INDIVIDUALS PERFORMING REGULATOR-ORDERED LOOKBACKS SHOULD USE FACIAL RECOGNITION SOFTWARE PROGRAMS TO CONFIRM IDENTITIES

If you carefully read the $40m Consent Order issued by the New York State Department of Financial Services, against Dubai's Mashreqbank PSC, you know that a Compliance Consultant must now be engaged to perform, among other tasks, a Lookback for a six-month period in 2016. He or she must then submit a report on the Transaction Review to NYSDFS. The methodology for conducting the Transaction review must be submitted in advance, to the regulator, the the individual, who has been designated in the Consent Order as the "Lookback Consultant."

It is submitted since "The sole and exclusive objective of this review ... is to inform the Bank's remediation efforts by determining whether suspicious activity involving high risk customers, or transactions or transactions or possible money laundering at, by, and through the Branch, were properly identified and reported, in accordance with suspicious activity reporting regulations and  New York Law." Consent Order at 10-11, that the Lookback Consultant, to more effectively prove that proper reporting actions were taken, or alternatively to show that they did not occur, all the individuals whose accounts the Branch reported on SARs should have their identites verified using a facial recognition software (FRS) program. Additionally, any transactions that the consultant deems, after review, should have been the subject of a SAR, must include FRS checks on all individuals linked to those transactions.

The object of the use of an FRS program in a Lookback is to verify that the Bank properly identified their customer, counterparties, transferees, and any other party to high risk transactions that were reported on SARs. It also allows the consultant to verify identities, or aliases, in transactions that he or she considers unreported suspicious transactions, where the bank failed to catch it.

In essence, the use of FRS programs not only checks the accuracy of a bank's ability to conduct Customer Identification, it can also expose an operational money laundering network whose participants are employing clean aliases, so as not to give away their dodgy personal histories. They will either help clear a bank, or focus in on compliance failures. These results can only occur when an FRS program is employed. While some compliance officers may still consider them optional, the ability of an innovative financial criminal to achieve a new identity at will requires that you rule out such possible actions of bank customers.

 FRS programs be deployed whenever Enhanced Due Diligence procedures are necessary. One can no longer depend upon government-issued forms of identification to identify a client. In the Mashreqbank case, it may be the only thing that actually clears the bank's compliance staff; use FRS as often as you check a customer or client on commercial off-the-shelf databases, to avoid being  deceived by smart financial criminals. Let the Mashreqbank $40m fine speak for itself.