Bridge the gap between financial crime analytics and investigations

How to design fraud prevention programs with the investigative process in mind

By Patrick Craig, Partner in the Europe, Middle East, India and Africa, Compliance Technology for Financial Services, EY

Financial institutions increasingly use analytics to manage the scale and complexity of compliance with financial crime regulation. However, ongoing challenges across the industry, in conjunction with the increasing cost of compliance, mean it is important to design analytics with the investigative process in mind. If done effectively, this should avoid downstream operational bottlenecks and ensure a higher quality of feedback is captured, which enables more effective modeling of financial crime risk. 

For financial crime controls to be effective and cost-efficient in today’s environment, institutions need to leverage the power of analytics.

Developing financial crime analytics

The application and use of financial crime analytics is widespread, ranging from risk assessment and detection engines to investigative tools and reporting, allowing institutions to better quantify and categorize their risk exposure, assess the effectiveness of their financial crime programs, and detect and deter criminal behavior.

Unlike other analytical domains in the financial services industry, such as credit or fraud risk, modeling financial crime risk and suspicious behavior is often complicated by the lack of categorical outcomes. The effectiveness of such analytics is therefore inherently coupled to the due diligence and investigation processes that consume, process and disseminate the analytical output, commonly referred to as alerts or, more broadly, intelligence.

Download the paper: Combating Financial Crime

Investigations as analytics consumers

Despite the efficiencies and insight brought by analytics, the complexity and subtleties of financial crime mean that manual due diligence and investigation remains an essential component of a financial crime control framework. Investigation teams are one of the key consumers of analytics within a financial crime compliance program, responding to and processing alerts from detection engines and other forms of intelligence.

The effectiveness and efficiency of investigations are heavily dependent on:

  • The quality of information and analysis passed to the investigations team.
  • The availability of additional information and intelligence to assess analytical output both in a wider context and in greater depth.
  • Access to tools and infrastructure to collate, analyze and disseminate information as part of the investigation life cycle.

Much of the effort in implementing financial crime analytics has been focused on modeling known risks and typologies and automating aspects of the investigation decision process to reduce operational costs and improve consistency.

While the benefits of this approach are clear, over-reliance on automation and analytics without understanding of the investigative life cycle has the potential to hinder the scope and value of the investigative process.

Emerging impacts of ineffective analytics

Investment in analytics has typically been reactive and tracked the regulatory regime, which means that the use of analytics has often focused on specific domains or typologies, leading to a fragmented view of risk and methods used across the institution. This phenomenon has resulted in a complex system of data stores and applications and a multifaceted view of a customer’s behavior for investigators to master, driving up the cost of compliance. In recent years, the industry has recognized the risk of over-reliance on individual models, spawning a need for model validation and for a more holistic view of financial crime risk, which results in more correlation of information across organizational barriers, such as between lines of business, countries, or even across AML, fraud, sanctions and bribery risk silos.

Despite new investments in analytics, the industry still faces significant challenges, including:

Ongoing control failings

  • Regulatory fines have reached billions of dollars for financial institutions globally.
  • Institutions remain highly reactive and often analyze risks after the fact.
  • Transaction monitoring systems regularly produce very high false-positive rates of detection, in some cases over 99 percent of alerts.

Increasing operation costs

  • Increased regulatory scrutiny is driving more conservative methods.
  • Fragmented controls are affecting the speed of retrieving and processing information.


  • Overly simplistic and conservative rules are driving riskier customers to your business.

Limited awareness and expertise

  • Poor data quality, information silos and the lack of effective infrastructure are affecting the level of visibility and insight into risks and threats.
  • Overly simplistic approaches are hindering skill development.
  • Poor broader regulatory awareness and understanding of advanced analytical techniques are creating additional barriers.

Bridging the gap

For financial crime controls to be effective and cost-efficient in today’s environment, institutions need to apply the power of analytics. The best solutions provide investigators with information in context, align to business needs, and are both intuitive and flexible. They must also effectively manage the data and integrate investigative tools.

A strategy for comprehensive and efficient data retrieval across the organization takes into account data requirements for point solutions, investigative support, strategic analysis and data management to create an intelligence repository. Whether adopting a data mart approach, implementing federated access methods or using big data technology, the solution needs to provide a single point of access and a holistic view across the organization that can support a wide range of analytics and scenarios both for compliance and wider business needs.

Tool integration for large organizations typically involves defining a compliance technology strategy. Effective integration can dramatically improve operational efficiency, reducing the time needed to source, analyze and disseminate information. In addition, with intuitive design, investigative tools can drive greater insight, which allows investigators to develop and test hypotheses. For example, depending on the type of investigation, the investigator’s role and the stage of the investigation process, this may include integration of case management systems with “know your customer” data stores, visualization tools to review transaction flows, online screening applications, and reporting dashboards for wider context and trends.

Longer-term, effective investigations can drive improvements to the quality and breadth of available intelligence, allowing for better risk modeling and potentially for more advanced techniques that can more efficiently target financial crime risks, such as behavioral analytics for fraud and conduct risk.


Patrick Craig is a Partner in EY’s Europe, Middle East, India and Africa, Compliance Technology for Financial Services. He specializes in providing compliance technology services to financial services firms and has held roles in both the US and Europe. He focuses on financial crime technologies and trends (anti-money laundering, sanctions, fraud, anti-bribery and corruption) and also works on the broader compliance agenda.


The role of advanced analytics

Advanced analytics help investigators identify the information out of the millions of transactions and data points that need special attention. Here are some analytic methodologies that are available. Each of these, alone or in combination, lends itself to identifying specific data challenges. The key is to understand which works best in each type of situation.

  • Rules are the most basic analytic method. A rule is either broken or not – yes or no.
  • Anomaly detection is useful for identifying outlier or unique activity in situations where little past fraud information is available.
  • Predictive modeling is useful when historical data is available.
  • Network or link analysis enables investigators to understand how individuals are associated and how they work together to execute fraud.
  • Text mining and text analytics are critical for the analysis of text in blogs, social network posts and conversations.

Get More Insights


Want more Insights from SAS? Subscribe to our Insights newsletter. Or check back often to get more insights on the topics you care about, including analytics, big data, data management, marketing, and risk & fraud.

Back to Top