The war between the various financial sectors and money laundering has led financial institutions to set up technologically intelligent weapons. Thus, these institutions aim to use sophisticated analytical technologies such as machine learning to combat various financial crimes effectively. Furthermore, financial institutions are confronted with criminals and regulators who are imposing increasingly severe sanctions for offenses. Branches, which fear supervisor sanctions and damage to their reputation, are more dedicated than ever in their efforts to combat money laundering and the financing of terrorism (AML / CFT).
The compliance teams who are under all this pressure from regulators believe that “machine learning” is the miracle solution for the AML. Sanction Scanner would like to point out that machine learning is not new as a concept, but recent is its use in combating money laundering. Its usefulness is particularly important for reducing the number of false positives (false alerts) that are generated through traditional AML devices.
Also, the areas of AML / CFT that are likely to be covered by these new technologies are very numerous, in particular:
- Customer knowledge (KYC), which involves due diligence and adequate customer profiles, such as verifying the origin of funds
- Monitoring of transactions, which includes investigations of alerts.
Thus, new technologies will play a potentially huge role in the field of AML / CFT, but they cannot entirely replace human judgment, which remains very important in these processes. Therefore, the aim will be to enrich the existing AML / CFT devices with the various technologies of artificial intelligence (AI).
In this paper, we will focus on the uses of AI technologies in the field of AML / CFT. In the second part, we will present the challenges that must be met by KYC / AML software publishers as well as financial institutions to upgrade traditional AML / FT systems.
All regulators talk about innovations without giving details on how they see the role of AI or how they might react to a financial institution that is on the wrong track. On December 3, 2018, four American prudential regulators and Fincen met with encouraging banks to “examine, assess and, if necessary, implement approaches to comply with their AML compliance obligations.”
Banks, in their interpretation of this statement, discern how to use machine learning.
New technologies that can be supported in AML devices include, but are not limited to:
- AI and machine learning
- Robotic process automation (RPA) and intelligent automation
- Analysis of unstructured data
- Natural language generation
- Cloud-based analysis tools
The compliance teams estimate that between 1% and 2% of AML alerts become the Declaration of Suspicion (DS). Machine learning and AI will be the most transformative, helping to identify and deactivate the 98% of cases that are false positives. This will allow more resources to be allocated for 2% of cases that are more likely to be suspect.
Among the AI techniques that can reduce the rate of false positives, we cite the following examples:
- Semantic analysis to identify correspondences triggered by redundant data.
- Statistical analysis of customer information files to identify high-risk entities likely to represent a true positive result. In addition, the results of analysts’ decisions can be reintroduced into the system to pilot prioritization algorithms activated with machine learning in order to eliminate probable false positives during the next transaction monitoring.
Machine learning models can be developed to help detect changes in customer behavior by analyzing their transactions. This technique can be implemented to enrich existing devices which are based on monitoring via rule engines. This will make it possible to detect customers with suspicious activity for an investigation stage. Indeed, what is missing in traditional behavioral analysis devices is the new patterns that can emerge because money launderers are generally one step ahead.
In order to implement a risk-based approach to customer knowledge (KYC), financial institutions are increasingly seeking to understand the customer’s professional, institutional, political, and social context by analyzing large amounts of external data, including information and media, public archives, social networks, and other open-source data sources.
A traditional name search can find matches in external data. Still, it can neither provide the context in which the name appears nor discern relationships with politically exposed persons (PEP) or high-risk entities or assess other risk indicators from these sources. Thus, natural language processing and AI techniques are necessary to analyze unstructured data and establish these connections.
It is crucial that advanced analysis of unstructured data not only increases efficiency by automating enhanced vigilance processes, but it also identifies relationships and risks that could otherwise remain undetected.
RPA can be combined with AI techniques to provide intelligent automation of “Know Your Customer” tasks. Among its applications, we cite in particular the following:
- Aggregate internal customer data to create customer views across all accounts, including data deduplication and reconciliation across multiple back-end systems.
- Collection and assembly of information from relevant external data sources to create customer profiles.
- Enrichment of alerts using external and internal data.
- Creation of files, in case of management devices, containing identified KYC controls, alerts, profile information, and all enriching data such as geolocation data.
- Analysis and presentation of beneficial owners using data from external databases.
Advanced technologies can also increase regulatory reporting efficiency, which is a delicate point in the AML / CFT value chain. The RPA can be used to populate regulatory reporting formats with existing data and to archive reports electronically. The automated generation of regulatory reports has long been a feature of traditional reporting modules in Know Your Customer and Anti-Money Laundering tools. The limitation of these systems is the narration of the suspicious activity report written by analysts. Advances in natural language generation (NLG) now allow relevant information about detected cases to be gathered in a coherent narrative that will be provided to the analyst for examination or modification, thus supporting assisted creation of reports.
On the other hand, regulators, financial intelligence units, and the board of directors or general management internally require many reports with different intervals to monitor AML / CFT activity. And nothing more understandable than having reported in natural language.
Artificial intelligence and other next-generation technologies are capable of improving the efficiency and accuracy of KYC / AML processes. However, some technical, operational, regulatory, and institutional problems are likely to hinder the adoption of these technologies.
Data quality and management have always presented challenges for the various KYC / AML operations. Indeed, data collection and management involves the processing of massive amounts of heterogeneous and complex data. Data management continues to represent a huge challenge for the implementation of new generation solutions:
- Redundant data silos and back-end systems prevent the creation of holistic customer profiles.
- The integration, cleaning, and deduplication of data from several management systems are essential to obtain a 360-degree view of customers.
- The data’s quality and shortcomings present challenges for the resolution of entities, the detection of relationships, and the assessment of client risks.
- Finding specific types of data, such as beneficial owner data or international KYC information or legal person information, poses another problem, and specialized data providers have emerged to address some of these problems.
- From a regulatory point of view, the data protection law and other regulations relating to data confidentiality potentially limit the use of personal data such as social data, for the purposes of knowing the client. These regulations should be adapted to the framework of the fight against money laundering.
Next-generation technologies may require significant data processing and storage capacities. In the KYC / AML context, this is particularly true for the analysis of unstructured data, which can involve the processing of large volumes of external data. The development of proprietary, turnkey solutions integrating AI, machine learning, RPA, or NLG requires sophisticated technology and data processing capacities, which are generally beyond the reach of the organizations concerned.
KYC / AML systems are dominated by a rules-based approach that has been developed over several decades with significant investment from financial institutions, software publishers, and regulators. This has resulted in the creation of systems required by regulators for the development, refinement, and maintenance of business rules. The regulatory focus on the governance model and demonstrable results pose fundamental challenges to AI approaches for monitoring AML operations and can also be an obstacle to adopting an assessment and AI-based risk rating in the context of KYC. It is possible to solve this problem by developing advanced solutions that can be superimposed on the KYC / AML software package implemented.
Financial institutions, particularly compliance departments, are often reluctant to take risks. Indeed, there are valid reasons to fear to entrust sensitive customer data and data from KYC systems to cloud services. If data security issues are addressed, successful experiences multiplied and regulators accustomed to AI technologies, financial institutions will see next-generation approaches to AML / KYC as a stable, if not essential, alternative to improving the effectiveness of AML / CFT systems.
The application of AI, machine learning, robotics, and NLP to KYC / AML systems is still in its infancy. Although these technologies have already demonstrated their ability to achieve significant gains in terms of efficiency and productivity, there are still limits to what they can achieve. Publishers exploring the use of new technologies for KYC / AML systems will need to determine if the specific needs can be met by implementing proof of concept available to financial institutions to assess the value of these benefits.