Chris Middleton reports on how two very different financial services companies, MoneyGram and Deutsche Bank, embraced new thinking, new technologies, and new approaches to fight illicit use of their systems.
When you deal with over 70 currencies, as MoneyGram International Does, Know Your Customer (KYC) and anti-money-laundering compliance can be a major problem. Building a complete picture of any client can be complex, and so the challenge for financial services companies is how to strike the right balance between technology and employee teams to ensure a compliant outcome.
Appearing at the AML Forum in Frankfurt – hosted by Transform Finance – Giuseppe Scampone, Regional Compliance Manager at MoneyGram, explained how the company decided in 2015 to adopt a smarter approach to compliance than the piecemeal, territorial solutions it had used before. It created a two-pronged global strategy of prevention and detection, with access to the same underlying database.
Wherever they are in the world at any time, people only become MoneyGram “consumers” (Scampone’s term) when all of their data has been screened, evaluated, and matched, with regard to their financial and transaction histories. This generates a unique code that has a value worldwide – a single entity in data. It also makes up for the fact that MoneyGram is not a bank, and therefore does not have business customer relationships in the same way that a bank does, he explained.
“With each consumer uniquely registered worldwide, we start our control [process],” said Scampone. “Our control has integrations with any external sources we can get – law enforcement requests, an output, media alerts, or screening – fake Facebook accounts, and so on.”
Of course, MoneyGram also carries out transaction monitoring internally of customers’ activities worldwide. “We need to make sure that one consumer is one code,” he explained. But sometimes this doesn’t work. Why?
The company operates in 200 countries, and local authorities sometimes make mistakes when registering people (using different spellings of the same name, and so on). So the risks inherent in identifying, or misidentifying, single consumers can be high, which means difficulty in monitoring that person’s activities.
Nonetheless, Scampone claimed that in the year since MoneyGram implemented its scheme, the company prevented fraud and financial crimes worth a total of $100 million worldwide – and saw total transaction volumes decrease by eight percent, suggesting that it has closed a significant window for criminals.
Anna Issel, Head of Business Line AFC for Wealth Management at Deutsche Bank AG, also explored the use of advanced detection technologies to prevent money laundering in her presentation. She spoke about how innovation can take place at a small, manageable scale in large organisations – with all of the right regulatory strings still attached, enabling a company to move forward sensibly.
Most banks have rules-based transaction monitoring systems, with set thresholds for alerts and interventions on a macro scale, with an overall focus on high-risk customers and locations. “But we all know the limits these systems have and the frustrations we experience as AML professionals using them,” she told delegates. “It’s difficult to set thresholds that fit everybody.”
Unsurprisingly, her own Wealth Management client base includes many high net and ultra-high net worth individuals individuals. In these cases, behaviours and thresholds are different and so present a challenge to broad-based internal systems. False positives come up again and again – as they do in all banks – but most systems tend not to learn from these recurring problems. In the age of Netflix and Amazon, that isn’t acceptable, she observed.
“So we were thinking there has got to be a way to do something about it,” said Issel. Deutsche Bank decided to introduce an extra level of control that doesn’t touch its rules-based transaction monitoring system – which remains the core of internal security and compliance – but still uses the organisation’s data. The company decided to look at historic data – of both transactions and suspicious activity reports (SARs) – and develop a new security monitoring layer that was data-, rather than rules-, centric.
As luck would have it, the company’s digital teams had already developed an analytics-based solution for cross-selling new investment opportunities to clients, but found that it had been difficult to predict customers’ behaviour, so that project had been abandoned. However, many of the analytical challenges were similar to what the AML team wanted to achieve, because both areas focused on ‘outliers’ and anomalies detection: clients doing something that isn’t normal for them.
The aim for this new initiative was to see if the system could identify clusters in KYC data, in order to find out if similar customers behave in a similar way. In this exercise, Deutsche Bank was helped by German law, which requires that customer profiles are looked at in conjunction with such data. It was also aided by the fact that the volume of transaction by Wealth Management clients is relatively small compared to corporate clients and so represented a good source of statistically significant experimental data.
Deutsche Bank picked a number of KYC parameters and then used statistical methods to carry out clustering on that data, looking at certain pre-agreed transaction features. So, what kind of outliers is the company now looking at, using these methods? Some of these questions are more obvious than others – is an unusual amount being transferred, is the transaction coming from a country that is not a common for this client, or is it among different counterparties, and so on.
The project asked the system to look at two things: transaction versus peer group (is the client doing something that others like it are not doing?), and transaction versus the client’s own history (i.e. does it represent an unusual change in transactional behaviour).
Anna Issel explained that the system was first trained on the bank’s high-risk clients and then on medium-risk clients, and is now deployed across the entire customer population in Germany, including the low-risk clients, that represent over 85 percent of the client base. So, what have the results been?
Running in parallel to the bank’s traditional systems, it creates a lot of event-driven reviews. By looking at outliers and anomalies more closely, the company has also learned things about its clients – including legal behaviours, such as overseas interests – that the bank was simply unaware of before, improving quality of KYC data. The system has also identified gambling activities that are outside of DB’s risk appetite.
“This whole exercise was done internally with a very limited budget. This was not like redesigning the system, building interfaces, or redoing the whole thing. This was just embracing innovation and trying to do something new on a small scale,” said Anna Issel.