Best Types of AML Software in 2023

By Stuart Clarke

Women conducting investigation on their laptop

    Get the latest news and insights sent straight to your inbox

    Despite government and law enforcement efforts, fraud and money laundering activities are increasing. The UN now estimates that between 2 and 5% of global GDP is laundered annually — around $2 trillion US dollars. The impact of money laundering is pervasive, and it has consequences beyond those immediately involved — including numerous hidden victims of financial crime

    As a result, money laundering has become a priority for regulators and governments. For example, the UK Government has increased the Levy on the anti-money laundering (AML) regulated sector to raise £100 million to fund AML and financial crime reforms.

    That’s why banks’ understanding and investing in AML software is more important than ever. The alternative is allowing financial crimes to go undetected and face the risk of significant penalties. 

    In this article, we’re going to examine the most comprehensive types of software currently available to organisations carrying out AML investigations. 

    Additional reading: You can read more about best practices in AML investigations in our free eBook — The OSINT Handbook

    #1 Know your customer/Customer due diligence 

    Know your customer (KYC) is a component of customer due diligence (CDD) processes, and focuses on verifying a customer’s identity. Checks should be carried out during onboarding, and at a minimum involve collecting photographic ID, proof of date of birth and proof of address.

    The KYC process was introduced in the 1990s to combat digital money laundering, and has become mandatory in most jurisdictions. Since 2008, billions of pounds  worth of fines have been issued to financial institutions that fail to meet regulatory standards regarding KYC and CDD.

    What is Customer Due Diligence software? 

    KYC and CDD were once ruled by human-led, manual checks to determine the legitimacy of documents. Today, CDD is heavily automated, using a combination of artificial intelligence (AI), assisted ID and document checks alongside ongoing risk assessments to detect changes in a customer’s actions. Developments such as face-match biometric scanning are helping to decrease the strain placed on human teams and assist legitimate customers in rapid product onboarding. 

    Most modern CDD software platforms can integrate data from two critical sources that enrich the customer view and help prioritise risky clients for further investigation. These are:

    1. Sanctions lists: Penalties or fines imposed on companies or individuals who break domestic or international financial or money-laundering laws. Both the EU and UN have their own sanctions risks protocol and guidance. 
    2. Politically exposed person lists: Typically someone appointed to a high-profile position by a large-scale international company, public body or state. Politically exposed persons (PEPs) present a higher risk for financial crime and, as a result, often warrant closer monitoring.

    Three examples of CDD software that handle the basic KYC process through from initial background checks to transaction, behavioural and network monitoring are:

    Role in AML Risk Management

    There are four primary reasons CDD software is crucial within anti-money laundering investigations:

    1. To help identify whether a client has any specific risk indicators, for example, being a PEP or on a sanctions list.
    2. To understand if these potential risks align with an organisation’s risk appetite.
    3. To trigger a more in-depth review of a customer depending on their activity. For example, high volumes of overseas activity when a customer is still new could mean that their activities need to be examined in more detail.
    4. To generate data to assess whether customer behaviour is in line with expectations, or whether it might merit further examination.

    The role of software is to ensure this can be done faster, reducing the need for time-consuming manual research. However, software has its limitations. PEP and sanctions lists can be inaccurate, and confirming if a sanctioned person is the same individual as a client is difficult. It’s also crucial to understand that the CDD evolves alongside a customer’s relationship with an organisation. For example, additional CDD checks may be required following continual monitoring.

    New call-to-action

    #2 Transaction Monitoring

    Transaction Monitoring (TM) is a crucial component of any robust AML cycle. The volume of global transactions made each day is ever-rising, with many of the older linear rules used to assess risk now largely redundant. 

    Transactions can now be monitored with an array of traditional threshold and machine learning (ML) modelled rules, monitoring everything from suspicious spend to the circulation of funds and transfers to and from high-risk individuals, companies or jurisdictions. 

    What is Transaction Monitoring software?

    TM software aims to prevent fraudulent payments and refer suspicious customer behaviour to human teams for further investigation. However, despite the availability of modern TM software, some 50% of businesses still rely on manual transaction and fraud reviews.

    There are three primary stages within transaction monitoring: 

    • Data ingestion: First, data must be ingested from the organisation’s payment network. Most providers typically offer APIs for ingesting data as JSON payloads, but real-time data streams enable organisations to react to transaction threats as quickly as possible. 
    • Risk detection: Applying preset threshold rules, which can be fine-tuned to work with ingested data using ML algorithms.
    • Decision-making and investigation: Risks flagged by the software will be either actioned automatically or sent to human teams for further investigation.

    It’s worth noting that, with legacy systems, customers are segmented using very basic parameters like risk rating or line of business. Modern approaches go further with ‘microsegmentation,’ which helps to better determine where a customer falls within an organisations risk appetite.

    An old segmentation system might classify customers by date of birth, determining that, for example, under 25 presents a higher risk in some scenarios. Microsegmentation looks at customer life-stages and associates this to products. For example, someone under 25 might be expected to have a student loan, but is perhaps less likely to have a mortgage. However, this segmentation relies on high-quality data, which is difficult for large organisations to maintain.

