IBM RegTech Innovations

Three fundamental shifts in financial crime investigations

Share this post:

Financial institutions globally are awakening to the fact that regulatory technology will drive the next wave of innovation in their approaches to understanding and stopping financial crimes. From attempted money laundering, to account takeover, to insider trading, institutions are paying attention. But for some in the financial industry, the idea that these technologies can solve more problems than they create is a novel concept. After all, it is these types of solutions that can create an unmanageable number of false positives that constrain resources and hinder an analyst’s ability to focus on the real threats to his/her institution.

I challenge that notion, and also present three key ways that the new approach to financial crime and compliance management moves away from the current, endless Sisyphean cycles and is a fulfillment of what many of your existing solutions promised: a better approach. Specifically:

  1. Layered perspectives provide greater understanding in a complex world
    Each anti-money laundering (AML) compliance or fraud prevention technology that your institution acquired over the past few decades should have been the best solution at performing a singular task. In the AML space, this could have been about behavioral profiling, peer grouping or expert-driven rules. But as behaviors change and peer groups shift, these systems either needed to be overhauled or they would produce less and less accurate results.However, if you use multiple strategies, you can “average out” your risk indicators, so that an outlier in one area can be exonerated by lower risks in multiple others. Likewise, multiple moderate risks that are not significant on their own will highlight an overall high level of aggravated risk, which would fail to be uncovered through a singular technique or risk perspective. This approach is by no means 100% accurate, however, using analyst feedback and continuous improvement, it maintains better accuracy over time.
  2. Continuous improvement should be hardwired into your process
    The idea of continuous improvement seems obvious. Why wouldn’t your organization and analysts get better at assessing similar types of situations when they see them repeatedly? But, often, this is not the case. For example, we worked with a financial institution in the Asia-Pacific region that was seeing an abundance of false positives in their sanctions screening process for sanctioned countries and entities. Upon further investigation, most of the accounts that were being flagged had some element related to a sanctioned entity in name only, but were obviously not related to that entity. This included the restaurants with “Havana” in their names, though nowhere near Cuba, as well as names that were a partial match to drug kingpins, but in low risk locations where that name could be common. A process built on continuous improvement would have reduced these erroneous alerts over time. However, especially in the sanctions screening process, the same logic is applied over and over, achieving the same sub-par results.
  3. Identifying risks works better ahead of time
    This is, of course, easier said than done and perhaps the hardest part of understanding risk to your financial institution. Whether on-boarding a new customer or reviewing a potentially suspicious transaction, banks are often forced to “start from scratch” in their investigations. In the former case, the lack of transactional and behavioral history makes new customers a gamble, creating friction in the customer experience with predefined limits on transactions and mobile deposits during the initial “probationary” period. In the case of reviewing suspicious transactions, due to a single outlier, as noted in the layered section above, analysts must expend extra effort to disprove risk in order to close the alert as a false positive. Looking at the inherent risks in a customer’s relationship network, whether due to relationships with high-risk entities or a network in a high-risk demographic or industry, provides additional perspective on potential threats. But much like the previous points, there is not one silver bullet strategy; all of these provide greater collective insight that has been lacking in the current, one-dimensional financial crime investigation process.

The whole is greater than the sum

If instead institutions would combine these strategies and view customers and transactions in their full context, firms would generate fewer false positives and higher quality alerts, with the details and connections readily apparent to the investigator. For example, if a customer receives $100,000 per month, then a transaction of $1 million in a given month, this 10% increase may seem initially suspicious. However, if you understand that the customer is in financial services, and this is likely a December bonus, you would be less likely to hold or block this transaction. In looking deeper into this customer’s behavior, this 10% bump at the end of the year could be well established over the past few years as well as within the benchmarks for their peer group. Lastly, if the customer’s network does not pose a risk, this transaction can be passed through and a potentially detrimental customer experience can be avoided.

As regulators grow more stringent about how institutions scrutinize their customers, as we’ve seen from last year’s CDD Rule in the US, the need for a smarter approach to financial crime and AML compliance analysis will go from being optional to essential. And more than just a way to gain efficiency, banks who can better assess customer risk and potential threats will be able to minimize their risk and regulatory exposure as well as disruption to the customer experience.

Webinar: AML Compliance comparison and effectiveness

IBM and Promontory with experts will be holding an upcoming webinar to help you better understand how your AML compliance program compares to your peers, while discussing the results of our recent survey on the current state of AML compliance effectiveness.

IBM Anti-Money Laundering benchmarking: How does your approach measure up?
Date: Tuesday, November 27, 2018

Time: 10am EST/3pm GMT
Reserve your place here

Head of Financial Crimes & Compliance, IBM WFS

More IBM RegTech Innovations stories

Why QIIB trusts IBM Safer Payments for cross-channel fraud prevention

Fraud prevention is about who you can trust. For financial institutions, it’s about understanding the relative risk of a customer, a merchant and/or a transaction, as well as hundreds of different factors including location, amount, device, etc. But for customers, both actual fraud attacks as well as incorrectly blocked legitimate transactions represent a breach of […]

Continue reading

Is “openness” the next big word in financial crime?

About a month ago, I attended the IBM RegTech Summit in London, which brought together a mix of financial services professionals, regulatory experts and technologists. But the terminology was markedly different than most financial crime and compliance events I’ve attended. With terms like “AI,” “machine learning,” “cloud” and “innovation,” you could make a successful run […]

Continue reading

IBM Algo FIRST becomes IBM FIRST Risk Case Studies

In the continued evolution of the IBM Governance Risk and Compliance (GRC) product line, I am pleased to announce that effective today, Algo FIRST (FIRST) is rebranded to IBM FIRST Risk Case Studies. Algo FIRST was acquired by IBM as part of the Algorithmics acquisition which took place in October 2011. During its time at […]

Continue reading