A Guide to AML Investigation Techniques: Tips, Requirements and OSINT
By Blackdot Solutions
Get the latest news and insights sent straight to your inbox
Illicit actors engaged in money laundering are growing all the more sophisticated, harnessing technological advancements to avoid detection by current AML systems and strategies.
It is increasingly recognised that financial institutions (FIs) have struggled to keep pace with these innovations, and that a more effective approach to financial crime risk management is required. FIs are starting to move beyond technical compliance and ‘box-ticking’ methods toward the proactive detection and prevention of financial crime.
Adopting a more effectiveness-focused approach, including improving the quality of AML investigations, and provide better intelligence to law enforcement and national financial intelligence units (FIUs), also helps FIs to reduce the probability of facing damaging consequences of money laundering. The UK’s National Crime Agency now estimates that money laundering costs the UK more than $100 billion every year,1 whilst FIs have received $26 billion in fines for non-compliance with Anti-Money Laundering (AML), Know Your Customer (KYC) and sanctions regulations in the last decade.2
In this guide, we will outline why open source intelligence (OSINT) should play a key role in improving the quality of AML intelligence and investigations activities.
Suggested reading: You can learn more about how OSINT is improving best practices in a range of investigations in our free eBook — The OSINT Handbook
Regulations, requirements and open source intelligence
Theoretically, AML strategies, policies and processes should be risk-prioritised, with more complex or deeper due diligence applied where red flags are present. However, identifying high risk clients or transactions is easier said than done, and thorough due diligence can be hard for banks to achieve, with high volumes of transactions limiting efficiency.
Perhaps as a result of these challenges, a substantial proportion of fines for AML transgressions have been due to due diligence failures. Chief among the key challenges of conducting effective DD and EDD is understanding a client’s links, networks and business operations. The reality is that many existing AML workflows fail to scratch the surface of available — and useful — data on subjects of interest.
As a result of these shortcomings, regulators and FIs alike have begun to consider Open Source Intelligence (OSINT) as an effective tool for augmenting existing processes. OSINT describes the process of extracting intelligence from publicly available and licensable data. Regulators have also begun to include OSINT in their specifications, for example:
- The FCA’s Financial Crime Guide encourages the use of “open source internet checks to supplement commercially available databases.”3
- The European Banking Authority (EBA) encourages enhanced due diligence (EDD) measures to include “carry out open source or adverse media searches” on an ongoing basis.4
OSINT equips businesses with a risk-adjustable technique for investigating customers and clients. This is vital for adopting a more nuanced and holistic risk-based approach which goes further than superficial checks.
OSINT and AML investigations
The core purpose of OSINT is to extract insights from publicly available information available in numerous OSINT sources. By utilising OSINT, investigators can access rich insight into individuals, organisations and other entities relevant to AML regulations.
The role of open source data
High-quality AML investigations often need to go beyond superficial checks to uncover key risks.
With OSINT, researchers can uncover networks, connections and potential red flags to illuminate hidden knowledge. By extending searches into leaked information (e.g. the Pandora Papers), corporate records, grey literature, social media and the dark web, investigators can identify and map risks more effectively. This allows investigators to understand suspicious activity in depth and submit high-quality Suspicious Activity Reports (SARs) to law enforcement.
The ways OSINT is useful within banks’ AML processes can be divided into two broad categories. Firstly, OSINT enables researchers to undertake effective reactive investigations into alerts generated by screening and monitoring systems. Secondly, it allows investigators to develop proactive AML strategies that supplement existing processes:
- Reactive investigations with OSINT: Reactive investigations help researchers understand the context surrounding a transaction alert or concern over customer onboarding. OSINT allows researchers to confirm whether suspicious activity is taking place after a trigger event, while acting as a platform for further research if necessary.
- Proactive investigations with OSINT: OSINT can be used proactively to conduct thematic assessments into high-risk industries, jurisdictions or business activities, and to map out the individiuals, organisations and networks mentioned in media reporting – with the identified entities being proactively screened against customer data to identify previously unknown risks.
Going beyond compliance with OSINT
Financial institutions need to progress towards a more proactive intelligence-led AML model that provides them with:
- Resiliency: Building resilience against the abuse of banking and financial infrastructure by illicit actors is as important as it’s ever been, as governments and regulators ramp up the pressure on FIs to go above and beyond compliance.
- Efficiency: Sophisticated AML strategies should be efficient, balancing human decision-making with automation. Automated tools handle the mundane heavy lifting, so human teams can be directed to nuanced analysis, where they are most valuable.
OSINT is a vital piece of the puzzle. By integrating OSINT into the AML workflow, businesses can escape the “box-ticking” trap and build more sophisticated AML and AFC models that exceed mere technical compliance.
Comprehensive AML investigations with Videris
Conducting more effective AML investigations requires investigators to utilise all of the information available to them. That means leveraging the power of OSINT effectively.
That’s why at Blackdot, we developed Videris — an AML software built to allow investigators to gather OSINT for AML, AFC and other ethical investigations. This powerful, holistic intelligence platform supports every step of the AML workflow, unlocking new opportunities to drive AML efficiency and effectiveness.
Videris contains a wide range of functionality designed to make OSINT investigations as effective as possible. This includes:
- Videris Search: Avoid the ‘swivel-chair’ approach of having to check multiple sources in different places and save time by searching all relevant sources at once — Videris Search collects data all in one platform and intelligently prioritises results.
- Corporate Network Mapping: Understand corporate networks at speed using intuitive network mapping – discover hidden links, identify beneficial owners and monitor activity in high-risk markets or jurisdictions.
- Cross-Matching and Entity Extraction: Identify connections that are hard to spot. Videris uses intelligent automation (IA) to perform the arduous task of extracting named entities and cross-matching results.
- Secure Browsing and Flexible Deployment: The Videris platform reduces the risk of identity breaches by enabling secure, traceless browsing. It can be hosted in the cloud or on a corporate or standalone network.
If you want to see for yourself how Videris can augment your approach to AML investigations and help you produce better outcomes, book a demo with one of our experts today.