- In this special contributor report, a tech-savvy thought leader takes a look ahead at what will be key financial crime program fulcrum points, regulatory focal points and how best to use technology and partnerships to achieve effectiveness.
- Sujata Dasgupta is making these predictions informed by the last decade and her more than 20 years of experience in financial services, cognizant that banks in recent years have been pushed to better analyze and wield data to more efficiently manage a broad array of rising anti-money laundering (AML), fraud and sanctions risks.
- Some snapshots: Facial recognition, artificial intelligence and other analytics technologies are set to transform the more rote areas of AML and get a much more precise risk ranking for a customer – allowing teams to spend more time linking larger scale and potentially criminal interlinked threat actors.
By Sujata Dasgupta
Global Head, Financial Crimes and Compliance Advisory, Tata Consultancy Services
December 23, 2020
2020 was a year of contrasts, with the new year heralding unprecedented progress and development, and a pandemic soon after that eclipsed all such possibilities pausing lives and economies across the globe!
Yet life had to go on, so almost every service managed fast track digitization – a clear sign of accelerated technology adoption. But the tectonic behavioral shift fueled complex new typologies of financial crimes enabled by the same advanced technology!
As we step into the new year, which is also the threshold of the next decade, here are some emerging strategies which financial institutions are most likely to adopt in their fight against increasingly sophisticated financial crimes.
1. KYX: Smart IDV for the ‘X’ factor
- The last decade – Know your customer, or KYC has assumed immense importance in the last decade, and has transformed from being a ‘tick in the box’ documentation exercise to a key pillar in the financial crimes compliance (FCC) framework for banks and financial institutions (FIs). Risk based AML regulations laid the foundation for KYC to monitor customer risks and behavior profile, that in turn formed the backbone for other FCC functions like Sanctions screening, transaction monitoring, anti-fraud, anti-bribery & corruption and so on.
- Future forward – The rigors of KYC due diligence are expanding both horizontally and vertically. FIs are now required to monitor not just customers, but also several other associated parties like employees, vendors, contractors, fintech and channel partners and so on. These various parties form the ‘Xs’ on the horizontal scale, considering the broadened scope. In case of customers, due diligence has become a lot more focused and stringent for each category, e.g. retail, corporate, small & medium enterprises (SMEs), money service businesses (MSBs), charities, correspondent banks and so on. These form the ‘Xs’ on the vertical scale, considering the depth of customer focus required for each niche category.
- Enabling smart IDV for KYX – Facial recognition, OCR, NLP and forensic scan based digital identification and verification (IDV) solutions for retail customers, employees and prospects have already seen adoption among several FIs and got accelerated with COVID-19 induced proliferation of digital services. Niche solutions catering to IDV of each KYX segment are now poised to make their mark in the next couple of years. From external data collation to comparison with customer provided data, verification from source (e.g. Company Registries) or third party databases, generation of corporate and ownership structures, ultimate beneficial owners, network graphs, risk scores and other insights, the solutions will look to integrate with FIs’ due diligence workflow. This will eliminate FI Analysts’ need to spend time on data gathering and allow them to make intelligent decisioning based on the analytical insights.
2. Dynamic customer due diligence for real time risk management
- The last decade – Risk based AML has been widely adopted by FIs, with periodic customer reviews linked to their risk ratings. In general, high risk customers are reviewed every 1 year, medium risk every 3 years, and low risk every 5 years.
- Future forward – In today’s dynamic digital world, waiting for 1, 3 or 5 years to review and refresh customer data exposes FIs to risks of outdated customer information in the interim. This in turn impacts monitoring of customers and their activities without their accurate information. Compelling conversations have started gaining momentum on conducting near-real time reviews of customers and their activities, based on dynamic event based triggers. This mechanism of incremental updates to customer profile every time there is an identified material change, gathered from internal or external data sources, promises to keep customer risk profiles dynamically current. Perpetual, dynamic KYC is most certainly going to be a best practice in the next few years.
- Enabling AI powered dynamic KYC – Data as we all know is the new oil for running compliance. And given the exponential volume, variety and velocity of data that needs to be processed for conducting dynamic KYC of millions of customers in any FI, AI based solutions are the only way forward. From contextual matching of adverse media, to insights generation from integrated internally and externally sourced data, visualizing complex ownership structures and beneficial owners, niche digital solutions will form the building blocks of dynamic KYC platforms.
3. AI augmented Investigation Workbench
- The last decade – AML investigations have remained largely manual functions. However, most FIs have implemented or are exploring alert auto suppression by using either machine learning or robotic automation for system generated alerts identified as most likely to be false. This reduces the alerts for manual investigation by up to a maximum of 30%, as has been observed in most FIs. The rest of the alerts still require manual rigour for closure.
