In the present environment, roughly one in three organizations experience economic crime, only 50 percent of money laundering or terrorist financing occurrences are identified by system alerts and one in five banks are recipients of regulatory enforcement actions.¹ The United Nations Office on Drugs and Crime found that “the estimated amount of money laundered globally in one year is 2 to 5 [percent] of global GDP, or $800 billion to $2 trillion in current U.S. dollars.”² Likewise, before the end of 2017, compliance spending on anti-money laundering initiatives is expected to exceed $8 billion, a compounded annual growth rate of almost 9 percent.³

Given the magnitude of financial crime and the consequences of not getting ahead of it, regulated financial institutions (FIs) and others within the anti-financial crime community (such as government agencies and affiliates committed to financial crime detection and prevention) need to consider more disruptive and collaborative anti-money laundering and sanctions-related (collectively AML⁴) strategies. This includes actively exploring and understanding the possibilities associated with openly sharing resources and moving beyond a siloed approach to fuel more advanced, bolder technology-based AML tactics.

One route is to pursue the creation of a centrally-managed artificial intelligence (AI) tool that can be shared across and developed by multiple institutions in a controlled manner with an independent organization (such as a self-regulatory organization or a government agency) facilitating, governing and overseeing the process. This may be achieved by leveraging and combining three existing strategies: collaboration, centralization and investment in advanced technology.

A closer look at these three strategies and the potential applications of AI as it relates to AML, demonstrates why the anti-financial crime community may be ready for the next level in developing and using technology-based solutions in a collective, open source fashion.

Leveraging Three Existing Risk Management Strategies

To get the upper hand in the fight against crime while demonstrating strong business practices and smart investment decisions, FIs need to be better and faster at employing technology to assist with job functions. Fortunately, there are three current techniques (collaboration, centralization and investment in advanced technology) that if used together in a new way may facilitate the development and use of AML-related technology within FIs. The following is a brief depiction of each of these areas as they relate to AML.

Collaboration

As demonstrated in legislation, government advisories and industry forums, AML advocates recognize that they have an important tool at their disposal: the “power of many.”

Sections 314(a) and (b) of the USA PATRIOT Act are commonly referenced when demonstrating the importance of collaboration among the anti-financial crime community. Section 314(a) codifies the provisions relating to information sharing between law enforcement and FIs. The Office of the Program Manager for the Information Sharing Environment, noted that “Law enforcement information sharing has expanded significantly…improving law enforcement’s ability to detect, prevent, and respond to acts of terrorism.... A fundamental component of effective enterprise-wide information sharing, for example, is the use of information systems that regularly capture relevant data and make it broadly available to authorized users in a timely and secure manner.… Criminal history records, law enforcement incident reports, records of judicial actions and decisions, and watchlists of known and suspected terrorists are all essential sources of vital data that provide accurate, timely, and complete information…”⁵ Section 314(b), as FinCEN describes, “provides [FIs] with the ability to share information with one another, under a safe harbor that offers protections from liability, in order to better identify and report potential money laundering or terrorist activities…. FinCEN strongly encourages information sharing.…”⁶

Our national security depends on our ability to share the right information, with the right people, at the right time

Former President Barack Obama had this to say in a National Strategy for Information Sharing and Safeguarding letter published in December 2012: “Our national security depends on our ability to share the right information, with the right people, at the right time. This information sharing mandate requires sustained and responsible collaboration between federal, state, local, tribal, territorial, private sector, and foreign partners.”⁷

More recently, FinCEN reiterated the importance of collaboration in the context of cybersecurity in an October 25, 2016 advisory: “[FIs] can work together to identify threats, vulnerabilities, and criminals. By sharing information with one another, [FIs] may gain a more comprehensive and accurate picture of possible threats, allowing for more precise decision making in risk mitigation strategies.” Specifically, FinCEN notes that “collaboration and ongoing communication among BSA/AML, cybersecurity, and other units will help [FIs] conduct a more comprehensive threat assessment and develop appropriate risk management strategies to identify, report, and mitigate cyber-events and cyber-enabled crime.”⁸ FinCEN further notes that FIs “are encouraged to internally share relevant information from across the organization…information provided by cybersecurity units could reveal additional patterns of suspicious behavior and identify suspects not previously known to BSA/AML units… such as patterns and timing of cyber-events and transaction instructions coded into malware…to 1) help identify suspicious activity and criminal actors and 2) develop a more comprehensive understanding of their BSA/AML risk exposure.”⁹

