Best AML Software for Risk Management

By Stuart Clarke

Women conducting investigation on their laptop

    Get the latest news and insights sent straight to your inbox

    The UN now estimates that between 2 and 5% of global GDP is laundered annually (around $2 trillion US dollars). The impact of money laundering is pervasive, and it has consequences beyond those immediately involved, including numerous hidden victims of financial crime

    It is clear that AML risk management is still as important as ever. Criminals are becoming more sophisticated every year and regulatory bodies are introducing stricter standards in response.

    To keep up, FIs must be prepared to use all methods available to them to combat money laundering. Most importantly, this includes using the right technology, but with so many different types out there, what is the best AML software to adopt for each purpose?

    In this article, we are going to examine the different types of technology that are currently available to AFC professionals carrying out investigations and handling AML risk management on a daily basis. 

    Suggested reading: You can read more about best practices in AML investigations in our free OSINT Handbook.

    #1 Know your customer and customer due diligence 

    The ‘know your customer’ (KYC) process was introduced in the 1990s to combat digital money laundering, and since then has become mandatory in most jurisdictions. Since 2008, billions of pounds worth of fines have been issued to financial institutions that fail to meet regulatory standards regarding KYC and customer due diligence (CDD).

    What does KYC and CDD software do? 

    KYC and CDD were once ruled by human-led, manual checks to determine the legitimacy of documents. Today, however, these programs are heavily automated, using a combination of AI, assisted ID and document checks, and ongoing risk assessments to detect changes in a customer’s actions. Developments such as face-match biometric scanning are helping to decrease the strain placed on human teams and assist legitimate customers in rapid product onboarding. 

    Most modern software platforms can integrate data from two critical sources to enrich the customer view and help triage risky entities:

    1. Sanctions lists: Penalties or fines imposed on companies or individuals who break domestic or international financial or money-laundering laws. Both the EU and UN have their own sanctions risks protocol and guidance.
    2. PEP lists: Typically someone appointed to a high-profile position by a large-scale international company, public body or state. PEPs present a higher risk for financial crime and therefore often warrant closer monitoring.

    Three examples of KYC/CDD software that handle basoc processes, initial background checks, transactions, and behavioural and network monitoring are:

    Role in AML Risk Management

    There are four primary reasons CDD software is crucial in AML investigations:

    1. To help identify whether a client has any specific risk indicators, such as being a PEP or on a sanctions list.
    2. To understand if these potential risks align with an organisation’s risk appetite.
    3. To trigger a more in-depth review of a customer depending on their activity. For example, high volumes of overseas activity when a customer is still new could mean that their activities need to be examined in more detail.
    4. To generate data to assess whether customer behaviour is in line with expectations, or whether it might merit further examination.

    The role of software is to ensure this can be done faster, reducing the need for time-consuming manual research.

    However, these AML software solutions do have limitations. PEP and sanctions lists can be inaccurate, and confirming if a sanctioned person is the same individual as a client is difficult. It is also crucial to understand that CDD evolves alongside a customer’s relationship with an organisation. Some KYC and CDD solutions do not take this evolution into account and have to have their screening parameters manually adjusted.

    New call-to-action

    #2 Transaction Monitoring

    Transaction monitoring is a crucial component of any robust AML risk cycle. The volume of global transactions made each day is ever-rising, with many of the older linear rules used to assess risk now largely redundant. 

    Transactions can now be monitored with an array of traditional threshold and machine-learning modelled rules, that can monitor everything from suspicious spending to the circulation of funds and transfers to and from entities. 

    What is Transaction Monitoring software?

    TM software aims to highlight possible suspicious behaviour to analysts so that criminal activity can be identified and prevented. However, despite the availability of modern TM software, there are still inherent challenges that organisations and businesses face.

    There are three primary stages in a transaction monitoring software’s process: 

    • Data ingestion: First, data is ingested from the organisation’s payment network. Most providers typically offer APIs for ingesting data as JSON payloads, but real-time data streams enable organisations to react to transaction threats as quickly as possible. 
    • Risk detection: Next, detection rules are set up and fine-tuned to work with the ingested data using ML algorithms.
    • Decision-making and investigation: The software detects suspicious activity based on those rules and either acts on them directly or sends the alert to human teams for further investigation.

    It is worth noting that with legacy systems customers are segmented using very basic parameters, such as ‘risk rating’ or ‘line of business’. Modern approaches go further with ‘microsegmentation,’ which helps to better determine where a customer falls within an organisation’s risk appetite.

    An old segmentation system might classify customers by date of birth, determining that, for example, an individual under 25 presents a higher risk in some scenarios. Microsegmentation looks at a customer’s demographic and then associates it with specific products. For example, someone under 25 might be expected to have a student loan but is perhaps less likely to have a mortgage. However, this segmentation relies on high-quality data, which can be very difficult for large organisations to maintain.

    There are many solutions available for organisations looking to implement some form of transaction monitoring software, three examples of which include:

    Role in AML Risk Management

    The scale, speed, and size of the modern global transaction network necessitates the use of automated platforms. Human-led investigations of every potentially risky transaction aren’t possible, and automated systems reduce repetitive TM tasks, enabling human teams to be directed to high-priority cases.

