AI and machine learning make it easier for firms to spot suspicious behavior and reduce false positives, but adoption is not without challenges, says Ashish Rai.
Money-laundering schemes have grown increasingly sophisticated over the past year as financial criminals exploited the rise of the digital economy during the Covid-19 pandemic. In line with this, penalties for AML and KYC failings have increased across the globe. In APAC, financial institutions accrued more than US$5.1 billion in penalties last year, which represents a seven-fold increase from 2019.
While banks and other financial institutions have been doubling down on their efforts to halt the efforts of criminals, bad actors remain ahead of the game because they are unhampered by aging technologies. All too often, the status quo is inadequate. Firms are now feeling the pressure to address the technology gaps and invest in advanced tools to fight the increasing threat of financial crime.
Regulatory pressure on the rise
In today’s digital world, it’s become much easier for criminals to move money around the globe and escape detection. The challenge is exacerbated in APAC due to the fragmented and inconsistent adoption of AML regulations and guidelines. For some financial institutions in the region, the increasing complexity of evolving regulations can also prove difficult as they might not necessarily have the organisational capacity to adopt them.
With the unrelenting rise in money-laundering sophistication and activity, the US and EU are in the process of introducing AML reforms to improve the industry’s response to financial crime, and these reforms are expected to trickle to APAC at some stage. In the meantime, financial markets across APAC have been working to update legislation and introduce measures aimed at strengthening AML frameworks.
In Australia, the AML legislation was amended last year to introduce changes to the rules around customer identification, tipping-off offences, access to information, and the cross-border movements of money amongst others. In Singapore, the Payment Services Act was amended at the start of this year to introduce enhanced AML measures for companies facilitating the use of cryptocurrencies.
Meanwhile Hong Kong’s central bank is taking a rather innovative approach. It is actively advocating the use of technology through its two-year roadmap to accelerate RegTech adoption in the industry. It recently published case studies highlighting the opportunities for RegTech solutions to transform the effectiveness and efficiency of AML and CFT efforts, followed by a RegTech adoption guide for solutions to enhance ongoing monitoring of customers.
The promise of AI
In parallel with regulatory and enforcement trends, financial institutions are now turning to advanced technologies to enhance their AML processes and risk controls. Recent research revealed the FIS Readiness Report shows that 78 percent of capital markets firms plan to invest in artificial intelligence (AI) in 2021 to advance their strategic goals. Buy-side and sell-side firms say strengthening compliance and risk management is the top priority for investments in machine learning and AI over the next 12 months.
While capabilities vary from institution to institution, traditionally the main obstacle has been the manual nature of managing AML data, as well as the associated false positives and low detection rates that accompany this problem. On the surface, detecting money laundering sounds simple – generate a suspicious activity report, investigate whether it’s truly suspicious and report it to the regulators. In practice, however, it’s not so easy to determine suspicion because information comes from multiple sources, and the more data we accumulate, the longer it takes to process it.
Looking at the problem from a data perspective points to a clear solution: AI and machine learning. Adopting AI and application programming interfaces (APIs) during the customer onboarding process, which help overcome conventional rule-based KYC technology that requires high dependence on manual efforts, are now becoming crucial to help streamline workflows.
We cannot stop at the onboarding process; firms must continually monitor behaviours and AI helps firms to connect disparate sources and types of data, manage high volumes of increasingly sophisticated transaction types, all while working in an increasingly shortened detection time frame and remediation period. This means that it is easier for firms to spot suspicious behavior, reduce false positives and trace the life of the crime. This helps firms to reduce AML risks and stay compliant in the face of ongoing regulatory upheaval.
Hesitancy around AI remains, however, with some firms in APAC still unclear as to what exactly is involved, what AI does, and which specific tools will have the biggest impact on their AML programmes. They have concerns including how the surveillance will be used, how it will affect their customers, and how they should provide outputs and feature-based explanations to regulators.
Implementing AI requires the right combination of technology, processes and people. In order to identify the right AI tools and models for their AML programme, firms need AI talent that can master the full spectrum of the data life cycle and are cognizant of the problems they are trying to solve. The AI talent need to understand the nuances within AI models so that they can shift from a rule-based system to one that leverages the adaptive power of machine learning to develop and train models to detect suspicious patterns and improve detection over time.
Additionally, the solution a firm chooses must integrate with existing technology, and that takes time. Even for institutions with the best internal communications, siloes exist. Risk and compliance teams will still need to streamline their data management in order to see the big picture within their own organisation. An AI model cannot simply be a ‘black box’ – interpretability is key. The analysts not only need to be able to interpret and investigate the data, but also the data scientists need to make sure that the risk factors and the rationale for alerts are easy to understand and explain to stakeholders within their businesses as well as regulators.
Regulations and mandates both globally and in APAC will continue to evolve at a relentless pace, so firms need to design their technology architecture to be agile and dynamic. There’s a real cost to ripping out old systems and process – and to buying and implementing new ones. But with better processes and smarter tools, financial institutions will be able to identify money-laundering activity faster and more accurately, reduce operational costs, and avoid the risk of massively expensive and reputation-destroying penalties.
Ashish Rai is Group Managing Director, APAC and MEA, Capital Markets at FIS.