While there is already a strong inclination among FIs to share select information with each other and government agencies, the extent of this sharing and collaboration could not only be expanded, but also made more reciprocal in nature. For instance, FIs can share entire data sets with each other and government agencies can also share certain data of their own with FIs.

Centralization

Centralization, for the purposes herein, refers to the act of consolidating and managing AML processes, procedures, functions or systems centrally, such as by designating a primary unit, utility, or hub to manage a specific activity.

In the context of managing risk by centralizing functions and processes, the Federal Financial Institutions Examination Council explains the following: “risk assessment, internal controls (e.g., suspicious activity monitoring), independent testing, or training may be managed centrally. Such centralization can effectively maximize efficiencies and enhance assessment of risks and implementation of controls across business lines, legal entities and jurisdictions of operation. For instance, a centralized BSA/AML risk assessment function may enable a banking organization to determine its overall risk exposure to a customer doing business with the organization in multiple business lines or jurisdictions.”¹⁰

By having standardized protocols, practices and repositories of information, FIs are able to maintain consistency, cohesiveness and transparency in their operations

Similarly, the benefits of a standardized approach apply to guidance and procedures. By having standardized protocols, practices and repositories of information, FIs are able to maintain consistency, cohesiveness and transparency in their operations.

Creating a “holistic” (or enterprise-wide) view, which is often an intended result of centralization, is also encouraged within the industry. For instance, regulators have explained that in order to obtain a more accurate understanding of a client base, customer relationships should be reviewed holistically across lines of business, with a comprehensive approach to quantifying BSA/AML risk for new and existing customers, and that “the quantification of risk [should] encompass a customer’s entire relationship.”¹¹

Consequently, a centralized, yet interconnected approach that provides a holistic view and governance model (e.g., one that consolidates a function into a central utility while maintaining communication and awareness with respective business lines), allows for better identification and management of risk, enhanced communication, and a setting more conducive to internal and external testing and evaluation.

Investment in Advanced Technology

With the growth of technology rapidly increasing, FIs have been employing techniques such as advanced analytics and automation to assist with performing key AML functions (e.g., know your customer activities, transaction monitoring, list screening). While these strategies continue to evolve and work well with structured data sets (e.g., information organized into specific fields or formats) and prescriptive functions (e.g., defined rules and scenarios), FIs are also looking at bolder technology solutions, such as AI (referred to herein interchangeably with the terms “cognitive technology” and “cognitive computing”), to tackle more complex and analytical areas, including unstructured data sets (e.g., unorganized or non-text information).

Cognitive computing refers to the simulation of human thought processes, using self-learning systems that include data mining, pattern recognition and natural language processing to mimic the way the human brain works.¹² This allows a computer to derive conclusions and complete activities that may require fundamental human skills and intelligence, such as looking, reading, writing and integrating knowledge. Machine learning, which works by using algorithms that iteratively learn and adapt in an automated manner as the models are exposed to new data, is a method used to enable a computer to learn without being programmed.¹³

One attractive advantage of cognitive technology is the ability to access, make sense of, and/or use large, unstructured and diverse information, including non-traditional information such as social media information (e.g., posts, images) and audio (e.g., telephone conversations) that may be available in other parts of an FI (e.g., the marketing department or customer service) for AML purposes. A more ambitious goal is the potential to be predictive, rather than reactive, in identifying fraudulent activity, such as by recognizing traces of the behavior before it fully occurs through enabling computers to learn, comprehend and detect new money laundering schemes and characteristics.

