Money laundering destroys value. It facilitates economic crime and nefarious activities such as corruption, terrorism, tax evasion, and drug and human trafficking, by holding or transferring the funds necessary to commit these crimes. It can be detrimental to an organisation’s reputation – and its bottom line. – PWC Global Economic Crime Survey, 2016
As a percentage of global GDP, money laundering transactions are estimated to be 2 to 5%, of which less than 1% of violations are detected, according to the PWC study mentioned above. This is a staggering figure, not just because of the numbers, but because of the activities propagated by these illicit transactions – terrorism and human trafficking among the most loathsome.
Governments around the world, aware of and concerned by this problem, have taken action in many ways, the most direct of which likely involve projects and missions hidden from the public view. More visibly however, governments have also put the onus on the financial institutions that unknowingly (one would hope) facilitate this illicit activity. Strict regulations are in place for both customer onboarding (know your customer or “KYC” practices) and transaction monitoring (anti-money laundering or “AML” practices). One example of a recent penalty is the $16.5M fine levied on Credit Suisse in 2016 for deficiencies in its practices. As described on amlabc.com:
FINRA found that Credit Suisse’s suspicious activity monitoring program was deficient in two respects. First, Credit Suisse primarily relied on its registered representatives to identify and escalate potentially suspicious trading, including in microcap stock transactions. In practice, however, high-risk activity was not always escalated and investigated, as required. Second, the firm’s automated surveillance system to monitor for potentially suspicious money movements was not properly implemented. A significant portion of the data feeds into the system were missing information or had other issues that compromised the system’s effectiveness. The firm also chose not to utilize certain available scenarios designed to identify common suspicious patterns and activities, and it failed to adequately investigate activity identified by the scenarios that the firm did utilize.
While governments may be focused on “catching the bad guys”, banks are mainly incentivized to comply with regulations, not necessarily to minimize illegal activity (taking a strict Lockean view of self- interest) – the financial penalty (as well as a reputational one) is designed for banks to comply with a set of dynamic (e.g. ever evolving) rules set forth by governments. These kind of measures ensure that banks will remain focused on compliance – and to do this properly, banks have and will continue to spend massive amounts of capital on avoiding violations.
Each bank takes separate steps to comply with these complex regulations, but what is consistent across firms is that the processes are incredibly manual. While many solutions are used to flag bad actors in both the KYC and AML spaces, the workflow is fragmented and antiquated. Hundreds of analysts spending thousands of hours downloading and parsing through information manually in order to comply with these regulations is a byproduct of banks trying to keep up with regulations by building on legacy systems. There are great products out there for specific tasks (e.g. voice recognition and ID fraud detection services), but the overall workflow is broken.
The solution to this is a “human-in-the-loop” workflow platform. A service that can integrate with current systems (and/or replace other systems) already in place at banks (this optionality is sure to decrease sales cycles) that can use machine learning models to decrease the costs of compliance and to increase the performance of compliance practices.
Based on conversations with industry experts, it is believed that at least 70% (a conservative estimate) of cases are clear “flag” or “no flag” situations – yet analysts must still parse through each and every transaction in the current workflows. By automating these easy-to-solve cases, banks can employ fewer higher performing analysts whose performance should be improved by focusing only on the “interesting” cases, which comprise a minority of the overall transaction base.
Models can be trained on historical data using machine learning models, and then continue to adapt as new information (the manual inputs from the 30% of cases that analysts assess), providing an ever-improving solution. While data security will clearly be an issue, and banks may opt for on-premise solutions, the more data that can be anonymized and aggregated across banks, the better the models will perform and the more effective the solution will be.
Humans may never be completely eliminated from the process, not only because regulations are unlikely to allow it, but also because banks would certainly be hesitant to completely leave their compliance fate to a series of machine learning algorithms, but the massive cost savings and performance improvement provided by such a solution would be a huge boon banks’ compliance practices. Beyond this, one could imagine similar systems being equally useful to governments, whose goals are more focused on catching the bad guys – though that is a use case beyond the scope of this post!
Sources:
8|