    There are a host of solutions available for organisations looking to implement some form of transaction monitoring software, three examples of which include:

    Role in AML Risk Management

    The scale, speed and size of the modern global transaction network necessitates the use of automated platforms. Human-led investigations of every potentially risky transaction aren’t feasible, and automated systems reduce repetitive TM tasks, enabling human teams to be directed to high priority cases. 

    Unfortunately, outdated technology that generates a high volume of false positives is still being deployed. Organisations are utilising fixed rules that flag any transaction above a certain threshold, increasing pressure on investigative teams, which can ultimately lead to major oversights.

    Modern AML software makes the risk triage process more efficient, reducing the workload related to false positives and ensuring comprehensive AML compliance. It’s also essential that modern systems are in sync with CCD and core banking systems. This was illustrated in the recent NatWest AML case: huge cash transactions were categorised as cheques due to the lack of effective calibration with the transaction monitoring system.

    #3 Case Management

    Suspicious activity must be reviewed comprehensively to allow institutions to evolve their awareness of existing and developing risks. Case management requires closed-loop protocols that maintain the security and accountability of teams that deal with potentially sensitive or even incriminating information. Robust case management revolves around the induction of high-quality data to inform investigations and provide teams with the context they need to make decisions.

    What is Case Management software?

    Case management software acts as a secure source for all cases flagged earlier in the investigative lifecycle. At this stage, some level of human intervention is often required, necessitating secure, organised databases of cases, together with relevant data collected during ongoing CDD. 

    Data analysed during the case management process can also be fed back into risk classification algorithms, allowing institutions to evolve their proactive measures in response to possible vulnerabilities or repeat attempts to exploit automated systems. 

    Two of the most prominent examples of case management software that organisations are using today are:

    Role in AML Risk Management

    The mutable, dynamic nature of financial crimes demands adaptive solutions that can evolve with criminal strategies, and in this context, case management software has become increasingly sophisticated. Teams are now able to drill down into the subtle connections between actors, accounts, and transactions. 

    Data-rich case investigations enable teams to go beyond superficial detail, building comprehensive reports to file with law enforcement via Suspicious Activity Reports (SARs). Furthermore, case management results can and should be fed back into the earlier stages of the AML lifecycle. 

    Looking for the ultimate guide to OSINT investigations and effective OSINT tools?

    Download The OSINT Handbook for free here!

    #4 OSINT tools

    The complexity of modern AML investigations requires institutions to utilise all available resources. This includes open-source data (OSD), which can then be processed and analysed to produce open-source intelligence (OSINT). Investigators can deploy an array of OSINT tools in their AML investigations, allowing them to gather and utilise freely available information from a variety of OSINT sources, including the dark web, deep web and surface web.

    The use of OSD in AML investigations is now mandatory in some jurisdictions. Back in 2018, the European Banking Authority stated that financial institutions should now “carry out open source or adverse media searches” as part of their customer due diligence processes.

    What are OSINT tools?

    OSINT is a structured, intelligence-led approach to extracting information from OSD. It allows analysts and researchers to extend their searches into everything from corporate records, company filings and grey literature, to social media and data hosted on dark web domains. By navigating disparate data elements, OSINT can illuminate a subject’s connections with networks, organisations, and sanctioned businesses. 

    In response to growing interest in OSD, at Blackdot, we developed Videris, a powerful all-in-one tool that allows investigators to conduct robust and comprehensive AML investigations. Carrying out thorough OSINT investigations is far from simple, as the desired outcomes often require significant time, resources and expertise. We believe that for banks and the financial services industry, technology is the answer. 

    Videris makes it possible to carry out rapid investigative due diligence that goes beyond sanctions and PEP watchlists, providing investigators with a variety of additional benefits, including:

    • Speed: Automate slow manual tasks, enabling analysts to do more, faster, radically increasing productivity.
    • Accuracy: Videris helps to identify relevant content, enabling active identification of risk, rather than simple box-ticking.
    • Transparency: Complete sourcing, logging, auditability and standardised reporting mean that decisions can be easily explained.
    • Network mapping: Generate visual representations of structures, such as corporate or social networks (powered by ShadowDragon©) to save time and make it easier to glean insights.

    Role in AML Risk Management

    Videris operates at the intersection of each stage of the AML investigatory cycle. In KYC and CDD, high-risk customers may require in-depth background checks that uncover information pertaining to their networks. Establishing this information early in the AML cycle is essential, and will assist in any future investigations led internally or conducted by Financial Investigation Units (FIUs) following the filing of SARs.

    With regards to transaction monitoring, alerts can often be resolved through quick, human-led checks, or by teams with access to additional resources and databases. However, in instances where basic checks are unable to reveal enough information to resolve an alert, OSINT can be the solution. With Videris, analysts can access information and data that helps them gain a deep understanding of customers and counterparties in a transaction. Videris can also be integrated with case management tools, providing rich data that can be stored and used in future investigations. 

    Designed to enable successful financial crime investigations, Videris can help implement open source investigation best practices and improve the outcomes of AML investigations. Book a demo with us today and find out more.

    New call-to-action

    More insights