Anti-money laundering and counter-terrorist financing

Money laundering involves taking proceeds obtained via criminal activity and disguising their origin to make them appear to have been derived from a legitimate source. This allows criminals to realize the benefits of their crimes. Money laundering is a type of financial crime; other financial crimes include fraud and terrorism financing. All financial crimes exact substantial costs to individuals and institutions and can have potentially devastating consequences for society.

The technique of money laundering basically involves placement, layering and integration – often a complex series of transactions, from depositing funds to moving them into what appears to be legitimate assets. Financial institutions are a primary target of money laundering in the sense that the criminals exploit weaknesses in the global financial system to obfuscate the trail of illicit funds.

Therefore, we have anti-money laundering

Financial institutions in most countries are mandated by law to actively monitor and report suspicious activity that occurs within their institutions. The collective techniques and processes used by financial companies to do this are typically referred to as “anti-money laundering” or AML. Financial institutions combat terrorist financing by similar means, using programs collectively known as “counter-financing of terrorism” or CFT. An essential element for both AML and CFT is using data analysis to detect unusual activity during processing – by monitoring transactions, customers and the network of behaviors.

Financial institutions should combat money laundering and terrorist financing because it’s a moral imperative to do so. But they also need to:

• Comply with regulations to monitor customers and transactional activity and to report suspicious activity.
• Protect their brand reputation and shareholder value from being associated with criminal elements such as organized crime; human, drug or arms trafficking; and government corruption.
• Avoid consent orders, as well as civil and criminal penalties, levied because of noncompliance or negligence. These may disrupt business as usual (such as cease and desist orders), putting limits on a bank until resolution is reached.
• Reduce costs in fines and added costs of doing business for illegitimate entities; reduce the amount of capital reserved for risk exposure; and reduce employee and IT costs spent on trying to achieve more accurate detection.

What is government’s role?

Across the world, countries have enacted legislation to criminalize money laundering and related offenses. The international body for enforcement, FATF, encourages and assists countries to create a financial intelligence unit (FIU) responsible for managing the flow of information between institutions and law enforcement agencies.

Government legislation and regulation by each country’s FIU have placed the responsibility on financial institutions to be the first defense against money laundering and terrorist financing. By reporting potential suspicious activity to the government via suspicious transaction reports (STRs) and suspicious activity reports (SARs), banks alert law enforcement to possible criminal activities.

To this end, regulatory bodies have enacted critical legislation that banks must comply with to enforce anti-money laundering:

• US: USA Patriot Act, Bank Secrecy Act.
• Europe: EU Fourth Anti-Money Laundering Directive (4AMLD).
• Canada: Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA).
• Australia: Anti-Money Laundering and Counter-Terrorism Financing Act of 2006.

The AML/CFT regulatory and compliance landscape

Criminal charges. Big fines. Negative publicity on compliance lapses and penalties. All of these create reputational risks by deflating public perceptions of the integrity of institutions. Numerous financial institutions are dealt fines for lapses in their AML and sanctions programs – especially branches of foreign banks.

AML regulations combine money laundering (source of funds) with terrorism financing (destination of funds). International AML rules and regulations from FATF in 1989 were intended to maintain and promote the ethical and economic advantages of a legally credible and stable financial market.

Monetary authorities from all over the world have increased focus on compliance and globalization, and financial institutions are moving from reacting to regulations to embracing a more risk-based, prescriptive approach in assessing AML/CTF activity. In general, financial institutions are required to perform the following (varying by jurisdiction):

• Customer identification program/know your customer (KYC): Proper identification and verification of customers to insure legitimate identification. Higher risk products and services (e.g., private banking) require more in-depth collection of information such as source of funds, tax returns, letters of incorporation, and the identification of ultimate beneficial owners.
• Large currency transaction reporting: Cash transactions above a certain threshold ($10,000 in the US) by a single customer during a business day require the institution to file a regulatory report. In the US, it’s referred to as a “CTR.”
• SAR/STR monitoring and reporting: Regulatory agencies publish guidelines for types of behavior that should be monitored (e.g., structuring means making numerous cash deposits or withdrawals over several days to avoid a currency reporting threshold.) If an AML analyst/investigator determines the subject’s behavior has no apparent business purpose and exceeds reporting thresholds, then a SAR/STR is filed to the FIU, and the institution’s regulatory obligation is fulfilled.
• Sanctions compliance: Regulatory bodies such as Her Majesty’s Treasury, OSFI, Interpol and the United Nations require financial institutions to check transaction parties against lists of sanctioned individuals, companies, institutions and countries, for example, OFAC specially designated nationals.

