Displaying search results for ""

Use of Machine Learning to Eliminate “False Positives” in AML Drive

Use of Machine Learning to Eliminate “False Positives” in AML Drive

With the increase in regulatory demands, and screening volumes spiking through the ceiling, ML is seen as the only viable option to accurately detect suspicious transactions.

Over the past several years, the instances of international money laundering have increased manifold, driving enforcement agencies in various countries to update their AML rules and regulations to curb illegal means of generating income. Globally, financial institutions are racing to deploy heightened screening systems and pushing their existing technologies to cope with the new rush. Events such as the Deutsche Bank’s alleged failings in securities trades, originating from Russia between 2011 and 2015, have led enforcement agencies to make formidable AML regulations.

Almost all FIs and banks are now deploying enhanced identify verification systems. They have come up with more stringent standards for accepting new customers. PEP (Politically Exposed People) screenings have increased. Scrutiny of public records of customers are gaining momentum, so much so that FIs and banks are not hesitating to add negative news as a factor.

This is a double-edged sword for FIs and banks. As they scrutinize more closely, they also have to tread carefully so as not to cross the thin line of violating customer privacy. The customers, on their part, are becoming edgy with their banks asking far too many questions.

The Spectre of “False Positives”

There is an overload of data but data accuracy is becoming a concern. The common element of complaint amongst the financial institutions is the credibility of data procured. The factor of “false positives” where a legal transaction is often flagged as suspect is increasing.

Call out

It is clear that the old ways of rule-based filtering are proving to be inadequate, moreover, existing technologies are not flexible enough for real time interventions. Since the existing system depends on old rule based analytical methods and expert judgment, there is a higher chance of missing valid alerts.

Adoption of ML

There is now widespread belief that the adoption of analytics-led approach and machine learning (ML) will help overcome the false positive challenge. ML based risk assessment scoring and alert generation and adaptive and predictive modeling are now being seriously considered.

One of the biggest roadblocks faced with mostly manual checks and screening is the amount of triage that the personnel must do when alerts are flagged. As this load increases, personnel will set aside triaging or put it in hibernation. Most of it may get auto closed post a time period and the opportunity to action is lost forever. By deploying ML, computers can now be trained to check, screen and do triages, hibernate and close without manual intervention.

With ML, FIs and banks can now draw up a holistic view of the customer from static KYC documents and dynamic data from transactions. ML can also help build the social graphs of customers and can deal with big data effectively to create behavioural models (predictive) for individual customers. The automated system can trigger checks, screenings and triages. What more, an ML engine can be deployed orthogonal to an existing infrastructure running independently without disturbing current operations. Until the organizations gain enough confidence in their ML systems, they can effecively operate both manual and automated systems.

There are a number of solutions put forth by researchers working with real time data for clients across the world. One such solution [6] involves using advanced Data Mining techniques with Neural Network and Transaction Analysis to detect money laundering instances. This solution uses traditional data mining approach involving data gathering, clustering and classification to build a knowledge base about a customer and then watching each transaction for its frequency and quantum of funds involved in those transactions.

Artificial Intelligence (AI) AI and ML are now being deployed right from the CDD (Customer Due Diligence) stage. Called Customer Onboarding, the CDD process ensures that an automated agent provides real-time, dynamic features to the onboarding human agents to detect fraud more accurately and easily. In the next stage, called the Link Analysis, the AI/ML agents help link KYC data with other sources of structured and unstructured data and also real time transactions. This leads to faster customer segmentation where a customer behavioural map can be drawn and can be benchmarked. Once the data is generated, linked and segmented, other features like screening transactions and alerting on suspicious activities are driven through AI/ML automatically with least intervention from human agents.

ML & AI

ML Deployment in real world

Many FIs and banks are using ML for non AML operations such as building the customer transaction profile, offering AI chatbots – mostly for upselling products to customers or for better customer service.  There is a gradual acceptance of ML in fraud detection and AML regulations.

Citibank has made a strategic investment in Feedzai, an data science company that works in real time fraud detection. However, an example of a direct application of ML to detect fraudulent transactions across the globe is that of AUSTRAC (Australian Transaction Record Analysis Center) in collaboration with the RMIT University in Melbourne.

While FIs and banks and national agencies know the power of ML and its benefits, they are looking at ML as a human augmentation tool rather than a fully automated system. They are using ML without much ado to detect suspicious activities and flag it for experts to jump in and screen. However, this viewpoint is rapidly changing due to cost over-runs and sheer volume of alerts that are being generated. We will soon see ML taking on a more central role in AML compliance.

