The rise in money laundering and terrorist financing cases has led to a global awareness on financial loss and its impact on the economy. Over the years, regulators have increased pressure to monitor every financial transaction for criminal activity, terrorism, and tax evasion. The penalties for non-compliance are staggering – a recent example being Deutsche Bank which was fined $41 million in 2017 for money laundering lapses.
Banks and financial institutions (FIs) have been exploring multiple software solutions to reduce their operating costs on AML, at the same time maintaining an efficient system that delivers accurate compliance reports in time to stakeholders and decisions makers. Financial ecosystem players – FinTech and RegTech, have been continually evolving to develop robust solutions, through inclusion of AI-based initiatives and automation.
A Thomson Reuters survey indicates that an average financial institution spends close to $150 million on AML/KYC initiatives. The prominence of data collection, aggregation, and analysis combined with a high degree of repetitiveness and process-oriented approach, makes AML an ideal candidate for achieving cost benefits and efficiency through automation.
Automation can be achieved across multiple areas of AML, prominent ones being Know Your Customer (KYC), Customer Due Diligence (CDD), anomalous transaction monitoring and even Extended Due Diligence initiatives. Based on the maturity of the process under consideration, it can be completely automated or partially automated by bringing in the human intervention at suitable intervals. Few of these are listed below.
Customer onboarding
While many of the data collection processes at this stage like gleaning customer data from accessible sources like the bank’s CRM system can be automated, a lot of time is spent in carrying out KYC. Majority of the current KYC processes may take days/weeks to comply with regulators. A global survey done by Thomson Reuters on KYC indicates that the time to onboard has jumped from 28 days in 2016 to 32 days in 2017 and would continue rise by at least 12 percent in 2018. Further, financial institutions with revenues in excess of $10 billion have witnessed an increase in KYC spend from $142 million in 2016 to $150 million currently.
Many banks have started exploring Artificial Intelligence/Machine Learning based automation systems across their KYC initiatives. Processes around validating customer data by scouting across various surround systems, compliance directories, social media feeds and regulatory bodies can be fully automated. Similarly, screening of the customer information through OFAC and PEP checks as well as external government watch lists can benefit through automation. The latter can be extended not only to new customers but also to existing customers of the bank. Multiple solutions in the market take automation a step further by validating the identity of applicants in real time, thereby drastically reducing on boarding times.
By using RPA a European bank was able to automate customer checks and make information readily available to analysts for clearing CDD compliance. The time taken drastically reduced by 80% from 20 minutes taken initially.
Customer risk profiling
Building customer risk profiles is an important step towards identifying suspicious activities and flagging off investigations. It involves data collation not only through established sources like legal registries and directories but also the broader online space including social media networks, websites etc. While data is collected at the time of onboarding, there needs to be mechanisms in place to constantly scout and make updates on an ongoing basis.
Currently, financial institutions use manual intervention in the processing of structured and unstructured data. The high cost of integrating systems is a major deterrent to automating this process. This makes it an ideal platform for using BOTS that can crawl around frequently, update information to customer information as part of risk profiles and provide quick response to any customer risk assessment requests.
Further, technologies like Artificial Intelligence and Blockchain are increasingly being used to carry out real-time reporting that compiles, tracks and stores large data sets while adhering to regulatory rules set by different financial agencies. Few leading banks are also experimenting using chatbots for quick and easy KYC compliance of customers. The bots analyze user responses using Natural Language Processing (NLP), in turn reducing time and labor requirements for KYC processes.
Suspicious activity monitoring
Research reports on the global AML software market indicate that transaction monitoring has the highest penetration rate. Little wonder that regulatory solution providers like Nice Actimize and Pega systems have been incorporating RPA, machine learning, and analytics principles to automate suspicious activity monitoring solutions. On one hand, such solutions provide better accuracy in reporting anomalies and on the other, free up financial crime experts to look at higher category threats.
On similar lines, various RegTech players have been attempting to enhance automation across this space through Anti-Financial Crime Solutions that aim to understand customer behavior, identify patterns coupled with unstructured text analysis, and detect even the smallest anomalies in transactions. Such initiatives further help in reducing the number of false positives by having an accurate risk profiling of the customer that can be mapped to flag off truly suspicious transactions.
We also see that newer and effective systems are continually replacing their predecessors. Today’s BSA/AML programs are becoming increasingly reliant on quantitative models (like Bayesian networks) to detect suspicious activity. Bayesian frameworks are being used to assist in building a risk score for customers, essentially identifying customers who need to undergo the EDD process. These are further used to build customer profiles and drive automated Suspicious Activity Report (SAR) filings, based on anomalies detected in their transaction histories.
While automation seems to be the magical process to solve all AML issues, banks need to recognize the limits of AML automation. Technology decisions need to be customized to a bank and not blindly replicate other systems. Financial institutions also need to note that not all processes can be automated. Some processes like transaction investigation can be semi-automated wherein specifics associated with an anomalous transaction can be provided by automation system while aspects relating to analysis, classification of the transaction and rectification measures are carried out through human intervention.