How do we improve Anti-Money Laundering investigations?

We all know money laundering, terrorist financing and the impressive growth of the narco-economy continues to pose a serious threat to the integrity of the global financial system. It is an inevitable by-product of criminal enterprises that generate an estimated $300 billion annually in the United States alone, according to the Treasury. Worldwide that figure grows to between $800 billion and $2 trillion, based on United Nations research.

The size of that margin illustrates the difficulty in estimating an illegal activity that it is, by its very nature, secretive, elusive and clandestine.

Despite the best efforts of law enforcement and AML departments, money laundering systems continue to grow and evolve, employing ever more sophisticated techniques to evade exposure. Criminals are exploiting disorganization and a failure to share information. They are quick to adapt, and the truth is that our current AML efforts are failing to keep pace.

To improve the effectiveness of AML we need to innovate. Though we need to innovate together, as a market and as a financial system. The best analogy is the flow of water – laundering is continuous, will change direction depending on the obstacles it faces and most importantly will flow around obstacles that are put in front of it. As such individual BSA and AML programs definitely protect individual firms, but as a financial system they help very little. Without systemic, cross-market uniformity in how money laundering is tracked and interdicted, then we are just simply dropping boulders into a river. The river is still rushing because of the lack of a consistently controlled and managed dam.

Greater Cooperation

There’s a disappointing lack of communication and cooperation between different enterprises, AML programs, and BSA officers. AML is not a competitive endeavor and though there is a strong and continuous relationship between AML departments, coordination and joint investment is poor. As such we are duplicating many of the dollars but at the same time getting a poor return. This inevitably leaves gaps and vulnerabilities in defenses and detection that attackers are able to exploit.

An obvious remedy would be to open up lines of communication and introduce robust and transparent discovery. An official organization of AML officers sharing data, technology, tips and best practices would drastically improve monitoring capabilities, the adoption of innovations and boost responsiveness to new threats.

Cross-system integration that already has a strong sense of community, backed by a clear system of accountability, could close lingering loopholes and cut the size of potential attack surfaces. It would enable us to harness collective wisdom and institutional knowledge into a formidable, cohesive whole. We would start to drop boulders in the river together, in a collective plan.

AML Program Incentives

A delicate comment, but one that should be mentioned: Too many AML departments are incentivized to prevent regulatory punishment, rather than to stop money laundering. This creates the wrong behaviors. What if we directly rewarded departments based on law enforcement results and successes? It would bring the focus back onto the offenders where it belongs, stimulating creativity and competition in our approach to exposing criminal activity.

The ultimate objective should be to thwart money launderers and new incentives could get enterprises rowing together in the right direction. These incentives could be funded by fines imposed by the regulator.

If 30% of all fines were redistributed to firms that have successfully implemented and shared innovations that can be used by others, this would definitely help the system and propagate innovation much quicker.

Improved TMS Agility

Overreliance on Transaction Monitoring Systems (TMS) that are outdated and slow to adapt to new threats is a real problem. The TMS is a remarkable piece of science – looking at massive amounts of data to identify attackers that don’t want to be found. Yet attackers constantly develop new strategies, nimbly adapting to avoid deviant behavior and remain undetected.

Enterprises must be able to deploy new algorithms, detection scenarios, data sources, and analytics quickly and cost effectively. Rapid innovation and frequent review requires a level of flexibility that’s largely lacking in traditional TMS. At the moment, a money launder scheme can be put into practice a few years faster than the analytics can be contrived to detect the scheme. We must close this gap with more agile models, rules and analytics development and deployment. If we fail to do this, the TMS will increasingly become a monolith, bringing increasingly limited value.

FIU Speed and Consistency

The TMS generates huge amounts of alerts. The problem is the scale of false positives and the effort it takes to investigate these alerts. If 95% of alerts are false positives, the Financial Intelligence Unit (FIU) spends almost all of its time focused on volumes rather than crimes. We need to get the FIU focused on the wood, not the trees.

If we automated the process of investigating an alert, we could introduce some much needed consistency across the whole FIU. Alerts initially generated by the TMS would undergo an automated investigation drawing on hundreds of disparate data sources, calibrated and analyzed against the threat to produce a recommendation – in seconds, not hours.

Such an automation could increase productivity of the FIU by over 50% within weeks of deployment, providing support for a process that is consistent, documented and audited. This could cut down the unacceptably high rate of false positives, currently somewhere between 90% and 95% of all alerts generated, according to PricewaterhouseCoopers research.

By increasing the speed and effectiveness of investigations and freeing up analyst time and expertise to focus on alerts worthy of their attention, FIU productivity goes up and costs go down. Some are talking about using Artificial Intelligence to do this. The money laundering community is excited about taking on these shiny new AI engines but it’s important to proceed with caution; as someone once said, “it’s a lot more artificial, than it is intelligent.” Why? Because it lacks intuition.

Combining EDD and CDD

Enhanced Due Diligence (EDD) is only required when on-boarding and Customer Due Diligence (CDD) is lacking. If we merged CDD and EDD processes, data access, and analysis, it would give us a better understanding of customer activities and potential risk. This would boost the efficiency and transparency of KYC immediately, removing many steps and replacing them with a single onboarding procedure that provides a complete picture from day one. This data then boosts your TMS, FIU and general relationship management. It would also remove the impressive costs of third party EDD firms since the data sources used in EDD are all integrated into a single, seamless and automated CDD process at the point of onboarding.

If AML is to grow more effective, we must leverage our existing assets and employ new technologies that can provide the agility we need. This is about working smarter, not harder. Our lack of unity and consistency is a boon to criminals. We’re getting tied up in regulations that don’t incentivize creative investigations. We have a fragmented KYC, TMS and FIU process across the enterprise that must be integrated into a single transparent process. These areas, systems and procedures are too slow and inflexible and must be made more agile and more dynamic.

It’s not hard – it can all be accomplished within existing budgets. (In fact, it can be accomplished with a considerably reduced budget.) But the bottom line is that we need innovation to strike back effectively against the money laundering threat, or the threat of money laundering will become a considerably greater existential threat to the viability of the financial system.

For more on this topic, please read the AML whitepaper: Meeting the Realities of Today with Effective AML at http://pages.pneuron.com/anti-money-laundering.html