AML compliance 5 min read

Pillar 3: How to measure your AML costs

For the love of metrics, how do you measure AML impact?

Ester Eggert
Ester Eggert
AML Product Lead & Former TransferWiser

accountant-563964439-5ad28bfd119fa80036f4f9c0-b45031.jpg If you’ve already read Part 1 around measuring crime fighting and Part 2 on measuring customer impact, then I’m glad you’ve made it this far. If you’re new to this series, though, I’d suggest reading Part 1 and Part 2 before you dive in.

As a quick summary, I’ve split AML (Anti-Money Laundering) KPIs (Key Performance Indicators) into 4 pillars.

Although you might think AML costs are easier to measure than the crime-fighting and customer impact, they’re actually trickier than you’d think.

Pillar 3: AML KPIs based on cost

Cost is often the first thing people jump to when they’re looking to measure something for AML. It does seem logical. Just like in Fraud your company wants to reduce losses, in AML it feels like you can set your KPIs around controlling your spending. But there are some really important questions to consider.

  • Is your spending too much?
  • How much is too much?
  • Is this normal compared to other companies your size?
  • Is this normal compared to other companies that have similar product offerings?
  • Is this normal in your region(s)?

These are all tricky questions, and it’s historically tough to find actual answers to the above. And, also, it’s good to keep in mind that if cost is your only metric, there are some potentially huge risks and downsides. So, to stay balanced, it’s best to mix cost KPIs with measures from the other pillars I’ve mentioned — crime-fighting, customer impact, and compliance.

KPI 1: General compliance cost per transaction

Add up your salary, service, and technology costs. Divide it by your transactions or revenue.

If your business deals in just one simple, straightforward product like money transfers, then you can more easily calculate how much your AML costs per transaction. It’s not a bad way to get an estimate of your spending, and you can track how it changes over time.

If you have multiple products beyond simple money transfers — loans, transfers, asset management, trades and the like — then you can divide by revenue. This will give you AML costs per € of revenue. You can then also compare AML costs between products — loans may be 0.01/€ of revenue whereas cross-border transfers €0.50. This is valuable insight for your product teams.

But, you won’t be able to stop there — you’ll still have to do more thinking. What’s a good number? What’s a bad number? Is €1 per transaction bad and €0.01 per transaction good? Who or what can you compare this number to? Can you exchange this knowledge with peers from other companies? Are there market leaders in these measures?

1_3swo2zu_zxQXjDOAnljQXw.png

KPI 2: Compliance cost as a percentage of total company costs

Add up all your salary, service, and technology costs. Divide that by your company’s total costs.

Because the business was growing so fast, I saw a company who wanted to figure out how much their compliance cost them in the context of running the whole business. Measuring that could give them a larger sense of how well they were scaling as they grew. So, if your company has a long track record of counting costs by department and team, this might be the easiest measure to divide your compliance costs by the company’s costs.

But, if that’s not the case, then one way you can do something similar is by looking at your compliance headcount.

KPI 3: Percentage of compliance headcount

Total your compliance headcount. Divide it by the number of your company’s full time employees.

The great thing about this KPI is that anyone can calculate this in just a couple of minutes. You can also ask peers at similar financial institutions to do the same and compare — just make sure you include the headcount from any outsourced AML services.

However, it’s important to emphasize that it’s key you compare your findings to other companies of similar size and product. Because these numbers vary vastly depending on the company size and actual business offerings.

Let’s take a large bank as an example. Only a tiny percentage of their workforce might be doing compliance work, which sounds great! But that doesn’t mean the bank is more efficient than, say, a large fintech offering only cross-border transfers. It might just mean the bank’s product offering is far more complex — domestic transfers, international transfers, small business loans, mortgages, trades, wealth management, and more — which may mean they need compliance, or different kinds of compliance, for less of their offerings.

But if you’re a mid-sized Fintech and have a fairly straightforward consumer product, it’s easier to benchmark. In that case, if your compliance team is 1/6th of the workforce — that’s probably in a healthy range. But if it’s more like 1/3rd, that’s not so great.

KPI 4: Cost per alert

Add up your salary, service, and technology costs. Divide them by your total number of checked alerts.

I’ve seen quite a few companies use this as their main KPI — finding out how much it costs to investigate the average alert. But this has some pretty big downsides. It misses the larger business picture. And I’ve seen that managers unwittingly pressure agents to move faster and faster. When this happens, all too often agents are driven by fear, which leads to costly mistakes and missing obvious criminal patterns. So it’s something your team should approach with caution. Sadly, it also won’t incentivise your team to reduce the number of alerts by making them more accurate. Instead they’ll do better at this KPI if there are tons of simple false positives.

Summing up your AML cost KPIs

Roughly 75% of compliance costs are people costs, and 25% is technology.(1) But, at Salv, we believe it’s important to bundle both people and technology costs together when possible. Adding technology may cost money, but it often makes an enormous difference in whether your team spends their days diving into complex crime fighting patterns or instead, spends endless days clearing obvious false positives. Here at Salv, we’ve built powerful compliance engines before for the likes of Skype and TransferWise, so we know what it’s like to balance global demands and still fight financial criminals. If you want to know more about what we can do to help your team, get in touch with us today.

Every compliance team has a budget they’ll need to work within, and these KPIs are just a few examples of how you may be able to measure your AML costs. But, as you can can probably guess by now, reducing costs shouldn’t be your only measurable goal in AML — or even the main goal.

  • General compliance cost per transaction
  • Compliance cost as a percentage of total company costs
  • Percentage of compliance headcount
  • Cost per alert

The most important thing is that you keep a healthy balance between the four pillars: mitigating crime, minimizing customer impact, maintaining compliance, and of course, managing your costs.

My last post? Compliance KPIs.

Salv Bridge

Investigate and solve fraud, and increase recovery rates up to 80% with Salv Bridge

Learn more
bridge product mockup
Citations
  1. https://risk.lexisnexis.com/global/en/insights-resources/research/the-true-cost-of-aml-compliance-european-survey
×
ISO/IEC 27001 logo
Aicpa logo
GDPR compliant logo
OWASP logo

We build security to our products and organisation from the start. We use security best practices (incl. ISO 27001, CIS etc.) to ensure that our security management system meets the highest standards.

Salv has an ISO/IEC 27001: 2022 certificate, as well as ISAE 3000 compliant SOC 2 Type 2 report.