- Future forward – With growing transaction volumes and complexity of financial crimes, purely relying on manual investigation is turning out to be ineffective and inefficient. Leveraging advanced technology driven by data and powered by AI to generate insights on the alerts can enable Analysts to review the holistic information on the entity, hidden networks, risk scores across multiple dimensions and so on. This can enhance the quality of alert decisioning and case closure within a reduced turnaround time.
- AI powered investigation decisioning – Alert investigation requires substantial data gathering as relevant for the alert. FIs have already started working towards data centralization in the past few years. The next step is integration of external data with the internal to generate meaningful insights, and augment alerts and cases with such intelligence. Entity resolution, network graphs, dynamic visualizations with cross filters, and enriched alert information can be embedded within the investigation workflow as relevant for each alert. This visual story telling will enable judicious and quicker decision making on alerts disposition by Analysts.
4. Analytics-as-a-Service for AML model optimization and insights generation
- The last decade – Comprehensive review of AML detection model performance and scenario tuning was adopted and conducted by most FIs at least once every year. What started as a manual exercise has now slowly transitioned to analytics driven review and tuning, thus enhancing the efficiency.
- Future forward – FIs design their own AML models, with scenarios and thresholds completely based on each FI’s risk appetite, except for the specific cases where Regulations mandate a threshold. With collaboration among FIs increasing in the fight against financial crimes, the time is mature for them to share insights on AML model performance and use results from multiple FIs to finetune and optimize their own models.
- Shared analytics for AML model optimization – Sharing anonymized AML model and performance data by FIs on a cloud based analytics platform for insights generation and model tuning is a promising collaborative approach. The shared platform can be leveraged to generate patterns and insights on criminal behaviour and enable identification of new rules or optimize existing ones through advanced analytics. The platform generated recommendations for revised AML models and thresholds can be validated by each FI for deployment of the most optimally tuned AML model.
5. PPP Collaboration on FinCrime intelligence and data sharing
- The last decade – FIs across the world have been working in isolation in their fight against financial crimes, while criminals are organized in networks across countries and jurisdictions. Regulators and Law Enforcement agencies do not have access to information on suspected criminal activities outside their own jurisdiction – a loophole that is being exploited by criminals.
- Future forward – Interbank collaboration on sharing data and information on financial crimes has been a subject of active discussion during the past 2 years. FATF provided a boost to this initiative recently with promises to drive the agenda of PPP (public private partnership) collaboration on fincrime intelligence sharing. Australia’s Fintel alliance, UK’s JMLIT (Joint Money Laundering Intelligence Taskforce) and Estonia’s AML Bridge are some of the initial yet auspicious steps in this direction. Such initiatives are now being explored in several other countries like USA, Lithuania, Latvia and Belgium already, and we expect to see such collaboration being emulated across other regions as well in the next few years.
- PETs to enable secure fincrime intelligence sharing – Data privacy regulations, like GDPR in Europe, restrict sharing of customer information among FIs without the formers’ consent. While Regulators are working on ways to resolve this conflict, innovations on privacy enhancing technologies (PETs) tested through POCs so far have delivered positive results in secure encrypted information sharing without revealing the underlying customer PII data. While the world awaits Regulators’ guidance on data sharing in this context, technology is providing a way around this constraint.
Purpose-driven, data-driven AML dives, with a focus on collaboration, results
AML compliance in the next decade promises to be strongly driven by data and powered by AI.
Collaboration among market participants is expected to grow across the financial crimes compliance value chain – from KYC through Sanctions screening, PEP and adverse media screening, transaction monitoring, model tuning, rules management, event triggers for EDD, intelligence sharing and possibly much more!
Human oversight will get more sophisticated, shifting from data collation and review to decisioning based on visualizations and analytical insights.
All the three pillars of AML compliance – people, process, technology – are set to undergo a paradigm shift across the industry as we step into the new decade. Interesting times lay ahead – our journey has just begun!
About the author
Sujata Dasgupta is the Global Head (Financial Crimes Compliance Advisory) at Tata Consultancy Services Ltd., and based in Stockholm, Sweden.
She has had a rich global exposure through her work with premier banks in several major financial hubs, viz. New York, London, Singapore, Hong Kong, Frankfurt and Nordics.
She is an accomplished thought leader, author, columnist and speaker, and is regularly interviewed by reputed international journals for her analysis and opinions on contemporary topics in this area.