The Status Quo
Since 9/11 Financial institutions (FI) have made enormous investments in their AML compliance programs but are still faced with manual processes and complexities in complying with financial crime regulations. It has been estimated by a Wealthinsight report that financial institutions’ spending will exceed $8 billion by 2017, up 36 percent from 2013. Much of this growth is driven to address the high false-positive rates resulting in significant remediation efforts that these rules-based systems generate.
By no means are Financial institutions in this alone. What about those highly paid consultants, who the banks contracted to advise them on building a reliable AML program as well as selecting the proper AML system(s). Also, let’s not forget about the research companies for their research papers that somehow make every software vendor sound surprisingly good, similar to a newspaper horoscope, and last but not least the AML software vendors themselves.
Traditional AML and Fraud systems were never built to fight crime! These are the by-product of business intelligence (BI) software originally created for giving insights into past performance of a corporation. Many of these systems are programmed on software-code that dates back 40 years ago!
So when you hear the phrase battle tested…you know it’s been a long hard fought war.
After 9/11, many vendors seized the opportunity to position their BI software as an AML Compliance solution. This is analog to competing in a Formula One race today with an Oldtimer.
Therefore, many financial institutions find themselves combating sophisticated fraud, money laundering, and terrorist financing schemes with systems that use a combination of outdated BI technology and a rule-based method.
The consequence is these traditional AML/Fraud systems are generating an exceptionally high right of false positives between 75 and 90 percent. In fact, many financial institutions’ compliance programs have continuously felt under-resourced compared to the volume of alerts and reports they must review while trying not to disrupt good business. Thus, financial institutions felt compelled to outsource and those who could afford it built offshore entities in India taking advantage of lower labor cost to maintain their systems and the KYC alerts.
With all the attention on false positives, false negatives have a much better chance of slipping through.
The risk-based approach was supposed to help financial institutions reduce the number of false positives by profiling customers and mitigating them into segments based on their risk exposure. However, clustering customers into unsophisticated categories based merely on products, distribution channels, transactions, geographies, and industries then building generic rules with arbitrarily selected thresholds was a straightforward approach, to say the least, even though somewhat naive.
As a result, of alerts generated on good customers, financial institutions will often decide to tweak a rule for the entire customer category or move those customers to a new sub-category. For this reason, many banks are working with over 200 sub-categories, literally losing the oversight.
RegTech to the rescue!
Financial institutions realize a better approach is needed than just offshoring. Basically, the whole industry is banking (no pun intended) on data and analytics to help simplify complex processes and automate repetitive tasks. Therefore, the industry has turned to artificial intelligence (AI) and machine learning (ML) enabled solutions as the new game changers. Even though, these buzzwords have become a hot topic many don’t even know the difference between the two and use the terms interchangeably. ML refers to a computer system that has the ability to learn how to do specific tasks, in contrast, AI enables computer systems to perform tasks done by humans. While AI can replace some rudimentary tasks, I wouldn’t say that compliance analysts are one of them. Therefore, by applying these technologies, the compliance staff would have more time to deal with non-routine events and complex cases as well as having better information through a cleaner, more traceable process to make objective decisions.
Of course, machine learning models can process tremendous amounts of data, but ML systems still need to learn the difference between a false positive and a false negative and that in real-time. First, there simply isn’t enough good structured data at most companies that can be used for teaching these ML / AI models. IBM’s Watson, named after a Sherlock Holmes character, has learned this hard way. As with every new technology wave CRM, Business Intelligence, Big data, Predictive analytics, or Artificial intelligence, etc. tech companies can’t wait to sprinkle these terms on every bit of their software like fairy dust.
As of June 2017, the Watson AI platform had been trained on six types of cancers which took years and thousands of medical doctors.
Second, bad actors are always adjusting and trying new schemas and third, the financial services landscape is continually changing leaving ML and AI platforms with a real-time knowledge gap. However, appealing this technology might sound to the people watching the bottom-line. The reality is that ML / AI platforms require months and in many cases years of laborious training, as experts must feed vast quantities of well-structured data into the platform for it to be able to draw meaningful conclusions and those conclusions are only based upon the data that it has been trained on.
- Learning transaction behavior of similar customers
- Pinpointing customers with similar transactions behavior
- Discovering transaction activity of customers with similar traits (business type,
geographic location, age, etc.)
- Identifying outlier transactions and outlier customers
- Learning money laundering, fraud, and terrorist financing typologies and identify typology specific risks
- Dynamically learning correlations between alerts which produced verified suspicious activity reports and those that generate false positives
- Continuously analyzing false-positive alerts and learn common predictors
For the most part, financial crime will be driven by advances in technology and this marriage of regulation and technology is not new, in itself. However, with the continual increase in regulatory expectations, the staggering levels of cyber-attacks against financial institutions and the FinTech disruption makes RegTech the perfect partner.
In brief, Regtechs address many gaps in today’s financial crime program by improving automation in the detection of suspicious activity, which would be a significant move from monitoring to preventing financial crime while being more cost-effective and agile!
However, financial institutions have been done this path before putting their faith in technology but this time they would be wise to thoroughly start with small-scale pilot projects. Financial institutions need to invest in data quality as it is a key component of any successful financial crime program. High-quality data leads to better analytics and insights that are so important to accurately teaching ML and AI models but also drive better decisions.
Written by Paul Hamilton
“Top Misconceptions of Cryptocurrency as a Payment System”
Which can be read on Amazon Kindle Unlimited for Free You can find more interesting articles by visiting us on one of the following platforms: AML Knowledge Centre (LinkedIn) or Anti-Bribery and Compliance at the Front-Lines (LinkedIn)
Picture: Semisatch – Shutterstock