Welcome on board ‘AI and robotics’
Money laundering and terrorist financing are a continuing threat to banks/ financial institutions (‘FI’) globally and national security. Money laundering is the processing of criminal proceeds to disguise their illegal origin in order to legitimize the ill-gotten gains of crime. The processes typically involve 3 stages briefly discussed below:
Stage 1 – Placement
In this stage, the ill-gotten proceeds are introduced in the financial systems in an unnoticeable manner. For example, depositing cash in multiple accounts, change of denomination, conversion into other form of liquid assets (traveler’s cheques etc.)
Stage 2 – Layering
The funds which is placed in the financial system is rotated, remixed, transferred, re-transferred repeatedly with an intention to avoid tracing and concealing the proceeds of crime.
Stage 3 – Integration
In this final stage the ill-gotten money is merged and presented as obtained from a legitimate finance stream. For instance, creating fictious loans, advances, inflating sales, and even using this fund for personal advantage (investing in real estate, luxury etc.).
Primarily, banks/ FI are exposed to large scale organized money laundering schemes due to absence of a prompt mechanism to identify, assess and remediate the Anti Money Laundering (‘AML’) and Counter Terrorism Financing (‘CTF’) compliance risks. For example, an individual customer’s activity may not appear suspicious as per the compliance checklist, Know Your Customer (‘KYC’) and Customer Due Diligence (‘CDD’) processes. But if this is coupled with a broader investigation trajectory/ criterion, there is a probability that some links/ evidence of such network of individual customers operating in larger organized financial crime could be discovered. Hence, this entire process requires deliberation at a macro level.
As the pace of the media exposes is increasing day-by-day, it is very likely that further data leaks, criminal activity reporting, lawsuits and regulatory investigations will uncover previously unknown schemes and modus operandi. Therefore, banks/ FI need to be proactive in identifying such evolving risks and addressing them in their overall AML/ CTF compliance program.
The Financial Action Task Force (‘FATF’), is an inter-governmental body, established with an objective of setting standards and promoting effective implementation of legal, regulatory and operational measures for combating AML/ CTF, financing for proliferation and other related threats to the integrity of the international financial systems. Here’s a quick video on the role of FATF.
FATF works closely with other international bodies and recommends comprehensive measures, which are universally accepted as guiding principles for responding to risks and potential vulnerability arising out of AML/ CTF.
AML/ CTF compliance
AML/ CTF laws are often viewed as a convoluted web of compliances which not only include heavy cost implications for banks / FI, but are also considered challenging to effectively adhere. The increasing AML/ CTF risk management compliance and management also create ambiguity and sets inconsistent expectations. This, at times, also results in faulty correspondent banking relationships in cross border scenario. The cross border financial network facilitates trade originations, currency remittance, settlements and so on and so forth. The regulatory challenges and commercial economic factors in many of the emerging markets, particularly the smaller economies, have disproportionately increased costs and implementation challenges.
In recent years, a decline in correspondent banking relationships (also known as ‘de-risking’) has become more common. De-risking is the termination or restriction in business relationships with clients or categories of clients to avoid, rather than manage, AML/ CTF risk in line with the FATF’s risk-based recommendations. The de-risking trend appears to affect the smallest and poorest countries in emerging markets more severely, although none are immune.
The enforcement agencies working to combat AML/ CTF transactions operate in an environment with limited resources, and advancements in technology mean that criminals are using ever more sophisticated methods to avoid detection. Such financial crimes therefore require pooled knowledge base, appropriate resources and skillsets to collectively prevent, detect, and enforce.
In view of the above, banks and FI around the world should consider upgrading their risk-based approach for managing AML/ CTF capabilities and embrace use of technology such as artificial intelligence (‘AI’), machine learning and data analytics.
PODCAST: Wolfsberg Group: Fighting financial crime when the going gets tough (S1 E37)
Why substantially invest in a robust risk-based program?
The idiom ‘higher the risk, higher the return’ is not oblivion to banks/ FI. As financial markets and practices sophisticate, potential threats also parallelly amplify. Regardless of size and complexity, banks/ FI must ramp up an effective risk management programs which is appropriately designed in accordance with an organization’s products, services, customers and overall risk profile. As indicated in the IFC Good Practice Note on managing risk in emerging markets banks, some of the benefits of having a robust risk-based AML/ CTF would include:
- Better responsiveness while dealing with correspondent bank if located in a high-risk jurisdiction;
- Establishing long-term association with retained corresponding banks if they are satisfied with the customer due diligence (‘CDD’)/ enhanced due diligence (‘EDD’) protocols and achieving economies of scale;
- Better monitoring of accounts;
- Improved capabilities by using advances tools and technologies in managing risk efficiently and
- Exceptional experience in client- experience and servicing high value customers.
Customer’s Perspective | Bank/FI Perspective |
Time consuming and repetitive process of collating documents | Less flexible legacy systems increasing bottleneck for operational breakdown and overall onboarding risk |
Lack of structured process leading to duplication of data | Stringent laws and high penalty for non-compliance |
High dependency on paper-based documents | Not able to match customer expectation |
Faulty assessment of the documents submitted and excessive time involvement | Loss of potential client due to disappointing lengthy onboarding process |
Low transparency | Lack of data integration amongst various service lines |
While there are numerous risks within the ambit of the overall enterprise risk framework, AML/CTF risks typically classifies under the ‘compliance or legal risk’ category. Of late, there has been a glaring increase in the number of criminal and civil enforcement actions on account of non-compliances against banks/ FI (including personal liability of AML officers and senior leadership).
