Regtech Innovation: Looking Beyond AI

OSINT for insider threats

Conversations about innovation in anti-financial crime (AFC) risk management tend to be dominated by Artificial Intelligence. Yet other “innovations” have the potential to substantially impact the AFC landscape. Earlier this month, our Head of Community Charles Brown took part in a panel discussion on this topic as part of the FinCrime World Forum . 

If you missed it, keep reading for some of our key takeaways.

Innovation is more than just technology

An interesting way of viewing innovation in financial crime compliance is to not only think about technology but also novel ways of aligning people, process and policy to address financial crime risk. This approach of course includes careful consideration of the role of technology, but technology is just a part of a wider framework.

The move toward a more “investigator-centric, intelligence-led ” model is one such innovation where banks are borrowing from the world of law enforcement, national security and the military to build financial crime risk management structures.

This approach places expert human operators at the centre of AFC frameworks and seeks to augment their skills, experience and knowledge with novel technologies – such as tools for the exploitation of open source intelligence (OSINT) and social network analytics.

As money launderers, terrorist financiers and organised crime groups become more sophisticated, decisions about whether or not to onboard a client, terminate a relationship, or file a SAR are resulting increasingly from assessments of the available – but often incomplete – risk intelligence, rather than unrevealing client data or simplistic transactional alerts. Financial institutions can no longer expect criminals to provide them with a proverbial “smoking gun” which will make the decision for them. 

This is, of course, familiar territory for national security and law enforcement professionals who are accustomed to operating in highly pressurised environments, where decisions have to be made based on an imperfect intelligence picture. Taking lessons from their approach to risk management and applying them to the AML/CFT environment therefore seems not only reasonable, but desirable.

The need for greater innovation within investigations teams and FIUs

AFC functions dealing with the most sensitive and complex risks have suffered from a lack of investment in innovation, and in particular in relation to tools that enable better exploitation of external data (or open source intelligence). 

Experience suggests that personnel operating within Level 3 investigations, SAR teams and financial intelligence units (FIUs) are generally not utilising sophisticated tools for leveraging external data – eg. corporate records, news media, social media etc – to enhance their understanding of client, transaction and counterparty risk.

These teams typically have to make do with Google or tools that were designed to undertake KYC, CDD and TM activities, and may occasionally have access to more novel data and AI-driven platforms. But these technologies leave potential “intelligence gaps” as they tend to only search across curated, siloed and structured data sets. This “walled garden” approach is useful for catching the most obvious risk in the very early stages of an AML investigation, but has limited applicability for those teams charged with looking in to the most sensitive, complex and high risk cases. 

Adopting the current approach means that AFC teams are often failing to exploit the vast treasure trove of online data, live and in real-time. Further, this approach typically only allows for a relatively small number of pre-configured entity types (person, company, address etc) to be searched and analysed. Organised crime groups will set their offence to an FIs defence –  the more constrained it is, the easier to overcome. 

By working with technology that rapidly and accurately collects and analyses external data, FIs can plug the intelligence gaps created by the limitations of their current AFC investigative toolsets and make more informed decisions about client and counterparty risk. 

In a perfect world…

One “vision for the future” is that FIs develop ecosystems of fully integratable technologies working in an open-box manner where borders no longer exist between internal and external data, and banks are empowered to spend more time pursuing leads generated from within financial intelligence sharing partnerships. In addition, it is hoped that our collective thinking about AML investigations evolves from a fixation on “following the money” (ie. transaction data) to making better use of open source intelligence and “following the digital footprints”. 

In this future AFC professionals are preventing financial crime, rather than merely identifying it after the event. 

Note: This article is based on a panel discussion that took place on Thursday 25 March, at the FinCrime World Forum on the topic Alternative Frontiers in Reg Tech: Going Beyond AI.  A recording of the session can be accessed here.