Quantexa and ITFA Publish Practical Framework Advancing FinCrime Compliance Innovation

“The transition to a new MSA (Monitoring for Suspicious Activity) approach begins with acknowledging that the FI's legacy approach is nearing the limits of its effectiveness, and that the new approach must be distinct because the FI's overall financial crime risk management framework has evolved in line with the growing sophistication of criminal behaviour.”

           Wolfberg Group, 2025 

Through its Financial Crime Compliance Initiative (FCCi), the International Trade and Forfaiting Association (ITFA) brings together industry leaders to address the evolving challenges of compliance and technology adoption. 

This blog draws on the latest ITFA FCCi white paper, “Advanced Technology Operationalisation Framework for Financial Institutions & Vendors," authored by Quantexa’s Elizaveta Savinykh and Aurelia Bucicoiu. The paper is a direct response to the FCCi’s commitment to practical and actionable best practice guidelines for financial crime compliance, a focus driven by an FCCi survey that gathered market feedback on the biggest challenges in FinCrime compliance. 

Rather than being a theoretical exercise, the paper provides practical tools, such as a Technology Impact Assessment Questionnaire and a Machine Learning Model Card template, that financial institutions (FIs) and technology vendors can use to strengthen Model Risk Management (MRM) outcomes, as well as to balance out innovative financial crime and compliance risk management approaches. By following the proposed framework, vendors will boost their competitiveness, efficiency, and reputation. FIs can use it to strengthen governance, enhance transparency, and accelerate adoption of new technologies. 

Navigating a threefold challenge 

Technological innovation has accelerated, presenting FIs with new opportunities but also exposing them to greater risks. Traditional governance and control frameworks often prove inadequate for these new technologies. This increases operational risk and slows down adoption. As a result, many AI initiatives introduce new vulnerabilities and fail to deliver expected value, which draws increased regulatory scrutiny. 

The struggles faced by both technology vendors and FIs can be grouped into three main areas: 

• Nature of technology: Recent advancements have made banking technologies much more complex and harder for FIs to interpret, putting additional pressure on MRM frameworks.  

• Regulatory change and uncertainty: MRM frameworks have expanded globally, but regulatory uncertainty remains, with varying definitions and requirements across jurisdictions, and inconsistent expectations for vendors. 

• Increased reliance on vendors: As advanced technologies become more complex, FIs increasingly rely on third-party vendors, which creates challenges like a widening knowledge gap, intellectual property barriers, and a lack of transparency in the vendor ecosystem. 

The ITFA FCCi working group saw a clear opportunity to reduce the MRM challenges by developing a set of best-practice recommendations to guide interactions and expectations between FIs and vendors. The objective of the paper is to propose a common framework for FI-vendor operationalization standards consisting of guiding principles and best practices across the technology lifecycle. 

Practical recommendations for a vendor-FI partnership

• Joint pursuit of value

  Value realization as a joint pursuit should be central to any technology initiative, with FIs and vendors working together to align objectives and leverage vendor expertise for optimal outcomes. 

• MRM governance as a strategic enabler

  When vendors and FIs consider MRM governance as a strategic enabler, they see model risk management not just as a compliance requirement, but as a foundation for successfully adopting new technology. 

• Aligned documentation

  Aligning tech industry documentation standards with those of regulated industries reduces the friction associated with the knowledge transfer from vendors to users. It also increases the transparency and explainability required for a successful deployment. 

• Hybrid multidisciplinary teams

  Setting up teams that represent all areas of the organization impacted by the advanced technology, while embedding vendor expertise, promotes knowledge synergies and protects against blind spots. 

• Data and AI literacy

  Treating data literacy and AI literacy as core competencies across the workforce and allocating significant leadership attention to them ensures knowledge is disseminated across every role that requires an understanding of how technology impacts their specific function. 

Establishing clear operational risk standards across the technology lifecycle  

The FCCi paper outlines best practices for deploying advanced technology across the technology deployment lifecycle phases: 

1. Problem/Opportunity Identification & Solution Selection – FIs should assess the advanced technology to see if it’s appropriate for their needs and clarify their objectives. They should involve vendors early to ensure alignment and transparency. 

2. Mobilization – Findings from the initial phase inform project planning, resource allocation, and the embedding of MRM activities from the outset. 

3. Implementation/Deployment – This phase focuses on ensuring transparency, accountability, traceability, robust data governance, and thorough testing. Decisions and configurations must be well documented for validation. 

4. Production – Once the technology is live, institutions must monitor performance, track total cost of ownership, and measure outcomes. This requires ongoing collaboration between governance teams and vendors. 

Throughout all phases, the framework emphasizes embedding collaboration, governance, and clear documentation into every phase. FIs should use structured questionnaires to guide decisions and ensure alignment with objectives. These steps will make technology deployment practical and effective. 

Strengthening MRM through collaboration and shared best practices 

While FIs are ultimately accountable for the effective risk management of the technologies they deploy, the growing complexity of these solutions and increasing reliance on third-party providers highlight the need for stronger alignment and more structured collaboration between FIs and technology vendors in managing technology risk.  

The ITFA FCCi guidelines offer a comprehensive, actionable framework for operationalizing advanced technology. By adopting a shared set of best practices, FIs and vendors can strengthen technology risk management, improve efficiency, and enable more scalable and resilient advanced technology adoption across the industry. 

Looking ahead 

Innovation in FinCrime prevention is transforming the way institutions protect their customers, their reputations, and the integrity of the global financial system. But innovation without control introduces new forms of risk. At Quantexa, we believe that this framework can be the foundation for innovation that endures, ensuring every analytical decision and AI-driven insight can be trusted. 

FIs are under pressure to deliver faster, smarter, and more adaptive responses to financial crime. Embedding the FCCi’s recommended framework into this transformation offers a strategic advantage. Strong model governance, for example, empowers organizations to innovate with confidence and accelerate responsible adoption of AI. It demonstrates transparency to regulators, partners, and customers alike. 

At Quantexa, we help our clients successfully operationalize the latest in FinCrime controls and achieve long-lasting and effective transformation, combining contextual understanding with clear, auditable decision-making. This allows FIs to harness advanced analytics and AI safely, effectively, and at scale. 

Together, we can build the next generation of FinCrime prevention—one that is intelligent, explainable, and resilient by design. Reach out to find out more, or download the ITFA report.