The punitive measures for negligence in fighting financial crime can be huge and so institutions are investing heavily in transformation of AML and KYC efforts. Therefore, a compromised AML/ CTF program can lead to irreversible reputational damage to banks/ FI.
This also calls for new age tech-oriented solutions and tools to mitigate AML and KYC risks. It is imperative for regulatory bodies to come forward and encourage banking industry to find innovative techniques to deal with the nitty-gritties in AML and KYC risks and do away with the traditional unviable models.
Commercial customer onboarding
Simplification in customer risk assessment
The conventional commercial customer onboarding is nothing less than shooting in the dark. Vague procedures, prolonged negotiations, no standard documentation were some of the common features. The inefficiency in the onboarding has been explained in the diagrams below:
Customer Risk Ratings (‘CRR’)
CRR models is a primary tool used by banks/ FI to detect money laundering. Most organizations assess risk on parameters such as the customer’s occupation, salary, ownership structure, industry, customer jurisdiction, negative media coverage, banking products, volume of cash involved etc. This information is typically obtained at the time of account opening, but it is not frequently updated.
A risk-scorecard calculates the overall rating of a customer. However, lack of quality data and consistency often leads to misclassifying of thousands of low-risk customers as high risk and vice-versa. Subsequently, the continuous monitoring of such mis-classified accounts results into haphazard conclusions. Irregular reviews unnecessarily drive up the compliance costs, annoys many low-risk customers because of the extra scrutiny, and dilutes the effectiveness of AML efforts as resources are concentrated in the wrong place.
Accordingly, banks/ FI should use a waterfall approach (more commonly used in system development life cycle) in optimizing AML/ KYC program. Here, a generic set of risk factors should be consistently defined for all business lines and specific risk checklist should be outlined for the service lines which are approached by the customer (refer diagram).
KYC utilities
While commencing an account-based relationship, the basic set of information is more or less similar for all banks/ FI. Accordingly, a single template for collating the common data can be created and data can be stored at a centralized registry. This information resource pool can be of a great advantage as far as AML/ CTF is concerned.
For instance, India’s ambitious Aadhar KYC project wherein database (viz. name, address, photo, biometrics) of resident Indians was created with a view to foster financial inclusion, access of information and AML/ CTF vigilance. However, challenges such as data security breaches, information sharing, data privacy and protection of identities of customers need to be dealt with utmost care.
AI + Machine learning tools > Traditional approach
AI and machine learning can revolutionize the overall AML and KYC program by using higher degrees of correlation analysis. However, it is imperative for banks/ FI to define the false positives and false negatives probabilities before progressing in electronic KYC program. A false positive indicates acceptance of incorrect identifies whereas a false negative means denial to legitimate cases.
Natural Language Processing (‘NLP’)
AI and Natural Language Processing (‘NLP’) can open up a world of automation opportunities for AML/ CTF compliance.
It can read vast amounts of data in any language, perform intelligent scans and fetch information from numerous external sources. Such products allow organization to focus on identity risk assessment and on-boarding customers, instead of document collection and verification.
Also, it is very much possible to patch up-to-date records of clients in case if there any regulatory changes impacting the client data. This in turn increases the productivity and at the same time can significantly reshape client on-boarding and continuous monitoring (reference).
Robotic process automation (‘RPA’)
RPA has the abilities to overcome some of the painful manual KYC processes such as customer information gathering, validation of data, compilation and stacking customer databases, screening, account opening and closures etc.
All this combined together can increase e-KYC optimization, reduce turnaround time, improve digital capabilities of banks/ FI, reduce possibility of human-errors, create a better audit trail and lastly help in cost reduction on redundant processes.
Optical Character Recognition (‘OCR’)
OCR is an AI tool which assists in scanning and extracting data from any source (such as images, ID cards, official documents, licenses, passport etc.). With the use of OCR, banks/ FI can digitalize the onboarding process, screen multiple documents simultaneously for verification purposes all in real-time (source).
Other AI tools such as biometrics, trend-analysis, predictive algorithms, decision tree, GPS enabled cash withdrawal facilities, link analysis, network science, client lifecycle management, Distributed Ledger Technology (‘DLT’), fuzzy-logics, can help in better evaluating and monitoring of suspicious activities at banks/ FI thereby assisting in the overall AML/ KYC program.
AML/ CTF monitoring suites, fraud detection using AI, exception reporting also can tremendously boost the overall CDD and CRR in banks/ FI. To sum up, the key advantages of AI in AML and KYC program is plotted below:
Needless to mention, the relevance of manual intervention is not completely negated by using these digital tools. There exists a rare possibility that one software/ digital tool can provide all the requisite solutions for mitigating AML and KYC risks.
Certainly, a bundled usage of various digital tools would be apt. The diagram below depicts various stages of KYC where digital solutions can be used-
Source – IRTA in association with Protiviti report – An urgent call for KYC Optimization
Conclusion
Considering the stakes involved in managing the AML/KYC compliances are high, banks/ FI should carefully assess the options available with them and look holistically to mitigate the risk. It is pertinent to enhance use of technology and data analytics, build cross-functional experienced teams, engage with regulators and form a common resource utility for sharing information and insights. Also, there should be more guidance in usage of tech-oriented solution from international bodies which can be integrated at a regional level for policy / framework development.
This article was written by a member of TFG’s 2020 International Trade Professionals Programme. Find out more here.
Disclaimer: The views that have been expressed on this page are that of the author, which may or may not be in line with their company, Trade Finance Global or London Institute of Banking and Finance’s view.
Type a message