CRM Archive

0

Financial crime and fraud in the age of cybersecurity

As cybersecurity threats compound the risks of financial crime and fraud, institutions are crossing functional boundaries to enable collaborative resistance.

In 2018, the World Economic Forum noted that fraud and financial crime was a trillion-dollar industry, reporting that private companies spent approximately $8.2 billion on anti–money laundering (AML) controls alone in 2017. The crimes themselves, detected and undetected, have become more numerous and costly than ever. In a widely cited estimate, for every dollar of fraud institutions lose nearly three dollars, once associated costs are added to the fraud loss itself. 1 Risks for banks arise from diverse factors, including vulnerabilities to fraud and financial crime inherent in automation and digitization, massive growth in transaction volumes, and the greater integration of financial systems within countries and internationally. Cybercrime and malicious hacking have also intensified. In the domain of financial crime, meanwhile, regulators continually revise rules, increasingly to account for illegal trafficking and money laundering, and governments have ratcheted up the use of economic sanctions, targeting countries, public and private entities, and even individuals. Institutions are finding that their existing approaches to fighting such crimes cannot satisfactorily handle the many threats and burdens. For this reason, leaders are transforming their operating models to obtain a holistic view of the evolving landscape of financial crime. This view becomes the starting point of efficient and effective management of fraud risk.

The evolution of fraud and financial crime

Fraud and financial crime adapt to developments in the domains they plunder. (Most financial institutions draw a distinction between these two types of crimes: for a view on the distinction, or lack thereof, see the sidebar “Financial crime or fraud?”) With the advent of digitization and automation of financial systems, these crimes have become more electronically sophisticated and impersonal.

Financial crime or fraud?

For purposes of detection, interdiction, and prevention, many institutions draw a distinction between fraud and financial crime. Boundaries are blurring, especially since the rise of cyberthreats, which reveal the extent to which criminal activities have become more complex and interrelated. What’s more, the distinction is not based on law, and regulators sometimes view it as the result of organizational silos. Nevertheless, financial crime has generally meant money laundering and a few other criminal transgressions, including bribery and tax evasion, involving the use of financial services in support of criminal enterprises. It is most often addressed as a compliance issue, as when financial institutions avert fines with anti–money laundering activities. Fraud, on the other hand, generally designates a host of crimes, such as forgery, credit scams, and insider threats, involving deception of financial personnel or services to commit theft. Financial institutions have generally approached fraud as a loss problem, lately applying advanced analytics for detection and even real-time interdiction. As the distinction between these three categories of crime have become less relevant, financial institutions need to use many of the same tools to protect assets against all of them.

One series of crimes, the so-called Carbanak attacks beginning in 2013, well illustrates the cyber profile of much of present-day financial crime and fraud. These were malware-based bank thefts totaling more than $1 billion. The attackers, an organized criminal gang, gained access to systems through phishing and then transferred fraudulently inflated balances to their own accounts or programmed ATMs to dispense cash to waiting accomplices (Exhibit 1).

We strive to provide individuals with disabilities equal access to our website. If you would like information about this content we will be happy to work with you. Please email us at: McKinsey_Website_Accessibility@mckinsey.com

Significantly, this crime was one simultaneous, coordinated attack against many banks. The attackers exhibited a sophisticated knowledge of the cyber environment and likely understood banking processes, controls, and even vulnerabilities arising from siloed organizations and governance. They also made use of several channels, including ATMs, credit and debit cards, and wire transfers. The attacks revealed that meaningful distinctions among cyberattacks, fraud, and financial crime are disappearing. Banks have not yet addressed these new intersections, which transgress the boundary lines most have erected between the types of crimes (Exhibit 2).

More: https://www.mckinsey.com/business-functions/risk

Authors: Salim Hasham is a partner in McKinsey’s New York office, where Shoan Joshi is a senior expert; Daniel Mikkelsen is a senior partner in the London office.

0

Growing your own agility coaches to adopt new ways of working

Agile coaches play a vital role in enterprise-wide agile transformations. To develop enough coaches, companies should create specialized training academies.

Companies are increasingly looking to infuse agility into their operating models. However, as organizations attempt to scale these efforts across their entire business, new challenges that simply didn’t exist at the micro level are beginning to surface. These challenges are especially prevalent where traditional organization silos need to interact.

The big realization for many companies is that scaling agile is not simply a matter of replicating agile practices across more teams. This is why trying to adapt project-management offices (PMOs) to support agile projects or bringing in more scrum masters is unlikely to be effective (see sidebar, “The scrum master’s role in scaling agile”). Rather, agility as an operating model requires the rewiring of core enterprise-wide processes. With this comes a need for the organization to operate differently.
The degree of change required to adopt agile ways of working across an entire organization is simply too large to repurpose existing roles and structures. Only by investing in agility coaches—and a comprehensive program to identify, train, and support them—can companies expect to scale and sustain agile across the enterprise.