Industry trends

The financial services industry has invested billions in IT to monitor illicit activity. These automated systems can also generate mounds of work items if not properly deployed. Even though the industry has invested heavily to combat money laundering, the industry is questioning how effective these efforts have been based upon meager asset forfeitures and convictions relative to the growth in SAR/STR filings. Examination guides and typology reports are well-intended, but when applied generally, may not accurately reflect a firm’s real risks.

According to a PwC study, 12 percent of financial services firms have not conducted AML/CTF risk assessments across their global footprint. Top systems challenges include complexity of upgrading systems and data quality, with many still hampered by legacy monitoring systems that are proving to be burdensome and expensive to tune and maintain.

As technologies like artificial intelligence (AI) and machine learning have become more prevalent, the next generation of technologies is automating manual processes associated with client risk rating, acquisition of third-party data, behavioral monitoring, prioritization and workflow throughout the financial crimes risk management process. More sophisticated firms employ segmentation, scoring and optimization strategies to achieve efficient and effective identification of financial crimes risks.

We see the evolution of the industry moving toward best practices that address three key disciplines:

• Operational processes from detection to regulatory filing.
• Validation processes to satisfy model governance and optimization objectives.
• Human intelligence for complex or special risk investigations often associated with transnational criminal organizations.

Public and private sectors are turning to AI and machine learning to automate many of the processes supporting the functions above. SAS^® financial crimes solutions provide embedded machine learning techniques in many areas:

• Alert/case enrichment: Automating the aggregation of historical transaction, KYC and geographic location information to improve time to resolve investigations.
• Alert scoring: Bayesian algorithms designed to relatively score all subjects of investigations.
• Client risk rating: Logistic regression for empirical scoring of money laundering risk exposure for a client.
• Scenario authoring: Automated authoring of detection logic using decision tree methodology as opposed to simple floors and ceilings.
• Peer-based anomaly detection: Applying unsupervised learning to identify abnormal behavior for a subject relative to peers.
• Rare-event detection: Near-neighbor unsupervised clustering to identify similar subjects to a subject of interest, e.g., law enforcement inquiry.
• Image recognition: Application of cognitive computing to identify and classify trade finance documents for automation of detection.

While AI and machine learning provide significant promise to move the industry toward a more efficient and effective paradigm, many institutions recognize that the “single view of customer risk” should be extended across multiple types of risk and consume events from multiple detection and surveillance systems.

Moving toward an integrated financial crimes strategy

Most institutions have dedicated detection, alert management and case management treatment for money laundering, fraud or cyberattacks. However, institutions recognize that criminals are perpetrating a variety of crimes that may go undetected, or may be handled incorrectly when viewed within a silo. Regulatory guidance also suggests that firms can establish a holistic view of financial crimes risk. Progressive institutions are pursuing enterprise strategies for integrating data, analytics and workflow across disparate systems and job responsibilities.

Ideally, investigators should be aware that a subject of an AML investigation is party to a fraud investigation. As data becomes aggregated to a party or network level, the accuracy of prediction significantly increases, and workload is handled more efficiently.

Big data architectures and in-memory processing have reduced the barrier to entry to aggregate larger data sets while deploying more sophisticated machine learning methods. Applying a common reference architecture (depicted above) to mitigate multiple risks allows institutions to amortize their technology investments, gain a holistic view of party risk, and have a more efficient process for continuously learning from case outcomes.

Recommendations for modernization of AML/CFT practices

• Understand your data, appreciate the impact of proper data mapping for detection, and strive for a single view of the customer across products, services and customer types.
• Integrate your monitoring and investigative processes with your KYC/client risk rating processes.
• Adopt behavioral detection techniques using behavioral profiles as opposed to static rule strategies. Perform client segmentation to provide more balanced coverage.
• Automate the generation of link analysis using a combination of transaction data, KYC, and third-party data for special risk investigations.
• Provide a clear audit trail that includes data provisioning, mapping, detection and resolution. Be able to explain and defend your risk management strategies.
• Establish a sandbox environment that has a mirror image of production data for development, testing and validation of machine learning strategies. Run parallel strategies for business-as-usual comparison prior to deploying AI.
• Plan for the cloud. Whether on-premises or through a third party, prepare for the advantages of new computing models that can significantly reduce the cost of compliance.