    Unfortunately, solutions that generate a high volume of false positives are still being deployed. Organisations are utilising fixed rules that flag any transaction above a certain threshold, increasing pressure on investigative teams, which can ultimately lead to major oversights and time wasted.

    Modern AML software that integrates effectively with case management, transaction monitoring and CDD systems makes the alert triage process more efficient, reducing the workload related to false positives and ensuring comprehensive AML compliance. Solutions like Videris enhance existing technology investments by making the alert triage process more accurate with automated risk scoring, and screening against live internet data and curated data sets, helping identify the true positives.

    #3 Case Management

    Case management requires closed-loop protocols that maintain the security and accountability of teams that deal with potentially sensitive or even incriminating information. Robust case management revolves around the induction of high-quality data to inform investigations and provide teams with the context they need to make decisions about risk.

    What is Case Management software?

    Case management software acts as a secure source for all cases flagged earlier in the investigative lifecycle. At this stage, some level of human intervention is often required, necessitating secure, organised databases of cases and CDD data.

    Data analysed during the case management process can also be fed back into risk classification algorithms, allowing institutions to evolve their proactive measures in response to possible vulnerabilities or repeat attempts to exploit automated systems. 

    Two of the most prominent examples of case management software that organisations are using today are:

    Role in AML Risk Management

    The mutable, dynamic nature of financial crimes demands adaptive AML software solutions that can evolve with criminal strategies, and in this context, case management software has become increasingly sophisticated. Teams are now able to drill down into the subtle connections between actors, accounts, and transactions. 

    Data-rich case investigations enable teams to go beyond superficial detail, building comprehensive reports to file with law enforcement via suspicious activity reports (SARs). Furthermore, case management results can then be fed back into the earlier stages of the AML lifecycle.

    Looking for the ultimate guide to OSINT investigations and effective OSINT tools?

    Download The OSINT Handbook for free here!

    #4 Open source intelligence solutions

    The complexity of modern AML investigations requires institutions to utilise all available resources, including open source data (OSD). This publicly available data includes news sources, social media pages, published PEP and sanctions lists, and other information sourced from the dark, deep and surface webs. When properly processed and examined, OSD can evolve into open source intelligence (OSINT) from which crucial insights can be drawn.

    The use of OSD in AML investigations is rapidly becoming more important in some jurisdictions from a regulatory perspective. The FCA’s Financial Crime Guide, for example, directly encourages the use of “open source internet checks to supplement commercially available databases”.  

    What do OSINT tools do?

    Traditionally, carrying out thorough OSINT investigations requires significant time, resources and expertise. OSINT tools thus aim to make these investigations not only manageable, but accessible to investigations teams in the financial sector under considerable pressure.

    The key areas that these solutions focus on are:

    • Efficiency: OSINT tools can automate slow manual tasks so that analysts can do more, faster, and with less chance of human error.
    • Accuracy: Only the most relevant content for an investigation is examined by OSINT solutions so that investigators can identify risks, and make more informed decisions.
    • Network mapping: Many OSINT solutions automatically flag connections and create visual representations of networks such as corporate ownership structures or social networks. This ensures that investigators can identify important links and risks from within large volumes of data.

    Role in AML Risk Management

    OSINT should be considered an essential technique across the AML risk management cycle. 

    Live internet data often contains insights that cannot be found in the curated datasets or internal data often relied upon by financial institutions. Fusing internal and external data gives a complete view of a client’s risk profile, facilitating a risk-based approach to AML, and failure to use this data can result in failure to identify important risks. 

    However, the large volumes of OSINT data available online and the disparate nature of online sources can lead financial institutions to discount OSINT as too challenging. Even where FIs are able to use OSINT, data overwhelm can easily lead to insights being missed. 

    Investing in an OSINT tool transforms an FI’s ability to identify risk using all available data. 

    OSINT tools operate at the intersection of each stage of the AML risk management cycle, including KYC and CDD, transaction monitoring, and more complex investigations conducted by Level 2 and Level 3 teams or FIUs.

    OSINT: The future of AML risk management

    Effective AML risk management requires thoroughness across the board, and OSINT is instrumental in achieving this.

    Blackdot has developed Videris: a powerful all-in-one platform that enhances each stage of the AML investigations cycle.

    • KYC and CDD: Videris screens against adverse media, including live internet content, to rapidly identify the risk associated with an entity. Collect, analyse and visualise data from corporate records, leaks databases, publicly available social media, dark web and the live internet for enhanced checks on escalated cases.
    • Transaction monitoring: Triage suspicious activity more effectively with the added context of OSD. Videris automates searching and risk scoring across adverse news and live internet for flagged entities, helping identify and prioritise false positives. 
    • Case management: Cases can be escalated for further investigation by second line investigators, avoiding duplication of work and streamlining activity. Generate powerful visualisations of corporate ownership structures and social networks to identify and understand risk. 

    Designed with AFC professionals in mind, Videris can help financial crime investigations professionals implement OSINT best practices and improve the outcomes of AML investigations for FIs and businesses alike.

    New call-to-action

    More insights