Chris Middleton presents the second exclusive report from the first RegTech for AML Forum in London.
One of the major challenges for RegTech in helping banks to tackle money laundering, fraud, and criminal financing, is eliminating false positives. Ninety percent of the alerts triggered by daily transaction monitoring, for example, are false positives, which represents a huge drain on resources.
But what are the realistic options? The answer is not more technology, but to worker smarter, aided by more efficient systems.
Speaking at the first RegTech for AML Forum in London this week, Caroline Kennedy, Head of Financial Crime Control Operations (Corporate Banking), at Santander, said that the burden is growing. Alert volumes are constantly increasing because of new transnational behaviour, new customer types being brought into the scope of monitoring systems, the growth of correspondent banking risk, and so on.
Traditional transaction monitoring is also made more difficult if institutions are providing banking services to digital payment providers, which may not have the same depth of customer data.
Yet at the same time, merely making the process more efficient through technology does not necessarily help banks to catch more criminals, as the focus is often on running a leaner, less costly system – ticking regulatory boxes – rather than on solving financial crime.
A delegate from one major bank (speaking under Chatham House confidentiality rules) expressed the view that when the conversations are about efficiency, the focus shifts away from solving crime. In these instances, he said, the regulator needs to take much more of a lead. Meanwhile, banks should allocate their dollar resources in a smarter way, using 10-20 per cent of anti-crime resources to develop more in-depth, data science-based solutions.
“Efficiency is important, but how effective are the risk controls in a highly automated environment?” asked Kennedy. There is a growing appetite to move away from rules-based systems and towards analytics and machine learning. But gut instinct should always remain part of the process, she said – an expert human analyst.
M&A activity in the banking system further complicates matters, as new, sometimes complex, entities are created that may be running incompatible systems or be using partial or non-optimised data.
But there is some good news. Among the biggest aids to investigators are Know Your Customer (KYC) programmes, said Kennedy. Improved KYC data upfront leads to better outcomes in transaction monitoring. Even when customer behaviour may not always be predictable or readily understood, KYC represents a good starting point, she explained, with the on boarding process helping too.
But the industry is still looking for needles in haystacks – a problem remedied by making the ‘haystack’ smaller, suggested one conference delegate, and removing the false positives.
Technology is part of that solution, of course. Better rules mean more complex scenarios, to which analytics can be applied, but there may be a risk that some cases are closed by a technology-centric approach that might otherwise have been kept open by human investigators. This may become a more serious problem in time as organised criminals turn to the same technologies to help them stay one jump ahead.
Technology enables banks to work smarter and more efficiently, and better customer segmentation will create better outcomes, said Kennedy – as will the use of other internal data sources, such as marketing databases – so banks need to consider the situation holistically.
However, banks are always going through a rapid iteration process, driven by technology, and this sometimes gets in the way of ‘tuning’ systems to operate more effectively. Financial institutions still need to be able to respond to current events – as the political landscape changes, for example. At present, this may apply to Venezuela, or to Iran, for example (one speaker at the event mentioned the $40 billion in cryptocurrency that has flowed out of Iran in recent months).
In both the UK and the US, fraud teams regularly share risk data between banks – and in the US also among security services, in the wake of the Patriot Act – but with AML, there is little impetus or government support to pursue investigations, suggested Kennedy.
- Ionela Emmett, a certified fraud investigator, spoke about how complex financial structures can often be used to disguise corporate fraud. Another problem is searching the Dark Web, she said. Many organisations aren’t able to or allowed to do this, in which case governments should make more of an effort to feed back data to the banking sector.
Be part of a discussion and connect with like-minded leaders in your sector at our exclusive event series on banking and RegTech.