Challenged by a rise in financial-crime compliance requirements, banks are boosting head count, automating and collaborating with regulators and third-party providers.
Traditionally cautious in adopting new technologies, banks have struggled to respond effectively to requirements for financial-crime compliance (FCC). As of 2011, according to a report by the UN Office on Drugs and Crime, less than 1% of criminal funds were detected and seized by law enforcement—and the level of fines continues to grow.
Spurred by this dismal performance and the accompanying reputational and financial damage, forward-thinking banks are looking to build compliance “ecosystems”: collaborative communities that include not only third-party service providers, but law enforcement and regulators. Some systems can already pull in all data relevant to a client and assess the financial-crime risk in a way that is explainable to regulators.
“We are exploring automation, [specifically] in the areas of artificial intelligence [AI] and robotics, to bring greater resilience to our FCC program,” says Jodie Arthur, head of financial-crime compliance, Asean and South Asia, for Standard Chartered. “One of the vendors we are working with utilizes AI to reduce screening false positive alerts, enabling our analysts to really focus on risk. In another initiative, we are combining AI with human expertise to enhance our network analysis capabilities, enabling our investigators to identify major threats and trends.”
In Singapore, a hub of fintech innovation, RisikoTek has pulled together industry financial-crimes experts along with risk management and technology gurus to build a comprehensive risk-assessment and intelligence platform. This can take in multiple structured and unstructured data sources and analyze them against AI logic based on complex money-laundering techniques and risk factors.
“Crucially, this [analysis] combines to tell you what, in a sea of data, is material to the financial-crimes risk of a client,” says Richard Carrick, regional director of Financial Crime Assurance at Barclays in Singapore. “It can also be run against a bank’s entire customer population to detect potential criminal activity, or used in enhanced due diligence investigations to look for patterns across multiple sources.”
Arthur, Standard Chartered: We are exploring AI and robotics to bring greater resilience to FCC.
Many now argue that ecosystems with multiple niche-service providers are an effective way to tackle the complex, cross-border nature of financial crime, terrorist financing and sanctions evasion. Public-private partnerships consisting of banks, regulators, financial intelligence units and law enforcement can use technology to uncover the complex networks, payments and suspicious activity patterns commonly used by professional financial criminals.
The task itself is enormous. “Banks now spend 4% of turnover annually—a staggering $1.45 trillion—trying to fight the issue,” says James Mirfin, global head of digital identity and financial crime at Refinitiv, a provider of financial market data and infrastructure active in 190 countries.
Refinitiv’s 2019 report Innovation and the Fight Against Financial Crime reveals that almost three-quarters (72%) of organizations surveyed were aware they had been victims of financial crime over the prior 12 months. Refinitiv cites a lax approach to due diligence checks when onboarding new customers, suppliers and partners as “creating an environment in which criminal activity can flourish.”
Banks have responded by increasing budgets and head count, but thus far without getting results, says Carrick. “They continue to hire more staff whilst implementing some tactical process and systems upgrades,” he says. “Some are looking into proofs-of-concept of AI data analytics in an attempt to add efficiency to existing systems. But, given the slow rate of global adoption in major banks, it could be at least two years before we see the current generation of solutions demonstrating real improvements.”
New hires, meanwhile, are mostly dedicated to filing reports “explaining to the regulator why 95% of alerts are false positives,” Carrick adds. “In a nutshell, the money is spent on new hires explaining why the current system is not working, not on effective prevention.”
Close observers say banks are averse to changing processes that regulators have already deemed acceptable. Changes to banking structures are typically subject to lengthy approval routines and can encounter political resistance from stakeholders whose control or authority is threatened.
“There are also signoff hurdles when a budget is sought for long-term benefits that conflict with the quarterly performance expected by shareholders,” notes Carrick.
Some observers argue that banks need to be more open to disruption to keep up with the rising tide of financial crime. Those that can do so may get a leg up on the competition as well. “The first banks to demonstrably cut costs with advanced technology whilst actually increasing financial-crime detection rates and mitigating financial-crime risk will enjoy a huge first-mover advantage,” Carrick argues.
“Just imagine the gold mine that awaits the tech-savvy bank which can demonstrate to regulators the ability to have a higher level of oversight while at the same time reducing compliance costs to the point that now-excluded customers again become profitable,” says Alan Morley, an an international anti-financial crime specialist with Oliver Wyman. “A good analogy is a fountain full of coins protected by a security guard. As soon as the guard says it’s OK to take what you like, many will jump in and start collecting. The first people there get the most.”
Breaking down internal silos will be crucial to achieving these advantages. Entirely separate departments may focus on AML (screening, monitoring and advisory), sanctions (customer and payments screening), anti-bribery, fraud, cybercrime, risk assessment and client onboarding. Key data sits across many departments that are not aligned, and that data may be fragmented and manually updated.
Carrick sees effective data consolidation using outside help as key. “What if all of these departments were combined into one?” he says. “They all require data to make a decision and provide a result. What if their combined data—internal customer and transaction data—was then enhanced with third-party inputs?”
The Holy Grail would be to put all of this into a single AI-enabled analytics system that could identify all the financial-crime risks associated with a given customer and his or her network in relation to known risk factors and criminal networks.
“In theory, these data could then be scored to provide a detailed money-laundering risk rating beyond the usual high, medium or low ratings based on less than 20 factors,” says Carrick. “This could lead to major cost savings and provide a compelling rationale to regulators for taking on previously excluded customers.”
Embracing ecosystems may be one way to get there. Ecosystems may also show banks the way to hold off the threat from fintechs, which have already made inroads in retail payments.
Chinese tech companies such as Tencent and Ant Financial have removed the need for inefficient credit card networks and are poised to expand their services globally. Major tech companies with enormous balance sheets such as Amazon, Apple, Microsoft and Facebook are eyeing the financial sector. Crucially, these powerful brands are often more trusted by many millennials than traditional banks.
If they are to survive these threats, legacy banks need to move fast to reduce their compliance costs, implement efficient technology, improve the customer experience and respond faster to market conditions. It is already possible with today’s technology to speed up customer onboarding to days rather than weeks, and at a drastically decreased cost.
“There is much to be gained by banks, regulators and ecosystem providers like Refinitiv working together,” Mirfin says.
Not every institution has got the message. While some banks are responding to FCC challenges and the need for innovative ecosystems by acquiring fintechs and learning from them, “others seem quite content to avoid the issue—dinosaurs walking toward the cliff [of extinction],” Carrick warns. “They may realize that they are about to be extinct only when they file for bankruptcy—or are taken over by a young geek in a T-shirt.”