The UN now estimates that between 2 and 5% of global GDP is laundered annually (around $2 trillion US dollars). The impact of money laundering is pervasive, and it has consequences beyond those immediately involved, including numerous hidden victims of financial crime.
It is clear that AML risk management is still as important as ever. Criminals are becoming more sophisticated every year and regulatory bodies are introducing stricter standards in response.
To keep up, FIs must be prepared to use all methods available to them to combat money laundering. Most importantly, this includes using the right technology, but with so many different types out there, what is the best AML software to adopt for each purpose?
In this article, we are going to examine the different types of technology that are currently available to AFC professionals carrying out investigations and handling AML risk management on a daily basis.
Suggested reading: You can read more about best practices in AML investigations in our free OSINT Handbook.
The ‘know your customer’ (KYC) process was introduced in the 1990s to combat digital money laundering, and since then has become mandatory in most jurisdictions. Since 2008, billions of pounds worth of fines have been issued to financial institutions that fail to meet regulatory standards regarding KYC and customer due diligence (CDD).
KYC and CDD were once ruled by human-led, manual checks to determine the legitimacy of documents. Today, however, these programs are heavily automated, using a combination of AI, assisted ID and document checks, and ongoing risk assessments to detect changes in a customer’s actions. Developments such as face-match biometric scanning are helping to decrease the strain placed on human teams and assist legitimate customers in rapid product onboarding.
Most modern software platforms can integrate data from two critical sources to enrich the customer view and help triage risky entities:
Three examples of KYC/CDD software that handle basoc processes, initial background checks, transactions, and behavioural and network monitoring are:
There are four primary reasons CDD software is crucial in AML investigations:
The role of software is to ensure this can be done faster, reducing the need for time-consuming manual research.
However, these AML software solutions do have limitations. PEP and sanctions lists can be inaccurate, and confirming if a sanctioned person is the same individual as a client is difficult. It is also crucial to understand that CDD evolves alongside a customer’s relationship with an organisation. Some KYC and CDD solutions do not take this evolution into account and have to have their screening parameters manually adjusted.
Transaction monitoring is a crucial component of any robust AML risk cycle. The volume of global transactions made each day is ever-rising, with many of the older linear rules used to assess risk now largely redundant.
Transactions can now be monitored with an array of traditional threshold and machine-learning modelled rules, that can monitor everything from suspicious spending to the circulation of funds and transfers to and from entities.
TM software aims to highlight possible suspicious behaviour to analysts so that criminal activity can be identified and prevented. However, despite the availability of modern TM software, there are still inherent challenges that organisations and businesses face.
There are three primary stages in a transaction monitoring software’s process:
It is worth noting that with legacy systems customers are segmented using very basic parameters, such as ‘risk rating’ or ‘line of business’. Modern approaches go further with ‘microsegmentation,’ which helps to better determine where a customer falls within an organisation’s risk appetite.
An old segmentation system might classify customers by date of birth, determining that, for example, an individual under 25 presents a higher risk in some scenarios. Microsegmentation looks at a customer’s demographic and then associates it with specific products. For example, someone under 25 might be expected to have a student loan but is perhaps less likely to have a mortgage. However, this segmentation relies on high-quality data, which can be very difficult for large organisations to maintain.
There are many solutions available for organisations looking to implement some form of transaction monitoring software, three examples of which include:
The scale, speed, and size of the modern global transaction network necessitates the use of automated platforms. Human-led investigations of every potentially risky transaction aren’t possible, and automated systems reduce repetitive TM tasks, enabling human teams to be directed to high-priority cases.
Unfortunately, solutions that generate a high volume of false positives are still being deployed. Organisations are utilising fixed rules that flag any transaction above a certain threshold, increasing pressure on investigative teams, which can ultimately lead to major oversights and time wasted.
Modern AML software that integrates effectively with case management, transaction monitoring and CDD systems makes the alert triage process more efficient, reducing the workload related to false positives and ensuring comprehensive AML compliance. Solutions like Videris enhance existing technology investments by making the alert triage process more accurate with automated risk scoring, and screening against live internet data and curated data sets, helping identify the true positives.
Case management requires closed-loop protocols that maintain the security and accountability of teams that deal with potentially sensitive or even incriminating information. Robust case management revolves around the induction of high-quality data to inform investigations and provide teams with the context they need to make decisions about risk.
Case management software acts as a secure source for all cases flagged earlier in the investigative lifecycle. At this stage, some level of human intervention is often required, necessitating secure, organised databases of cases and CDD data.
Data analysed during the case management process can also be fed back into risk classification algorithms, allowing institutions to evolve their proactive measures in response to possible vulnerabilities or repeat attempts to exploit automated systems.
Two of the most prominent examples of case management software that organisations are using today are:
The mutable, dynamic nature of financial crimes demands adaptive AML software solutions that can evolve with criminal strategies, and in this context, case management software has become increasingly sophisticated. Teams are now able to drill down into the subtle connections between actors, accounts, and transactions.
Data-rich case investigations enable teams to go beyond superficial detail, building comprehensive reports to file with law enforcement via suspicious activity reports (SARs). Furthermore, case management results can then be fed back into the earlier stages of the AML lifecycle.
Download The OSINT Handbook for free here!
The complexity of modern AML investigations requires institutions to utilise all available resources, including open source data (OSD). This publicly available data includes news sources, social media pages, published PEP and sanctions lists, and other information sourced from the dark, deep and surface webs. When properly processed and examined, OSD can evolve into open source intelligence (OSINT) from which crucial insights can be drawn.
The use of OSD in AML investigations is rapidly becoming more important in some jurisdictions from a regulatory perspective. The FCA’s Financial Crime Guide, for example, directly encourages the use of “open source internet checks to supplement commercially available databases”.
Traditionally, carrying out thorough OSINT investigations requires significant time, resources and expertise. OSINT tools thus aim to make these investigations not only manageable, but accessible to investigations teams in the financial sector under considerable pressure.
The key areas that these solutions focus on are:
OSINT should be considered an essential technique across the AML risk management cycle.
Live internet data often contains insights that cannot be found in the curated datasets or internal data often relied upon by financial institutions. Fusing internal and external data gives a complete view of a client’s risk profile, facilitating a risk-based approach to AML, and failure to use this data can result in failure to identify important risks.
However, the large volumes of OSINT data available online and the disparate nature of online sources can lead financial institutions to discount OSINT as too challenging. Even where FIs are able to use OSINT, data overwhelm can easily lead to insights being missed.
Investing in an OSINT tool transforms an FI’s ability to identify risk using all available data.
OSINT tools operate at the intersection of each stage of the AML risk management cycle, including KYC and CDD, transaction monitoring, and more complex investigations conducted by Level 2 and Level 3 teams or FIUs.
Effective AML risk management requires thoroughness across the board, and OSINT is instrumental in achieving this.
Blackdot has developed Videris: a powerful all-in-one platform that enhances each stage of the AML investigations cycle.
Designed with AFC professionals in mind, Videris can help financial crime investigations professionals implement OSINT best practices and improve the outcomes of AML investigations for FIs and businesses alike.