 

Sources:

[1] https://www.techemergence.com/ai-in-banking-analysis/

[2] https://gomedici.com/ml-in-aml-applying-data-science-ai-to-tackle-international-financial-crime/

[3] https://www.accenture.com/_acnmedia/PDF-61/Accenture-Leveraging-Machine-Learning-Anti-Money-Laundering-Transaction-Monitoring.pdf

[4] https://internationalbanker.com/finance/five-steps-anti-money-laundering-compliance-2017/

[5] http://files.acams.org/pdfs/2016/Dow_Jones_and_ACAMS_Global_Anti-Money_Laundering_Survey_Results_2016.pdf

[6] A data mining-based solution for detecting suspicious money – arXiv: https://arxiv.org/pdf/1609.00990

 

View

PSD2 Implications on Banking

PSD2 Implications on Banking

The banking sector is soon set to witness the effects of the PSD2 (Revised Payment Service Directive) this year. Heralded as the defining moment for European banking sector, the PSD2 has created a clean slate for all banks, new entrants and old players, facilitating data sharing of customer data and payment networks to third-party providers (TPPs) under a standard format.

PSD2 Implementation Timeline

Open banking is not a new concept in the world of finance. Countries like Singapore, South Korea and India have gained significant traction in terms of open banking APIs. The US and Australia are expanding their financial standing via offering consumers more choice of financial service providers. Joining the Open Banking digital revolution is Europe with its PSD2 mandate. The European financial ecosystem would see banks defining their Open API strategy for new entrants. PSD2’s main aim is to foster innovation through a healthy-competitive environment. The new directive opens ups the playing field for FinTech startups and other companies to create innovative products through APIs and new payment strategies.

What does the revised directive mean?

PSD2’s multi-faceted regulation has its implications on banks, tech companies, financial institutions and customers. Banks are looking at increasing security measure for online payments with strong customer authentication. The digital strategies would need to incorporate interoperability between various financial institutions. Third-party providers on the other hand enter a regulated environment wherein they get technical access to all payment systems.

As banks head towards a single digital market, customers stand to benefit from this directive via reduced costs of operation through higher competition and decrease in card transactions. Innovation would bring about a new host of products and services with respect to account information service providers (AISPs) and payment initiation service providers (PISPs) – leading to an improved customer environment.

Are banks prepared?

Giving data access to non-banks puts them in the same league as traditional banks in providing similar payment services. Merchants and third party providers can highly benefit by selecting specific services to hyper focus and capitalize on. Banks would be competing against retailers like E-commerce vendors, social media sites and other established businesses that can effectively function as independent AISPs and PISPs – effectively bypassing banks.

4 Factors for PSD2 Readiness

Traditional banks need to reposition their revenue streams through innovative customer servicing technologies and strategic alliances. Banks will need to look into:

  • Payment Dispute Resolution – Effective from July 2018, payment service providers (PSPs) will be obligated to respond to payment complaints within 15 business days, as opposed to the standard 8 weeks timeline.
  • Two Factor Authentication (2FA) – Strong Customer Authentication (SCA) is a key element of PSD2, calling for a minimum 2FA for digital transactions.
  • Right to privacy – The General Data Protection Regulation (GDPR), which is due to take effect from 25th May, 2018, is aimed at regulating data sharing between parties. This raises a compliance concern for banks and what comes under the purview of legal consent at the end user.
  • API disruption – Banks have till September 2019 to introduce the API technology to new FinTech partners as part of the PSD2 RTS (Regulatory Technical Standards). Opening new financial services under the API would require extra security measures to be implemented along with a robust framework for network protection.

It’s positive to note that banks are viewing PSD2 not as a threat but a strategic opportunity to develop on bank’s core services. In a recent survey by PwC, it was noted that 71% of banks are considering partnerships with FinTech to develop new products and services. The survey also highlighted the difference in PSD2 readiness between the UK and mainland Europe. While UK is proactive with PSD2, mainland Europe is still holding back on partnering with FinTechs.

The transition period is tricky as consumers and banks grapple with the changes. A recent survey by Which? found that 92% of the public haven’t even heard about Open Banking. The earlier PSD rule applied to European Economic Area (EEA) countries only, but the revised directive has its implication across Europe. The complex architecture of PSD2 shifts the power of data relevancy to consumers – raising data concerns regarding what is perceived as “sensitive data” by banks versus end users. Hence, the need of the hour being for all stakeholders to clearly communicate data permission and privacy laws to customers.

