IBM RegTech Innovations

Intelligent AML: How banks use advanced analytics to achieve a compliance win-win

Share this post:

A few weeks ago, my colleague Sam Kalyanam discussed the challenge facing financial institutions regarding the way they conduct anti-money laundering (AML) compliance. They face an important decision: maintain the status quo, thereby adding to the swelling ranks of their AML compliance teams, or leap ahead by applying cutting edge techniques to existing labor-intensive processes. If you’re still reading this, I’m guessing you’ll pick the latter.

AML inefficiency is not a new issue

Let’s be honest, banks and other institutions have been dealing with sub-par compliance processes for a long time. KPMG’s “Global Anti-Money Laundering Survey” from 2014 highlights the pain points institutions were feeling then: increasing transaction monitoring costs with diminishing satisfaction, average AML compliance investment greater than 50% from 2004 to 2014, and transaction monitoring and recruitment representing two of the top three areas of spend. Has anything really changed?

Well, technology has. What was theoretical or cutting-edge four years ago is now in use by financial institutions from regional banks to top ten global institutions. And the AML transaction monitoring process is the ideal place for a number of technologies to not only improve detection, but also the resolution of issues where most time is spent.

AI + ML + RPA + NLP = Modern, Intelligent AML

Artificial intelligence (AI) and machine learning (ML) are actively being used to uncover patterns that are not as easily detected by traditional rules-based transaction monitoring systems and are typically overlooked or impossible to see under human supervision. Likewise, the ability to take in all available variables and features of customer account and transactional data enables these technologies to better understand the connection between entities, the level of risk they represent, and provide additional context.

But money laundering and terrorist financing schemes change over time, which leads to that increased investment to maintain relative stasis. Here, AI and ML have a vast advantage over current methods, creating feedback loops and learning mechanisms to segment and group accounts dynamically, creating moving thresholds that are continuously fine-tuned and optimized. This intelligent AML approach to AML is something that has been long promised, but rarely delivered.

While regulatory concerns have prevented most institutions from applying these techniques as an alternative to current transaction monitoring systems for detection of suspicious activity, several banks have begun using them as a way to better understand the alerts generated by those systems. The insights generated can be used to more quickly address the most pressing risks or suppress alerts related to legitimate behavior.

In addition to improving the effectiveness of transaction monitoring, these technologies, combined with others, could also have a tremendous impact on the efficiency of alert triage and investigation efforts. Much of an analyst’s time is spent on capturing information from various sources, reviewing the details about the alerts and documenting his or her findings. Breakthroughs in robotic process automation (RPA) and natural language processing (NLP) can automate some of these more tedious, non-value added parts of an analyst’s job. This will expedite the process of getting through the plethora of alerts generated by today’s transaction monitoring systems, while also reducing the potential for human error and driving greater consistency.

Initial results are in

There are a few banks we have already begun working with to apply these techniques, and the results are very promising. This includes the corporate banking division of a global financial institution in Europe, a regional bank in the US focused on retail customers, and the correspondent banking business of a large Chinese bank. All of these organizations were dealing with fairly typical AML issues: a high number of false positives from their transaction monitoring system, a mix of automated and manual workflow processes, and time-consuming, duplicative investigations from customer records gained through acquisitions.

That last point is key – especially among larger banks that have acquired or merged with similar firms. While banks are not mandated to consolidate customer accounts, they often share customers but aren’t aware of it. Ideally, linking these would provide greater insight into a customer holistically, but in practice it leads firms to conduct AML investigations and ongoing due diligence reviews multiple times. This means that a series of transfers from a customer’s account in one side of the bank to the other, while all from the same customer, could look suspicious if those accounts or entities were seen as distinct. In one of these banks, we were able to demonstrate the ability to reduce workloads by 9% simply through the consolidation of alerts from related customers…and this does not even get to the improved view of the overall risk of those customers.

In addition, by applying a variety of the advanced analytical techniques described above, we were able to dynamically segment the customers generating alerts based on their behavior. This was used to determine the characteristics of customers that were likely to have their alerts dismissed vs. the characteristics of customers likely to have their alerts escalated into cases or even have a SAR filed. This analysis was able to identify six segments of customers that never had any alerts escalated, while also identifying five segments of customers whose alerts were escalated 10% or more of the time, and two segments that were escalated more than 25% of the time.

These numbers were fairly consistent across all three institutions, enabling them to more effectively prioritize alerts. At one institution, the top 24% of prioritized alerts included 95% of the alerts that were escalated.  And at another institution, 95% of the alerts that resulted in a SAR were in the top 21% of prioritized alerted.  Across the three banks, we were able to effectively identify 20-35% of the false positives.

We are also providing additional insights into the alerts being generated, to help analysts understand why the alerts may be related to truly suspicious activity or if they are likely to be false positives. This is enabling analysts to more quickly triage the alerts, expediting the speed of reviews by as much as 200% at one of the banks.

More than technology for its own sake

Beyond the improvements to quality and effectiveness of AML activities, the significant cost savings from greater efficiency and the “cool factor” of using the latest tech, this also provides financial institutions with a way to stem the high employee attrition that frequently results from having to perform tedious and mundane tasks. Giving analysts more engaging work should in turn keep them more motivated and reduce the need to constantly replace them.

These capabilities have the potential to significantly improve what we all accept as a broken process. The future of AML is clear – the question is only when will you join us?

Vice President, Financial Crimes & Conduct Risk

More IBM RegTech Innovations stories

The challenge of managing hundreds of daily GRC alerts

Today we are inundated with alerts, breaking news, celebrity scandals and what their neighbor had for lunch.  The feeds are not limited to one medium; your computer, your television, your phone, your tablet and now even the watch you wear on your wrist. The flood of data that comes in can bury a person. How […]

Continue reading

GRC is everyone’s business

In my May 2019 blog, “Has GRC Reached Its Tipping Point? Observations From The Front Lines”, I described a set of common patterns that are driving business initiatives in Governance, Risk & Compliance. These highlighted that: Organizations are transforming their GRC frameworks, They are driving to realize greater benefits from already significant GRC investments, and […]

Continue reading

Ask the expert: 20 questions fraud fighters want to know

In our webinar yesterday, the first in the series AI Fraud Detection — Beyond the Textbooks, we ran out of time and weren’t able to address some great questions we had from the audience. Instead of waiting until the next episode, I hope these brief answers will be of help and interest to both those […]

Continue reading