Best AML Software for Risk Management

According to recent estimates, up to 5% of global GDP is laundered annually. Financial institutions need AML software to help reduce this figure – but with so many types of AML investigation and a wide variety of software available, knowing which tool to use isn’t always straightforward.

In this article, we’ll discuss how to find the right software for your AML team. From traditional approaches to solutions that respond to tightening regulations, read on to learn what’s needed to stay ahead.

Suggested reading: Understand how to integrate OSINT into your AML processes by reading the OSINT Handbook for AFC.

#1 Know Your Customer and Customer Due Diligence 

The Bank of England introduced the first comprehensive Know Your Customer (KYC) guidelines in the 1990s. Since then, many jurisdictions have followed suit and KYC is now a standard practice in banks globally.

What does KYC and CDD software do? 

Traditionally, banks used manual checks to determine customer risk and verify documents.

Today, though, technology makes these processes much more efficient. Developments such as face-match biometric scanning – often AI-enabled – help decrease excessive workload for KYC teams. As a result, banks can also onboard customers more rapidly.

However, it’s not enough for banks to simply verify a person’s identity. They must also get an understanding of potential risk, which is where CDD comes in. Two sources are particularly crucial at this stage:

1. Sanctions lists: Penalties imposed on companies or individuals who break laws, including those relating to money laundering. Both the EU and UN have their own sanctions risks protocol and guidance.
2. PEP lists: Typically someone appointed to a high-profile position by a large-scale international company, public body or state. PEPs present a higher risk for financial crime and therefore often warrant closer monitoring.

It’s important that any AML software used at this screening stage allows access to both of these sources.

Three examples of KYC/CDD software that handle basic processes, initial background checks, transactions, and behavioural and network monitoring are:

• Jumio
• Veriff
• Encompass

KYC and CDD: Role in AML Risk Management

KYC and CDD processes serve four main objectives in AML risk management:

1. To identify whether a client has any specific risk indicators, such as appearing on a PEP or sanctions list.
2. To understand if these potential risks align with an organisation’s risk appetite.
3. To trigger a more in-depth review of a customer depending on their initial risk or activity.
4. To generate data to assess whether customer behaviour is in line with expectations. If it isn’t, teams can then flag it for further examination.

AML software ensures this can be done as efficiently as possible. This gives customers a smoother experience and reduces time-consuming manual workload for internal teams.

It’s important to note that these AML software solutions do have limitations. PEP and Sanctions lists aren’t always accurate, so teams might need to do extra research to accurately determine risk. Software also can’t guarantee that a client is definitely a PEP. Teams must use human judgement to assess whether it’s the same person, or just someone who shares a name.

Additionally, CDD shouldn’t be a one-time process. It should evolve alongside a customer’s relationship with an organisation and some software doesn’t account for this.

#2 Transaction Monitoring

Transaction monitoring is a crucial component of any robust AML risk cycle. It allows banks to draw live insights from customer activity and proactively monitor potential risk.

Historically, banks used rule-based systems to monitor transactions. However, the volume of daily global transactions is ever-rising. This means many of the old linear rules are no longer effective and generate a huge amount of false positives.

Technological advancements such as machine learning are the next step in transaction monitoring. Below, we’ll talk more about what good AML software for transaction monitoring looks like.

What is Transaction Monitoring software?

Transaction monitoring software highlights possible suspicious behaviour, allowing teams to identify and prevent financial crime. Usually, its processes cover three key stages: 

• Data ingestion: First, the software ingests data from the organisation’s payment network. Most providers offer APIs for ingesting data as JSON payloads, but real-time data streams enable organisations to react to transaction threats as quickly as possible. 
• Risk detection: Next, the organisation sets up detection rules to work with the ingested data using ML algorithms.
• Decision-making and investigation: Based on those rules, the software detects potentially suspicious activity. It either acts on this directly or sends the alert to human teams for further investigation.

There are many solutions available for organisations looking to implement transaction monitoring software. Three examples include:

• Jumio Transaction Monitoring
• Unit 21
• Comply Advantage

Transaction Monitoring: Role in AML Risk Management

The scale, speed, and size of the modern global transaction network necessitates the use of automated platforms. Human-led investigations of every potentially risky transaction simply aren’t possible. Automated transaction monitoring systems reduce repetitive tasks and enable human teams to focus only on high-priority cases.

