Why Banks Must Join Forces in the AML Fight
- Joost van Houten, CEO at Sentinels
- 24.03.2022 02:15 pm #API #AML
API-based transaction data sharing is a giant step forward on the road to stamping out money laundering in our financial systems, says Joost van Houten, CEO of Sentinels
The advent of artificial intelligence (AI) and machine learning (ML) in financial services is pushing the eternal battle against money laundering into a new phase.
For some time, in a bid to curb the amount of illicit finance passing through their systems and to comply with ever-tightening regulations, financial institutions have been throwing money at anti-money laundering (AML) practices. In 2020, a report by LexisNexis estimated that annual worldwide spending on AML compliance exceeds $180bn a year.[1]
It isn’t working. Despite widespread investment by financial institutions in both compliance staff and alerts-based monitoring technology, the United Nations estimates that between 2% and 5% of global GDP, or $800bn-2tn, continues to be laundered every year.[2] In the EU, transactions involving ‘dirty money’ account for about 1.5% of gross domestic product, or €133 billion annually.[3]
Why aren’t financial institutions making a dent? It’s partly a numbers game. The dramatic increase in transaction volumes bears some responsibility, as consumers increasingly favor cards and other e-payment types over cash. In parallel, though, it’s also true to say that compliance officers and transaction analysts simply need more help. They need better monitoring tools and access to more transaction data before they can improve on their identification and elimination of criminal activity.
Legacy transaction monitoring systems are no longer up to the task. Inaccurate identification is allowing fraud to slip through the cracks. Many systems are also generating an unmanageable number of false-positives alerts, tying compliance officers in knots as their investigations routinely come to nothing. Thankfully next-gen AI and ML-driven transaction monitoring systems are addressing both of these issues.
But there’s a bigger, more pernicious problem: Money launderers use more than one bank.
Banks aren’t working together on AML and criminals know
Banks monitoring their own transactions is never going to be enough. Dirty money is almost never washed through a single entity or via one financial institution. Money is placed, layered and integrated across an elaborate spiderweb of entities in order to obfuscate its origins and frustrate its supervision. And, for the most part, it works. Accurate estimates are hard to come by (by definition) but it’s broadly acknowledged that just 1% of dirty money gets seized.
A financial institution’s ability to spot individual instances of money laundering, therefore, can’t solve the problem. Not least because it is almost impossible to uncover a money trail or laundering network from a single transaction. Typically, transaction monitoring practices only cover one small subsection of a much larger, intricate money flow weaving its way through a network of banks and regulatory jurisdictions.
Banks must ‘combine and conquer’ to extend their AML capabilities
Historically, banks have mostly fought the AML battle alone due to commercial and competitive tensions, the lengthy process of setting up public-private partnerships (PPPs), and to comply with the mandates imposed by data privacy regulations, like GDPR. To do so, they have relied either on software built internally to monitor payments and transfers or have worked with a third-party supplier for their transaction monitoring. Thanks to data privacy laws, even when external software is used by multiple institutions, there has been little potential for compliance officers to work in concert with one another.
But consider this: what if a third-party provider, in addition to supporting PSPs and banks with their transactions, also enabled them to perform network analysis across multiple financial institutions without violating compliance mandates? Extending this thought, imagine the crime fighting potential of an approach that combined ML algorithms with open banking APIs to aggregate and analyze transaction data from thousands of banks. Think of the visibility that could be generated (potentially uncovering entire criminal networks) and the amount of financial crime that could be halted in its tracks, in real-time, as a result.
Key factors enabling cross-institutional AML cooperation
Taking a cross-institutional approach to transaction monitoring and risk profiling goes against almost most banks’ instincts. It is also difficult to achieve technologically. Then, there are regulatory hurdles to clear. To counter this and ensure trust across the network, security and data sharing guidelines must be negotiated and agreed upon ahead of the cooperation. Then protocols of communication and feedback mechanisms can be put in place to alert participating banks to potential criminal activity.
Importantly, ownership and control of the platforms used to share the data should still belong to the individual banks. Suspicious data will still need to be encrypted, anonymized or AI-synthesized before it can be shared in the network and, most likely, each bank will subsequently be able to act based only on the grounds of its own data, not in response to a broader investigation.
Crucially, such mutual transaction monitoring efforts must never be seen as a substitute for a bank’s internal fraud monitoring. They should be complementary and used to bolster a financial institution’s risk management, based on the analysis of multiple investigators and detection models instead of just their own.
Data is the key to collaboration in AML monitoring
Data is the answer, but it’s also the problem. Most financial institutions will have a mix of datasets and transaction monitoring systems already in place. These will be difficult to harmonize and share, so that insights can be drawn across them. They will also vary considerably from bank to bank.
After launching in 2018, Sentinels has partnered with several payments providers, such as Mollie, PPRO, TerraPay and PAYSTRAX, to help them unlock data silos and enable cross-institutional transaction monitoring to happen now, working within the boundaries of regulators’ varying compliance requirements. The result is a more quantified, holistic and continuously up-to-date view on all aspects of risk for all individual entities and processed transactions.
Should other institutions adopt a similarly collaborative approach, it will significantly increase the business value of their transaction risk investigators and, finally, enable a coordinated – and substantially more powerful – response to the money laundering menace.