A Glimpse at How Cognitive Technology Is Being Applied Within AML

On February 15, 2011, an IBM-developed supercomputer with AI, named Watson, capable of answering questions in natural language, won the first place prize of $1 million on the quiz show, Jeopardy.¹⁴

Five years later, on March 8, 2016, KPMG LLP, a “Big Four” audit, tax and advisory firm, revealed plans to leverage IBM’s cognitive computing technology explaining that “[a]uditing and similar knowledge services are increasingly challenged with tackling immense volumes of unstructured data. Cognitive technologies such as Watson can transform how this data is understood and how critical decisions are made.” For example, “cognitive technology is further advancing improvements to sampling processes, in which auditors review subsets of data to analyze thousands or millions of actions to draw conclusions.”¹⁵

On November 22, 2016, it was announced that Promontory Financial Group, a risk management and regulatory compliance consulting firm with a global AML and counter-terrorist financing practice, was acquired by IBM. Promontory’s professionals intend to train Watson via machine learning. For instance, Watson will learn by “continuously ingesting regulatory information as it is created and through interaction in real-world applications. This includes solutions for tracking evolving regulatory obligations, expectations and control requirements, as well as solutions that address specific compliance needs, such as financial risk modeling, surveillance and insider threat, and financial crimes including counter fraud, [AML] and [KYC].”¹⁶

In addition, a 2016 research report from Celent (a research and advisory firm focused on business and technology strategies) examined AI applications, vendor profiles, and application trends, and noted that AI “technologies are increasingly being applied in the banking industry, mainly toward knowledge management, identity authentication,…anti-money laundering, and risk control.” In reference to AI, the report further notes that “[w]ith their ability to fully understand the market, customers, and regulatory changes through data, banks are in the best position to apply these technologies...”¹⁷

Accordingly, new AML software, products and tools with AI technology are quickly entering the market to assist FIs with complex AML activities, such as identifying and evaluating suspicious activity. For instance, existing AI technology has the ability to track the behavior of individuals and entities involved in potential money laundering activity and link them to one another through collective intelligence gathering and machine learning techniques that apply adaptive learning rather than predefined scenarios and rules.¹⁸ This method can provide a stronger and more comprehensive understanding of behavior over time. Other machine learning-based platforms have the ability to identify and aggregate voluminous and unstructured data points, such as narratives within SARs or publicly available information, to assist with better recognizing AML risks and automating KYC processes.¹⁹

Taking a Leap: Go Bold to Get Ahead

The evolving partnerships with technology companies, such as IBM and the many vendor products entering the market, illustrate the applications and benefits of cognitive technology in the AML space, particularly as technology becomes cheaper and the demand for skilled labor increases. The value of cutting-edge technology and “digital labor” combined with the growing importance of collaboration and centralization presents opportunities for how FIs can begin to implement, experiment with, or simply think about how to leverage cognitive computing capabilities through a transformative framework or methodology that encourages communities that are against financial crime to operate as partners in a common cause.

For instance, a centralized cognitive computing tool that incorporates multiple FIs (in a structured, yet cooperative fashion similar to crowdsourcing, where participants collectively contribute to, and benefit from, pooled information and knowledge) fits well with the ongoing emphasis on collaboration, centralization, and investing in technology. A basic benefit would be a more powerful data set (e.g., aggregated KYC and transactional activity) with an integrated feedback loop that links back to the originating FIs, allowing for enhanced data quality and analysis. The tool could serve as a supplemental data store that FIs can use side by side with existing mechanisms to validate or complement current data; and/or provide future potential to feed directly into the FIs’ systems and/or models.

While similar tools exist in the form of vendor products and AML collaboration software, an option of taking this even further is a semi-communal cognitive computing tool that is managed centrally by an independent third party (such as a self-regulatory organization or a government agency). By identifying an appropriate third-party candidate with sufficient technological capabilities and dedicated resources, the organization would be able to provide oversight, as well as set up and pilot the tool in a safer and more focused environment. This form of centralization may also be more cost-effective, time-efficient and supportive for FIs, as it allows the effort to be shared and distributed. For instance, this unit could maintain governance over the tool and assist with coordinating the retrieval of information from participants, as well as cleansing and anonymizing data where necessary.