However, many organisations are still using solutions that rely on fixed rules and flag any transaction above a certain threshold. As a result, transaction monitoring teams in these organisations waste time reviewing a high number of false positives.

Beyond implementing AI and automation, these organisations should also consider integrating OSINT into transaction monitoring processes. Using OSINT (Open Source Intelligence), teams can screen customers against live internet data and better identify true positives.

#3 Case Management

Case management is an essential part of any AML strategy. In order to function properly, it requires:

• The induction of high-quality data, giving teams the context they need to make informed decisions about risk.
• Closed-loop protocols that maintain the security and accountability of teams dealing with potentially sensitive information.

What is Case Management software?

Case management software acts as a secure source for all cases flagged earlier in the investigative lifecycle.

Two of the most prominent examples of case management software that organisations are using today are:

• Sprinklr
• Verafin

Case Management: Role in AML Risk Management

Financial crime is evolving – good AML software should be able to adapt alongside it. As such, case management software is becoming increasingly sophisticated.

Teams should focus on software which allows them to access and store as much relevant data as possible. Data-rich investigations allow teams to go beyond superficial detail, build comprehensive SARs and make informed decisions.

It’s important to note that institutions can also leverage the case management process to inform future processes. By feeding case management data back into risk classification algorithms, banks can evolve proactive anti-financial crime measures to respond to changing criminal activity. Therefore, case management software that supports this process allows for stronger AML measures.

#4 Complex Investigations

For cases where potential risk is not easy or quick to assess, teams must undergo a more in-depth investigation.

The aim here is to get a full picture of the risk a client, counterparty or transaction poses. Relying solely on internal data is often simply not enough to enable this. Instead, complex AML investigations must draw upon additional data, including open source information (OSINF). Regulations are beginning to reflect this view, too. The FCA’s Financial Crime Guide directly encourages the use of “open source internet checks to supplement commercially available databases”.  

OSINF refers to any information that is publicly or commercially available. This includes adverse news, publicly available social media, PEP and sanctions lists and live internet data. On its own, this data provides limited insights. However, teams can collect, process and analyse OSINF to produce open source intelligence (OSINT). In the modern AML threat landscape, OSINT provides crucial context when it comes to accurately assessing risk.

Suggested reading: Learn more about integrating OSINT into AML processes with our free handbook.

What is OSINT Software?

Traditionally, OSINT investigations are highly manual and time-consuming. However, specialised OSINT tools streamline these investigations, making them accessible to AML teams in banks.

The key areas that these solutions focus on are:

• Efficiency: OSINT tools automate slow manual tasks, allowing analysts to do more, faster. Additionally, they reduce the risk of human error.
• Accuracy: Good OSINT solutions use context to surface the most relevant results first. This not only saves time, but also increases the accuracy of investigations.
• Network mapping: Many OSINT solutions automatically flag connections and create visual representations of networks such as corporate ownership structures. This ensures that investigators can identify important links and risks within large volumes of data.

OSINT’s Role in AML Risk Management

As money laundering techniques grow more sophisticated, OSINT is an essential technique in the AML risk management cycle. 

Live internet data often contains insights that cannot be found in curated datasets or internal data. Fusing internal and external data gives a complete view of a client’s risk profile, facilitating a risk-based approach to AML. Ultimately, failure to use this data can result in failure to identify important risks. 

However, the large volumes  and disparate nature of OSINF can be a significant barrier to OSINT adoption within AML teams. Even when institutions do use it, they’re likely to miss insights if they’re not equipped with the right technology.

Investing in OSINT software transforms a financial institution’s ability to identify risk using all available data. 

The future of AML Software

Effective AML risk management requires thoroughness across the board. Increasingly, OSINT is instrumental in achieving this – and it may even become a requirement in future AML packages. For banks, investing in OSINT now means future-proofing AML processes and demonstrating a commitment to stopping financial crime.

However, effective OSINT adoption requires the right AML software. Videris is designed with AML teams in mind, enabling them to leverage OSINT within tight timeframes. Its features include:

• Everything you need, in one place. Videris draws together key data sources and includes tools to help search, visualise and analyse OSINF. This makes using OSINT easier, faster and less prone to human error.
• Automation and AI. Designed alongside investigative workflows, Videris streamlines operations by automating manual workloads whilst leaving the investigator in full control.
• Integration with other systems. With the ability to push and pull data from other systems, Videris integrates seamlessly with current processes.

Want to learn more about how Videris could benefit your organisation? Get in touch today