Traditional controls catch less than one percent of the trillions laundered each year. Fortunately, banks now have access to new tools to increase detection, protect their reputations and avoid costly fines, writes Julien Loisy.
Regulators are handing down increasingly hefty fines to banks caught up in money laundering to prod them into taking more vigorous action against the estimated $1trn to $2trn that criminals process each year, according to the UN. Fines levied in January and February alone range from $6m to $369m – the latter big enough to hit the bottom line.
Today, 99 percent of all money laundering goes unseized, according to Europol. This is partly down to the tenacity and ingenuity of criminals. Up to now, banks have relied on Pattern Based Intelligence (PBI) – a rules based system that seeks to classify normal patterns of behavior for groups of similar individuals or companies, in the hope of spotting abnormal behavior when it occurs.
This method is fine as far as it goes, but is a fairly blunt instrument. It doesn’t include outliers, for example, which means only a small fraction of the criminal behavior is spotted. The system also generates a lot of false positives – bone fide transactions that are flagged as suspicious – which renders PBI both inefficient and expensive to administer because of the volume requiring investigation. By complementing traditional controls with profiling and machine learning tools, a more robust and effective anti-money laundering approach is achieved.
Money launderers typically use a limited number of strategies to process their cash. One method exploits bugs in software; in one recent case, it was an ATM bug, which failed to report cash deposits above the bank’s normal threshold. Fraudsters found out about the bug and exploited it, laundering more than AU$20m over a 16-month period to May 2016. The bank in question, the Commonwealth Bank of Australia, has just announced a provision of AU$375m to cover the expected fine, which may well exceed this sum.
Another common method is to use a money mule. This is when the criminals pay a third party to process the dirty cash through their own bank accounts. Traditionally, money mules have sent the cash abroad, but increasingly they are using domestic transfers to avoid international monitoring.
A third method is for criminals to simply exploit environments with insufficient automatic controls – threshold triggers, unusual or high-risk destinations, and so on. Watchdogs in every jurisdiction cite this as a major problem, and these weak links in the global financial system are likely to become a major area of focus in the fight against money laundering.
So what should banks do?
Clearly, relying on PBI will no longer do the trick for these types of use cases. Fortunately, there are new tools that can fortify the AML arsenal of any bank. Profiling, for example, looks at an individual’s behavior over time to build up a detailed picture of his or her banking habits. By taking into account a number of variables, banks can dramatically bring down the number of false positives in AML searches. For example, by monitoring amount, location of account holder, destination, and more, a bank can build up a picture of habitual activity. When something unusual occurs, it stands out. Cross-referencing the different variables means that if just one variable changes, the risk will be low. Multiple changes in variables are a high risk. In this way, the number of false positives is reduced.
Machine learning – where algorithms can learn from and predict outcomes from data – can also be used to continuously improve risk modeling. The algorithms learn by themselves and give insight into any data not following a trend.
When PBI, profiling and machine learning are used together, banks can cover all transactions and spot most suspicious activity with an 80 percent reduction in false positives and an associated 93 percent cut in the time spent investigating them in average, according to research by NetGuardians. When used in conjunction, these three methods allow banks to monitor suspicious high-risk accounts, cash-in cash-out transactions, money-mule activities, transfers to secrecy havens, and instances where customer data is altered.
NetGuardians’ AML solution does all this and more. It can also work in real time, depending on the infrastructure on which it runs. This means that banks can spot money laundering as it happens and report it to the authorities immediately. Faster detection means faster investigation.
With regulators turning up the heat, banks need to look at comprehensive solutions with high levels of transaction monitoring, effective controls and efficient detection systems. Anything less and they are leaving themselves open not only to huge fines, but also to corrosive reputational damage.
