Anti-money laundering (AML) has been a hot topic – and an intensifying regulatory pain point – for financial institutions for decades. For example, the USA PATRIOT Act expanded requirements for detection and reporting. The New York 504 “Final Rule” added more granular and stringent control expectations. And the pending Fifth EU Anti-Money Laundering Directive (5AMLD), puts the onus on European enterprises to meet tougher US regulations.
Few financial institutions are truly ready. There’s a lot of talk about advancing the AML arsenal to the next level, drawing on advances such as robotics, semantic analysis and artificial intelligence (AI). It’s about making AML processes more automated, efficient and effective. And it’s about augmenting traditional rules-based approaches to drive down the rate of false positives and more accurately detect and predict activity worth investigating.
Much of the work in the last 18 months has been to apply AI to some low-hanging fruit, such as using robotic process automation to investigate and prepare cases more quickly. However, as of 2018, we’re starting to see adoption of machine learning not just for process automation, scoring and hibernation, but to supplement or even replace traditional Boolean logic for detecting potentially suspicious activity.
Free white paper
The pace of AML evolution varies across global regions − faster where regulatory oversight is more stringent, slower elsewhere. Learn about four advanced AML technologies and how they are being used today.
Ten keys to success with AML powered by machine learning
- Innovate, but with caution. A December 2018 joint statement issued by US authorities called for financial institutions to “consider, evaluate, and where appropriate, responsibly implement innovative approaches” to meet AML compliance obligations. However, there’s a clear message to do this in an experimental sandbox or in parallel until new approaches are proven.
- Establish rigorous model governance. Are the algorithms still working? Are cases being appropriately expedited or hibernated? Are models being monitored and tuned as necessary? Especially outside the US, there’s not enough emphasis on this tier of control. Often it’s only when a bank is in trouble and in the news that questions are raised about model risk governance.
- Securely share data across borders. Before the industry can adopt machine learning in a meaningful way, we need to be able to securely share data across borders in a GDPR world. We need technologies such as homomorphic encryption (which enables computations to be performed on data without decrypting it) to evolve from the theoretical realm to the real world.
- Consider a hybrid approach. Nobody is ready to abandon their rules-based systems and fully replace them with analytical models and robotics. We’re seeing a hybrid approach. Use rules where they do the job; use models where rules would fall short. Analytical models shine in situations that call for discerning complex patterns from well-defined behaviors.
- Take a hard look at the data foundation. AI and machine learning can deliver a huge performance boost to AML processes. But there’s no point in using them on bad data, because you’re not going to get anything out of it. Even in large banks, data quality issues are endemic. Many still struggle with the basics of getting a single view of the customer from a risk perspective.
- Take a more analytic approach to segmentation. Get more rigorous than simply dividing personal and commercial clients, or bucketing by transaction volume. K‑means clustering – a popular machine learning algorithm – groups entities based on interactions among variables. A forward-thinking SAS customer used smarter segmentation to boost productivity rates from 2.8% to 10.4%.
- Zero in on what matters, defer what might matter later. Focus investigators’ time on the most worthy alerts. Auto-referral or hibernation functions use an AI engine to calculate a risk score based on multiple, complex risk variables and categories – then either expedite or hold off on escalating an alert for review.
- Use machine learning to detect rare events. An unsupervised learning model can churn through huge volumes of data to find an unknown piece of risk that would be difficult to find using traditional methods. You don’t have to know if a given person or entity is good or bad, just which ones are “edge cases,” behaving out of the norm relative to their peers.
- Embed best practices into reusable packages. As we learn from pilot projects, we have packaged up best practices into a bot that automates the creation, publishing and retraining of machine learning models. It preselects variables and recommends best-fit models based on sampling of rare events. The result: More meaningful analysis with less effort from data scientists.
- Integrate financial crimes systems and processes. The future of AML will be converging AML, fraud, cybersecurity and other risk functions into a central, unified environment with integrated data orchestration, analytics development, decision making, case management, reporting and governance – and having a comprehensive and fully resolved workflow among them.
The machine learning advantage for AML? Instead of simply reacting to past information, machine learning delivers a forward-looking advantage.
Innovative financial institutions are already reaping the benefits
Here are a few ways that banks are applying these new approaches:
- A Tier 2 US bank replaced 10 cash activity scenarios from its transaction monitoring system with a SAS neural network model and tripled SAR conversion rates while cutting monthly work items by 50%.
- A Tier 1 global bank applied a random forest model with 200 trees to nearly 2 billion transactions, and in 10 minutes found 416 suspect entities that, on further triage, resulted in dozens of productive cases.
- Another Tier 1 global bank used machine learning-driven automation to help automate due diligence document review, reducing the effort from two weeks of staff time to less than a minute.
- An Asia Pacific bank turned to gradient boosting and deep neural networks to automate alert review and reduced false positives by 33%.
Next-generation AML is coming to the forefront as the industry goes through massive digital transformation and as regulators keep upping their definition of “reasonable” control and governance. Robotics, semantic analysis and artificial intelligence – particularly machine learning – will be central to this evolution.
As the technology advances, the barrier for entry has dropped to the point where it is within reach of smaller institutions. You don’t have to have an army of data scientists on staff. SAS is packaging advanced AML data science in a box to automate repetitive manual processes, more accurately detect suspicious activity, and cost-effectively put these capabilities in the hands of more financial services organizations.
- Strengthen your payment fraud defenses with stronger authenticationThe rapid growth of digital wallets and payment applications has ushered in new payment fraud threats to consumers and organizations. Find out how the use of innovative technologies to combat payment fraud is a viable and effective solution with additional benefits.
- IoT securityThe internet of things, with about 6.4 billion external (and vulnerable) devices on networks, calls for a more rigorous approach to cybersecurity.
- Fighting cyberwars with cyberanalyticsMike McConnell, former US Director of National Intelligence, told the US Senate, “If the United States were at cyberwar, it would lose.” If that is even remotely true, cyberdefenders need to be outfitted with the most effective weapon for winning the war – analytics.