Regulators are putting an ever-increasing amount of pressure on financial institutions in a bid to tackle financial crime. As a result, the costs of compliance are skyrocketing. Operating costs spent on compliance today have increased by 60 percent in comparison to pre-2008 financial-crisis levels, according to findings by Deloitte. To reduce the cost burden of compliance, there is an overwhelming need for innovation.
Fortunately, innovative technology is helping regulated institutions manage their compliance costs, needs and future directions—all from their data. With the right technology, banks can lower false-positive alerts from transaction monitoring and screening, find more risks and automate investigations and KYC (know your customer) processes.
Current AML (anti-money laundering) compliance programs aren’t working
Money laundering is one of the key issues that regulators are pressuring financial-services institutions to address. The United Nations Office on Drugs and Crime found that an estimated 2 to 5 percent of global GDP (gross domestic product) is laundered each year—and the cornerstone of the solution lies in understanding data. Some of the world’s biggest banks might be tasked with processing up to 50 million transactions a day from their thousands of customers spread across the globe. This creates an immensely complex situation, one fraught with potential error and lack of visibility.
Existing AML-compliance programs often rely on people more than technology. Typically, 60 to 70 percent of compliance budgets are allocated to the investigators reviewing alerts and analysts completing KYC checks and periodic reviews. By intelligently automating these processes, organisations can become more efficient and balance compliance costs across the enterprise.
Traditional rules-based AML-monitoring tools compare an activity to fixed pre-set thresholds or patterns to determine if it is unusual. This creates a status quo through which sophisticated criminals can easily evade the bank’s rudimentary controls and continue carrying out their illicit operations out of the spotlight, thus impeding the bank’s intentions of remaining compliant. These controls also produce high false-positive alerts that each requires human review from already stretched teams to assess whether it truly poses a risk. A staggering 95 percent of alerts turn out to be false positives, taxing the organisation’s time and human-power resources and leaving it
open to compliance failures and potential financial and legal consequences. To cope with the sheer number of false-positive alerts, financial institutions find themselves investing time and money in more people and technologies that, instead of helping drive down the costs of compliance, end up resulting in an expensive problem.
The solution is in your data
The root of these issues lies in the lack of context in the organisation’s data. Poor data quality and siloed data mean financial institutions are unable to connect internal and external datasets or understand the connections, relationships and transactional patterns in data. The inability to connect external datasets to the bank’s internal data is at the heart of the majority of compliance challenges. Current transaction monitoring (TM) systems are unsophisticated and assess only the value and volume of activity, taking advantage of easy-to-identify data items, such as Country. These TM systems do not ask questions about who is making the payment and where it is going, as all they have is the name and address of the counterparty.
This is where AML investigators come into the picture. Their role is to research each company and ask pertinent questions about what the business does, its industry code, its size, the number of subsidiaries, who owns it and so on. However, this manual data consolidation wastes time and means investigators are carrying out low-value work—adding to the costs of compliance.
External data on companies is all digitised and available for download, but due to the challenges of accurately matching this to a bank’s customer and transaction data, human investigators have been required to do this. There have been many attempts to repurpose watchlist-screening algorithms to solve this problem, which have been unsuccessful due to the lack of a reliable and accurate data foundation. Finally, once all relevant information has been found, investigators lack the technology to consolidate the data into a single view—making these investigations prone to error.
Automating processes by creating context
The new approach to connecting data, using a tool called entity resolution1, aggregates disparate data points from multiple systems into an accurate single view. Entity resolution provides much higher match rates to corporate data, allowing corporate research that was previously performed post-alert by human investigators to be automatically performed pre-alert by software. This enables investigators to spend less time data gathering and carrying out time-intensive manual research and instead focus on identifying risk.
The challenge of identifying the correct corporate-registry record also impacts KYC and customer due-diligence processes, making these tasks manual. By using entity resolution, financial institutions can stitch together internal KYC data from across the enterprise and enrich it using external data sources to identify, verify and monitor customers. Using a contextual, up-to-date networked view of customers transforms ongoing customer monitoring.This means organisations can fully automate current periodic customer reviews—carried out every one, three or five years, depending on risk. This also allows KYC records to be updated continuously by software and automatically trigger alerts of changes to underlying data that affect the customer’s risk rating and may warrant a human review.
The importance of network analytics in understanding hidden risk
Another challenge that financial institutions face is that companies are great structures for criminals and organised crime to hide behind. Company A can own Company B, which, in turn, owns Company C and so on. This layering of businesses helps corrupt politicians and criminals disguise their identities by looking like a legitimate business. To uncover these hidden links, network analysis (or graph theory) can be utilised to find hidden relationships and create more meaningful data for analytics automatically. After all, criminal activity is hardly ever the work of the single account-holder, but rather that account, and the transactions and patterns linked to it, are part of a larger machinery of illicit activity. Once the bank is able to see the operation’s entirety, it can then present these findings to an investigator and use them to help find interesting patterns for detection to increase the efficiency and effectiveness of investigations and KYC processes.
In traditional TM systems, there may be 50 data-points used to create an alert. With entity resolution and network analytics, billions of data points can be incorporated into a decision. The coupling of entity resolution and graph analytics has created an explosion of useful data to help the artificial-intelligence (AI) and machine-learning (ML) engines to work more efficiently and effectively, driving down compliance costs.
The future of compliance
For compliance to be practicable and sustainable, financial institutions need to maximise the efficiency of their own resources, so they can drive down the costs of remaining compliant while fostering transparency and collaboration with the regulator. Many financial institutions have a wealth of customer, counterparty and transaction data, which they can leverage to create a powerful contextual view and transform compliance programs.
To be truly effective, financial institutions must look to build an intelligent, data-driven enterprise. By deploying innovative technologies, such as entity resolution and network analytics, banks can ensure high data quality and build a single contextual data view, confidently enabling the automation of decisions. With this, financial institutions can create explainable decision models and remain accountable to the regulator while simultaneously reducing risks and compliance costs.