When the current U.S. anti-money-laundering regime began with enactment of the 1970 Bank Secrecy Act, it had a limited focus. The law had been developed to help identify the source, volume, and movement of currency, and other monetary instruments, primarily related to drug traffic.
Flash forward almost five decades later. We can marvel at AML’s phenomenal growth in scope and importance. Financial institutions of all types now expend vast amounts of staff resources, money, and management attention on AML compliance. The bar keeps rising and the stakes are high, including public sanctions; large fines; holding individuals personally accountable for noncompliance; and significant reputational risk.
Five pillars and growing expectations
An AML program satisfactory to supervisors involves implementation and risk-based management of a number of moving parts, beginning with addressing the traditional four pillars of AML compliance—tailored internal controls, independent testing, ongoing training, and designation of a dedicated AML officer with sufficient resources. Plus we now have a formal fifth AML pillar that focuses on ongoing customer-based risk.
To meet these ever-growing demands and comply with industry standards, today’s AML programs increasingly must rely on sophisticated automated analytical and digital processes and tools.
A prime example: The new FinCEN rule governing beneficial ownership. The new rule presents the challenge of looking through multiple, complex layers of legal ownership to understand key hierarchies, associations, and relationships and the risks they pose. This must be done globally, and firms must keep pace with the enormous number of changes continuously occurring.
Satisfying beneficial ownership and other AML requirements cannot be done using outdated and inefficient manual processes. The days of having scores of humans manually googling people and institutions and relying on internet pages filled with unstructured data are past.
Banks must use advanced digital solutions to comprehensively scour worldwide public and non-public sources to ensure data quality; quickly and effectively draw out, sift through, and analyze massive amounts of structured and unstructured information to reach meaningful conclusions; and make results available in a user-friendly manner.
5 tech paths to compliance
Let’s briefly explore five innovative digital and analytical technologies that can optimize AML compliance.
1. Cognitive computing
Cognitive computing has multiple definitions. But the key concept is making computer systems understand more of what the user wants.
Digital assistants that can manage large amounts of structured and unstructured information, and reconcile ambiguous and even self-contradictory data, which are good examples of cognitive computing, are constantly improving. Such tools enable humans to perform a range of activities not possible even a few years ago, including auto-replying to emails with custom and context specific messages and more easily supporting complex queries.
Cognitive computing’s key benefit in our context is the ability to enhance assessment of AML risk portfolios. The technology does so by presenting information, such as data used to build customer profiles, in a timely, natural, and usable way. The technology also makes determinations that are evidence-based; evaluates multiple options; assesses vast amounts of data and their connections; and continually evolves to account for new outcomes and actions.
2. Graph analytics
Graph analytics explores relationships between individuals; e.g., they are used in such prompts such as “Do you know this person?” and “Would you like to connect?”
Graph analytics thrive on high levels of complexity and interconnectedness and in discerning significant relationship patterns among varied data types. A simple example of its understanding of shared customer attributes and, thus, extension to AML is the ability to pose the question, “Could these two supposedly different people actually be the same person?”
In addition to considering individuals, graph analytics can determine relationships among AML documents to make connections and flag anomalies, often with low levels of false positives.
Graph analytics also can be a particularly powerful tool in meeting beneficial ownership requirements. An entire network infrastructure and all its links to third parties can be represented in graphs, thus simplifying the process of understanding and tracing complex organizational structures.
With the current advances in traversing social graphs and available computing power, it is possible to conduct such analytics at web-scale, further expanding the possibilities of understanding the ecosystem of risk actors.
3. Machine learning
Machine learning is primarily about pattern detection. In traditional computer programming the rules are specified beforehand. In machine learning, the system acquires its own rules, based on the data and patterns found. This has profound implications for AML.
The Fair Isaac Corporation recently stated that machine learning is core to its vision for FICO scores and AML compliance, and the technology continues to gain more and more acceptance across the financial services industry. Increasingly advanced forms of machine learning now are approaching sophisticated levels of artificial intelligence.
Risk scoring presents a good example of the benefits of machine learning. Traditionally, rules are specified in advance. In contrast, a scoring model based on machine learning “learns” from the data directly. A key requirement is that during the system’s training phase, data on known high-risk customers, products, and geographies is presented as examples. The system then leverages its learning to risk-score based on patterns not initially obvious—or appearing merely random.
4. Cloud computing
The use of a virtual private cloud can help significantly with the rationalization of disparate data sources both within and external to an institution.
In performing know your customer, beneficial ownership, or other required AML remediation activities, it is not uncommon for an analyst to need to interact with a large number of systems. Using cloud computing facilitates accessing, bringing together, and enriching needed data.
Cloud computing also offers a number of other benefits, such as improved risk-scoring capability. This is particularly true with the advent of advanced risk systems that can learn from data over time. Moreover, the historic concerns regarding cloud-based AML solutions, particularly in relation to data security, are increasingly being allayed.
5. Robotic process automation
RPA can be deployed as an initial solution while efforts around cloud computing and data enrichment are underway. With RPA, software robots emulate the login, point, click, and copy-and-paste actions of a human user in a rapid but specified sequence.
The advantage for AML systems is that the data can stay disparate, as each robot has its own credentials and is tackling the inherent multiple system inefficiencies through speed and repetitions.
Note that limitations can arise; e.g, with exceptions processing or other activities where data rationalization and pattern detection challenges are not easily addressed.
The bottom line is that state-of-the-art technology, analytics, and data management are keys to successful implementation of an AML compliance program that meets industry standards and regulatory expectations, and at the same time stays ahead of the curve to address future changes more easily and efficiently.
About the authors
Armen Kherlopian is a vice-president in the Chief Science Office of the Analytics & Research practice at Genpact, a leader in digitally powered business process management and services.
Jeffrey Ingber is a consultant in Genpact’s AML practice and a former senior vice-president at the Federal Reserve Bank of New York. Ingber oversaw the legal and compliance risk department.