To ensure the success of the agility coaching academy, it is critical to have the right support and leadership structure. Typically, the academy is led by a full-time executive who reports to either the CHRO or some other member of the C-suite depending on who is really driving the agile transformation—it could be the CIO, the head of transformation, or the COO. The academy lead is accountable for the following:

  • Setting the strategy and defining the delivery road map for the academy
  • Running the day-to-day operations of the academy, such as building and refining the academy backlog
  • Leading the recruitment of coaches
  • Overseeing learning and development of the trainee agility coaches, and administering the learning and development of graduated coaches
  • Defining the evaluation criteria and mechanisms to measure effectiveness of the agility coaches
  • Deploying the right agility coaches to the right areas and teams
  • Overseeing performance evaluations for the agility coach cohort

More: https://www.mckinsey.com/business-functions/

By Amit Anand, Sahil Merchant, Arun Sunderraj, and Belkis Vasquez-McCall

About the authors: Amit Anand is a senior expert in McKinsey’s Sydney office, Sahil Merchant is a partner in the Melbourne office, Arun Sunderraj is a digital expert in the New York office, and Belkis Vasquez-McCall is a partner in the New Jersey office.

0

Kedro, McKinsey’s first open-source software tool

 

QuantumBlack, the advanced analytics firm we acquired in 2015, has now launched Kedro, an open source tool created specifically for data scientists and engineers. It is a library of code that can be used to create data and machine-learning pipelines. For our non-developer readers, these are the building blocks of an analytics or machine-learning project. “Kedro can change the way data scientists and engineers work,” explains product manager Yetunde Dada, “making it easier to manage large workflows and ensuring a consistent quality of code throughout a project.”

McKinsey has never before created a publicly available, open source tool. “It represents a significant shift for the firm,” notes Jeremy Palmer, CEO of QuantumBlack, “as we continue to balance the value of our proprietary assets with opportunities to engage as part of the developer community, and accelerate as well as share our learning.”

The name Kedro, which derives from the Greek word meaning center or core, signifies that this open-source software provides crucial code for ‘productionizing’ advanced analytics projects. Kedro has two major benefits: it allows teams to collaborate more easily by structuring analytics code in a uniform way so that it flows seamlessly through all stages of a project. This can include consolidating data sources, cleaning data, creating features and feeding the data into machine-learning models for explanatory or predictive analytics.

More: www.mckinsey.com; https://github.com/quantumblacklabs/kedro

  What are the main features of Kedro?

1. Project template and coding standards

  • A standard and easy-to-use project template
  • Configuration for credentials, logging, data loading and Jupyter Notebooks / Lab
  • Test-driven development using pytest
  • Sphinx integration to produce well-documented code

2. Data abstraction and versioning

  • Separation of the compute layer from the data handling layer, including support for different data formats and storage options
  • Versioning for your data sets and machine learning models

3. Modularity and pipeline abstraction

  • Support for pure Python functions, nodes, to break large chunks of code into small independent sections
  • Automatic resolution of dependencies between nodes
  • (coming soon) Visualise your data pipeline with Kedro-Viz, a tool that shows the pipeline structure of Kedro projects

Note: Read our FAQs to learn how we differ from workflow managers like Airflow and Luigi.

4. Feature extensibility

  • A plugin system that injects commands into the Kedro command line interface (CLI)
  • List of officially supported plugins:
    • (coming soon) Kedro-Airflow, making it easy to prototype your data pipeline in Kedro before deploying to Airflow, a workflow scheduler
    • Kedro-Docker, a tool for packaging and shipping Kedro projects within containers
  • Kedro can be deployed locally, on-premise and cloud (AWS, Azure and GCP) servers, or clusters (EMR, Azure HDinsight, GCP and Databricks)

0

Six governing considerations to modernize marketing

Most chief marketing officers (CMOs) understand that the utilization of data, analyses, and algorithms to personalize marketing drives value. Concept tests are becoming more efficient, customer approaches are being accelerated, and revenues are quadrupling in certain channels (Exhibit 1). All the evidence suggests that marketing functions should invest in, collect, and analyze available data to support their decision making.