Although the initial investment (such as the time and funding associated with development and integration) for a centralized cross-institutional AI platform may seem daunting, the long-term benefits are likely to outweigh these immediate costs, particularly if pursued earlier, given the current state of the AML landscape and the nature of technological growth. More importantly, this path could potentially foster more rapid and effective technological advancements of similar tools within the AML space and pave the way for a new type of expanded partnership and alliance among opponents of financial crime: one that helps FIs get ahead and stay ahead. 

Jonathan Estreich, CAMS-Audit, CFE, director, Société Générale, New York, NY, USA, editor@acams.org

The author submitted this piece while an employee of JPMorgan Chase. The views expressed in this article are those of the author and do not represent the views or opinions of JPMorgan Chase or Société Générale.

1. “Adjusting the Lens on Economic Crime: Preparation Brings Opportunity Back into Focus,” PWC, 2016, http://www.pwc.com/gx/en/economic-crime-survey/pdf/GlobalEconomicCrimeSurvey2016.pdf
2. “Money Laundering and Globalization,” UNODC, https://www.unodc.org/unodc/en/money-laundering/globalization.html
3. “Adjusting the Lens on Economic Crime: Preparation Brings Opportunity Back into Focus,” PWC, 2016, http://www.pwc.com/gx/en/economic-crime-survey/pdf/GlobalEconomicCrimeSurvey2016.pdf
4. Refers to Bank Secrecy Act (BSA), anti-money laundering (AML) and Office of Foreign Assets Control (OFAC) activities.
5. “Law Enforcement Information Sharing,” Information Sharing Environment, https://www.ise.gov/law-enforcement-information-sharing
6. “Section 314(b) Fact Sheet,” FinCEN, https://www.fincen.gov/sites/default/files/shared/314bfactsheet.pdf
7. “National Strategy for Information Sharing and Safeguarding,” Council on Foreign Relations, December 1, 2012, http://www.cfr.org/intelligence/national-strategy-information-sharing-safeguarding-2012/p31630
8. “Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime,” FinCEN, October 25, 2016, https://www.fincen.gov/sites/default/files/advisory/2016-10-25/Cyber%20Threats%20Advisory%20-%20FINAL%20508_2.pdf
9. Ibid.
10. “BSA/AML Compliance Program Structures—Overview,” FFIEC, https://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_039.htm
11. “Consent Order,” U.S. Department of Treasury Comptroller of the Currency,” 2015, www.occ.gov/static/enforcement-actions/ea2015-113.pdf
12. “Cognitive Computing,” http://whatis.techtarget.com/definition/cognitive-computing
13. “Machine Learning,” SAS, http://www.sas.com/en_us/insights/analytics/machine-learning.html
14. John Markoff, “Computer Wins on ‘Jeopardy!’: Trivial, It’s Not,” New York Times, February 16, 2011, http://www.nytimes.com/2011/02/17/science/17jeopardy-watson.html?pagewanted=all&_r=0
15. “KPMG Announces Agreement with IBM Watson to Help Deliver Cognitive-Powered Insights,” IBM, https://www-03.ibm.com/press/us/en/pressrelease/49274.wss
16. “IBM Closes Acquisition of Promontory Financial Group,” Promontory, November 22, 2016, http://www.promontory.com/News.aspx?id=4392
17. Hua Zhang, “Artificial Intelligence in the Banking Industry: From Data Analysis to Semantic Analysis,” Celent, July 13, 2016, http://celent.com/reports/artificial-intelligence-banking-industry-data-analysis-semantic-analysis
18. “Next Generation, Artificial Intelligence and Machine Learning,” Brighterion, http://brighterion.com/next-generation-artificial-intelligence-machine-learning/
19. “Unstructured Data: Delivering Precision and Productivity to the AML Team,” Digital Reasoning, http://www.digitalreasoning.com/resources/AML-KYC.pdf