A Q&A Roundtable with Risk & Compliance Magazine
In an informative Q&A roundtable with Risk & Compliance Magazine, Guidehouse's Global Investigations and Compliance heads Alma Angotti and Salvatore LaScala discuss segmentation and artificial intelligence (AI) in anti-money laundering (AML) alerts.
Could you provide an overview of how technology is transforming financial institution’s anti-money laundering processes?
Alma Angotti: Technology enhancements in financial institutions (FIs) are becoming indispensable to managing financial crime risk. Regulators expect FIs to make use of the enormous amount of data they have about their customers and their customers’ transactions. The only way to effectively identify risk from all of this data is through technology. The United Nations Office on Drugs and Crime estimates that money laundered globally is about 2-5% of world GDP annually, about $3 trillion. In addition, the number of non-cash transactions will increase as mobile technology — mobile wallets and mobile money transfers — are introduced into the global market and emerging markets. For the past few years, FIs have wrestled with methods to minimize loss, remain efficient, and maintain proper regulatory compliance. Technology is transforming FIs’ AML processes by efficiently sorting through large amounts of data, developing more useful predictive modelling, and using client segmentation and behavioral patterning. Technology has the potential to better identify risk, by eliminating some of the "noise" in the data and by enabling compliance personnel to concentrate on actual risk.
Salvatore LaScala: Over the past few years, FIs have begun to embrace robotic process automation to expedite their more tedious work. This is achieved by either business process automation or by using "bots" designed to perform automated and repetitive tasks. As such, AML analysts and investigators derive increased efficiencies and get to focus on the AML typologies, rather than gathering and exhibiting investigative artifacts. This shift in focus results in increased quality, productivity, and employee satisfaction. At the same time, tremendous strides in AI and machine intelligence (ML) are working to increase the quality of AML alerts while decreasing the volume. Access to this broader collection of cognitive tools, which have evolved significantly in recent years to include ML, deep learning, and advanced cognitive analytics, will, no doubt, yield remarkable benefits relating to the effectiveness and efficiency of AML transaction-monitoring systems.
What transaction data is typically utilized in the AML alert analysis process? What key data needs to be made available to the recipient of an analysis, such as an auditor or regulator?
Salvatore LaScala: The transaction-monitoring systems consume many data points to generate alerts. In some respects, it is better to define which information not to include, which might consist of automatic, accounting, or administrative financial events. Nearly everything customer-activated is in scope. Deposits, withdrawals — by cash, check, monetary instrument, wire, or automated clearing house — are just a few. Transaction codes, product codes, and any predetermined risk codes or industry designations are also frequently consumed. In addition to the transactional data and the transaction codes, customer reference data is key. This can include account name, number, opening date, closing date, occupation, politically exposed person status, and more. Additionally, the list of products the customer uses, such as custody, trading, online banking, remote deposit capture, and international wires impact transaction monitoring. All the data above will be used by an astute investigator or analyst to disposition an alert. In fact, typically all detection scenario alerts are reviewed to ensure that the data points that compose them were appropriately identified. If any of the data points were not appropriately identified, the alert could be a false positive. When the investigator dispositions the alert, he or she should be working from a defined investigative protocol specific enough to be tested. Moreover, the documentation included to support the alert should consist of enough exhibits for a third party to repeat the work and come to the same conclusion as the investigator. As such, other stakeholders such as internal audit or examiners should receive the entire investigative file and the exhibits prepared by the investigator.
What steps should FIs take to develop an action plan that allows them to research and resolve AML alerts and maximize the effectiveness of their AML protocols?
Alma Angotti: AI requires human tuning and input and human analysis of the output. Data scientists and subject matter experts (SMEs) must work with AI to test and tune it appropriately so that it works as intended. The FI should prioritize two things: first, analyzing the high-quality alerts, and second, creating a symbiotic relationship between the SMEs and the domain experts. The FI should prioritize the most productive alerts produced by AI because AI and intelligent segmentation are able to identify behavioral patterns that traditional transaction monitoring is not. The domain experts alongside the SMEs should play a leading role in assessing the relevancy of the data used by the AI. If the integrity of the data input into the AI is inadequate, the AI output will be inadequate and create low-quality alerts. The priority should be on building a team of data scientists and SMEs who work in conjunction to create an efficient and effective Bank Secrecy Act or AML AI program. The overall process needs to be connected throughout.