7.2. Use of technology by supervisors ("SupTech")
7.2.1. Singapore: Risk-rating, risk surveillance and preparing onsite inspections
Use of technology to risk-rate entities
201. The approach for the inherent risk assessment of banks typically involves the regular collection of some aggregate data from each bank to assess their respective level of ML/TF risks. It is often a labour intensive and time-consuming process, involving a desktop comparison of data across peer banks, and can involve a considerable amount of qualitative judgement.
202. Recognising the potential of data analytics in enhancing ability to collect and process large amounts of data, supervisors have worked with data professionals to compile a comprehensive list of relevant ML/TF risk indicators, designed a form to collect the required data in machine readable format, and developed a risk scoring methodology that is to be applied consistently. Today, the inherent ML/TF risk rating of each financial institution (FI), together with a report on their key risk drivers can be quickly generated once data is received. This has allowed supervisors to better identify and target higher risk FIs for greater supervisory scrutiny. Where unexpected material risk profile changes year-on-year are identified in specific FIs, more timely supervisory intervention can be initiated with the FIs concerned.
Use of technology in risk surveillance
203. Applying techniques such as network link analysis in ML/TF risk surveillance could enable better analysis of risk-relevant source data and yield useful supervisory insight.