Overall, 2018 is going to be an interesting year to see how the financial markets shift in Europe with the formation of new bank consortiums and partnerships. With players like Facebook, Google and Amazon entering the payments market, banks need to look into the impact of disintermediation on their business.

View

Automation for Cost-effective AML Compliance

Automation for Cost-effective AML Compliance

Automation for Cost-effective AML Compliance

Over the last few years, all industries have as witnessed a series of seismic changes, all driven by technology.  And the banking industry is not immune to these changes. However, what hasn’t changed for banks is the strict regulatory framework within which they need to navigate and manage these dynamic market changes; all the while being compliant, and cost focused.

No longer a new concept in the banking industry (which has always been an early technology adopter), Robotics Process Automation (RPA) is being leveraged by banks to meet the regulatory requirements set out by the Bank Secrecy Act and Anti-Money Laundering (BSA/AML) in a cost and time efficient manner.

So, what is RPA? Essentially, it is a software application that replicates human actions and at the same time interacts with various applications on the computer. It does this round the clock, through the year with or without the support of human interaction. It is most often deployed for repetitive tasks.

RPA for AML

Being highly regulated, the banking and financial services industry can ill afford errors. With a growing customer base, stringent global and local regulations, and digital operations posing a high-risk of security and fraud; an error can mean penalties in cases of non-compliance. Which is why more and more banks are becoming increasingly stringent with their ‘Know Your Customer’ or KYC norms. It is in this space that RPA offers a huge opportunity to enhance regulatory compliance, including AML and customer due diligence.

Some of the areas where banks can use RPA are:

  • Customer onboarding: This is a time-intensive process and RPA can reduce the time taken significantly—from months to weeks, or even days. For example, if a bank is onboarding a corporate customer then leveraging RPA the bank can log in to various public registers of companies and retrieving the registration information (date, number) and getting the list of company directors; thus, hastening and completing the identification and verification of the customer.
  • Customer due diligence: The due diligence processes can be improved substantially, with time reducing for an average check by as much as 50%.[i] Banks can use RPA for data entry of customer information, while the bots can validate the existing information by accessing internal databases, social media, and websites.
  • Customer outreach: As part of AML compliance, banks need to update customer information at regular intervals (dependent on customer risk levels), apart from collecting this information during initial onboarding. Doing this manually would be cost inefficient as well as increase the probability of human errors. By deploying RPA, banks can structure the process and at regular intervals, the additional data can be collected from external sources.

Innovation in Automation…

While at present most banks are deploying RPA for the basic repetitive processes, once the shift has happened there is a significant scope to leverage innovations as well.

For example, Artificial Intelligence (AI) and machine-learning have a huge potential to impact the KYC compliance process by assisting in identifying high-risk customers who need to be screened with an Enhanced Due Diligence (EDD) process. This can be done based on pattern recognition techniques coupled with unstructured text analysis.

HSBC has been automating some of its compliance processes to become more efficient. The bank is leveraging AI technology to automate its anti-money laundering investigations, which were traditionally conducted by individuals. In a 12-week period, HSBC was able to achieve a 20% reduction in false positives while maintaining the same number of reports of suspicious activity for human review. Taking this initiative forward has the potential to save HSBC millions of dollars per year.[ii]

Another area of innovation is using chatbots for customer communication during the onboarding process and using the Natural Language Processing (NLP) to analyze their responses to identify any high-risk behavioral the while saving cost as well as reducing human error probability.

Similarly, using Machine Learning banks can automate SAR filings and report generation; and leverage visualization technologies to make sense of large volume of unstructured data.

In conclusion

Facing several challenges, the banking sector can leverage automation and specifically RPA to manage and mitigate a number of them. Considering the significant potential of RPA, especially in managing the regulatory compliance needs, banks across markets are deploying this technology on a wide-scale.

By using this in an optimum and intelligent manner, compliance teams in banks can not only save time and costs, but also reduce the risk of human errors significantly; in this stringently regulated space. For tomorrow’s banking leaders, it is imperative to build organizational maturity and ability to adopt these technologies.

 

[i] https://forensicdiariesblog.ey.com/2017/11/08/redefining-aml-compliance-in-banking-through-robotics/

[ii] https://www.globaldata.com/hsbc-adopts-ai-streamline-compliance-efforts/

View