We strive to provide individuals with disabilities equal access to our website. If you would like information about this content we will be happy to work with you. Please email us at: McKinsey_Website_Accessibility@mckinsey.com

No wonder, then, that one in three CMOs is driving a digitization initiative with high personal involvement, according to a McKinsey survey. Despite notable successes, digital marketing has often stalled in a trial phase for years in many companies. Why is that? We find that the managers responsible often blame it on culture and legacy behavioral patterns (Exhibit 2). These soft factors lie far ahead of technical issues, such as IT infrastructure and data availability, which is not surprising. It is easy enough to buy a new server for the customer database, and even new customer-relationship-manager software is quickly installed. But how does one change the attitudes and behaviors of those who use the technology?

We strive to provide individuals with disabilities equal access to our website. If you would like information about this content we will be happy to work with you. Please email us at: McKinsey_Website_Accessibility@mckinsey.com Based on our experience from a multitude of digital engagements, modernizing the marketing organization to unlock the full potential of the digital revolution requires business leaders to address six considerations.

1. How to centralize guidance and oversight

2. How to bring together marketing and IT (heart and brain)

3. How to build collaboration and agility

4. How to reinvent HR to meet talent demands

5. How to build flexibility into resource planning

6. How to make cultural change a continuous task

Modernizing marketing is a process that relies on multiple factors for success. Only by understanding what these are and by focusing on how to address them can marketers hope to get real value from digital. An earlier version of this article was published in the December 2018 issue of McKinsey’s German-language consumer journal Akzente.

About the authors: Patrick Guggenberger is a consultant in McKinsey’s Vienna office, Miriam Lobis is a partner in the Berlin office, and Patrick Simon and Kai Vollhardt are partners in the Munich office.

More: www.mckinsey.com/industries/

0

McKinsey – Getting organizational redesign right

Companies will better integrate their people, processes, and structures by following nine golden rules.

Recent McKinsey research surveying a large set of global executives suggests that many companies, these days, are in a nearly permanent state of organizational flux. Almost 60 percent of the respondents, for example, told us they had experienced a redesign within the past two years, and an additional 25 percent said they experienced a redesign three or more years ago. A generation or two back, most executives might have experienced some sort of organizational upheaval just a few times over the course of their careers. One plausible explanation for this new flurry of activity is the accelerating pace of strategic change driven by the disruption of industries. As a result, every time a company switches direction, it alters the organization to deliver the hoped-for results. Rather than small, incremental tweaks of the kind that might have been appropriate in the past, today’s organizations often need regular shake-ups of the Big Bang variety.

Frustratingly, it also appears that the frequency of organizational redesign reflects a high level of disappointment with the outcome. According to McKinsey’s research, less than a quarter of organizational-redesign efforts succeed. Forty-four percent run out of steam after getting under way, while a third fail to meet objectives or improve performance after implementation. The good news is that companies can do better—much better. In this article, we’ll describe what we learned when we compared successful and unsuccessful organizational redesigns and explain some rules of the road for executives seeking to improve the odds. Success doesn’t just mean avoiding the expense, wasted time, and morale-sapping skepticism that invariably accompany botched attempts; in our experience, a well-executed redesign pays off quickly in the form of better-motivated employees, greater decisiveness, and a stronger bottom line.

Why redesign the organization?

Organizational redesign involves the integration of structure, processes, and people to support the implementation of strategy and therefore goes beyond the traditional tinkering with “lines and boxes.” Today, it comprises the processes that people follow, the management of individual performance, the recruitment of talent, and the development of employees’ skills. When the organizational redesign of a company matches its strategic intentions, everyone will be primed to execute and deliver them. The company’s structure, processes, and people will all support the most important outcomes and channel the organization’s efforts into achieving them.

When do executives know that an organization isn’t working well and that they need to consider a redesign? Sometimes the answer is obvious: say, after the announcement of a big new regional-growth initiative or following a merger. Other signs may be less visible—for example, a sense that ideas agreed upon at or near the top of the organization aren’t being translated quickly into actions or that executives spend too much time in meetings. These signs suggest that employees might be unclear about their day-to-day work priorities or that decisions are not being implemented. A successful organizational redesign should better focus the resources of a company on its strategic priorities and other growth areas, reduce costs, and improve decision making and accountability.

The case of a consumer-packaged-goods (CPG) company that chose to expand outside its US home base illustrates one typical motivation for a redesign. Under the group’s previous organizational structure, the ostensibly global brand team responsible for marketing was not only located in the United States but had also been rewarded largely on the performance of US operations; it had no systems for monitoring the performance of products elsewhere. To support a new global strategy and to develop truly international brands and products, the company separated US marketing from its global counterpart and put in place a new structure (including changes to the top team), new processes, new systems, and a new approach to performance management. This intensive redesign helped promote international growth, especially in key emerging markets such as Russia (where sales tripled) and China (where they have nearly doubled).

By Steven Aronowitz, Aaron De Smet, and Deirdre McGinty

More: https://www.mckinsey.com/