-levels we most often see as key stakeholders are CFOs, CEOs, COOs, CROs and CTOS.
What do I need to put in my business case?
Put together a business case that addresses these critical considerations:
- Strategic objective. Any large investment to garner approval from executives should align with the company’s strategic plans. Are you growing or scaling up your business? Will you be going into new markets or adding new products to your portfolio? Are you trying to improve margins and efficiencies?
- The current landscape. Outline the economic and business environment that you are operating in, and what challenges and deficiencies there are with your current solution. Ensure the problem statement, and what you are looking to solve, is clearly expressed.
- Viable options. Only put forward options that are worthy of further discussion. One option you should likely address is keeping the status quo. Presenting options in a table format makes comparison between them much easier, and should include the features, benefits and cost models.
- Recommended option. The executives will be looking to you to provide a recommendation based on your in-depth consideration of the options and insider expertise on the problems needed to solve. Here is where you can go into more depth beyond the features, but also what benefits there are of working with this particular provider, why they are a good fit for your company, and how they will solve your current problems. You can also include references from some of their other customers.
- Implementation plan. Outline a proposed schedule of the stages of work and how it will be managed.
- Outcomes and KPIs. The executive team will want to know with certainty that the identified problems are being addressed. The clearest way is to detail what performance indicators will be measured and how they will be reported back to the execs. You should also indicate which of these may be leading vs lagging indicators, and how long you expect until the full benefits can be realized and reflected in the measures.
- Costs. Ensure that you include all one-off and recurring costs. This should include implementation, ongoing running of the system, training and support services. If you need additional resource internally such as a project manager this should be noted. Make it clear if there is any uncertainty in costs – for example if the scope of work wont be determined until more in-depth engagement with the vendor. You can also note what costs may be offset by the introduction of a new solution.
The devil's in the detail
Make sure you have the right level of detail. These aren’t people who will use the system, but they will want to have an overview of what will be possible.
But make sure you are concise. Time is valuable to this group so eliminate filler words that can dilute your message, and use language that is straight forward, confident and doesn’t induce doubt. Examples of these include "may help", "could alleviate" and so on.
Lastly, and perhaps most importantly, you should have an executive sponsor, who will be your voice at the executive table. They will typically be focused on driving improved outcomes for your business through the use of smart technologies, and will likely want to see your cost benefit analysis, which should of course include cost of compliance breaches in similar industries. The sponsor will also be a good sounding board to ensure your business case is solid and makes sense for your organisation. By following these tips, and aligning benefits and outcomes with company strategy, you can personally influence smart technology decisions that can better streamline your compliance and reduce the likelihood of mistakes and unnecessary fines due to misaligned compliance practices.