What AML and KYCC Compliance Will Look Like in the Age of AI – Examining Two Use Cases
In 2020, fines for Anti-Money Laundering (AML) noncompliance reached $2.2 billion, up nearly 400% from 2019, according to Kroll data. The trend continued into 2021. Through June 30, AML fines totaled $994 million, suggesting another year of strict regulatory enforcement action.
These increases in fines and regulatory enforcement only tell part of the story. While financial institutions may have closed their doors during the darkest depths of the COVID-19 pandemic, financial criminals certainly have not. “The COVID-19 pandemic has exacerbated fraud,” the Congressional Research Service writes, “which remains at the forefront of money laundering concerns, both domestically and abroad.”
As Thomas Mangine of the Bank of Montreal recently explained on Emerj’s AI in Business podcast:
“The standards across the board in any money laundering, compliance, sanctions, compliance, fraud compliance have only increased for the people outside the financial industry. You’re starting to see serious fines against banks for gross violations of regulatory requirements about making sure that their clients weren’t moving illicit money, dirty money, were either engaged in money laundering, assisting money laundering or just uninformed to the point they were.”Thomas Mangine, Director of AML and Risk Reliance at the Bank of Montreal
Financial criminals have been agile in finding new ways to exploit weaknesses in the control environments of today’s financial institutions—and they continue to grow savvier. Amidst increasingly sophisticated attacks, the answer lies in moving from the rules-based reporting on which the financial sector has long relied to newer approaches informed by recent gains in machine learning technology.
Regulators in 2022 want financial institutions to leverage the advanced technologies that are newly available to them. They do not want to see institutions relying on outmoded rules-based systems.
Yet with the exploration and adoption of machine learning approaches, banks have begun to encounter a new problem: They do not have enough data to train their models. The question then becomes: how do banks identify the patterns that indicate AML concerns?
With organizations handling tens of millions of transactions, only a small percentage – usually a tenth of a percent – deal directly in AML concerns. Finding faster ways to pinpoint that needle in a haystack is why the industry is moving toward more advanced technologies.
These new technologies help with data classification, offer text generation and create data to help banks train the models. Where machine learning suffers from the law of diminishing returns, deep learning does not. With deep learning, banks use neural networks, they can have more parameters and ultimately, they are unbound by the shortcomings of traditional machine learning models.
In this article, we examine two use cases that show financial services institutions how to pursue deep learning and the process innovations that are becoming essential to modern AML compliance efforts:
- Reducing false signals in detecting financial crime: AI can be used to go beyond rules-based systems to determine patterns of activity more likely to be true fraud, not false positives or negatives.
- Identifying deeper patterns from KYC to KYCC: AI can help unearth new information not just about a bank’s customer, but their customer’s customer (KYCC), allowing for deeper visibility into the potentially criminal activity around a customer account.
Emerj Artificial Intelligence Research spoke to experts in compliance, including Managing Director of Business Development at SambaNova Systems Bob Gaines, and compiled their testimony along with guests on our AI in Business podcast. Together, their perspectives provide keen insight into these emerging use cases and their growing impact on financial institutions in the years to come.
Reducing False Signals in Detecting Financial Crime
Organizations can no longer claim a leading compliance program if it only relies on check-the-box activities. In a 2021 Deloitte poll regarding the future of internal controls, however, just 22% of respondents said their organizations use AI in their internal controls programs. Why does such a disconnect exist?
In today’s financial services sector, compliance regulators want to see a commitment to innovation and forward-looking solutions. These automated, AI-driven technologies help financial institutions close the gap between the growing complexity of money-laundering schemes and the legacy internal controls programs still clinging to life in many firms.
How does a firm approach AML compliance with today’s innovations in artificial intelligence and machine learning? One key challenge that arises with AML is how to train the models that firms use to execute independent testing. While machine learning is effectively applied to fraud prevention efforts throughout the financial services sector, AML presents a different challenge.
“If you look at the pool of transactions, there are tens of millions a day. A very small percentage are actually AML concerns, and, and of those, 0.1% are true cases and the rest turn out to be false positives,” Samba Nova’s Bob Gaines tells Emerj. “The amount of training data is just not sufficient for models.”
This lack of training data means that financial services institutions cannot optimally train the models, risking model creep and bias emerging into their algorithms over time. These financial services institutions are now looking for solutions to help modernize their AML compliance efforts by:
- Up-leveling their compliance
- Improving the accuracy of potential AML positives
- Generate more synthetic data to help train their models more accurately
These objectives can be achieved with the newer, deep-learning models that use natural language processing. Natural language processing (NLP) has long been widespread in financial services but today, the reach of NLP technologies extends far beyond chatbots and now forms an essential component of leading AML programs.
The occurrence of AML red flags is often sparse within a population, like looking for that proverbial needle in a haystack. NLP supported by machine learning can help by identifying better (i.e., fewer and more accurate) red flags so that the occurrence of false positives and negatives is minimized. NLP and machine learning promise a next-generation deliverance from the rules-based approaches of the past.
In translation, for instance, NLP can search for keywords and patterns in other languages, and focus on more relevant information to find fraud. NLP can go beyond examining parties to a transaction and its amount. With translation, our AML independent testing efforts can go deeper, regardless of the language of our documentation.
“There are many documents inside compliance. If they’re in multiple languages, you need translation. Only the newest language models will handle that—like GPT-3,” Gaines tells Emerj. “But you don’t always need GPT-3 with 175 million parameters that take years to run. But you do need GPT to do some level of translation.”
In the following four-minute video, the capabilities of GPT-3 are explained in layman’s terms:
GPT solutions can deliver the efficiencies that financial services institutions need to execute their AML independent testing. They can deliver efficiencies over the capabilities of solutions requiring multiple individual models — such as one for each language, for example.
In particular, the GPT-3 model’s ability to switch seamlessly between languages while still providing a deep contextual understanding of content is quite revolutionary, as expressed recently on the AI in Business podcast by guest Peter Welinder of OpenAI:
“So if you want to say, hey, translate this sentence to French, you know, it will just give you the French translation back. Or if you want to say, ‘What’s the sentiment of this movie review?’ It will just tell you it’s positive or it’s negative.
But what became really amazing is that you could also apply to them all kinds of other use cases that just didn’t exist in specialized models. We’ve seen our users apply [GPT-3] to things like extracting questions and answers from articles for summarizing pieces of text or doing semantic search logs in large document collections to doing things like writing great product descriptions, or even as just a writing assistance or a coding system.”Peter Welinder, VP of Product and Partnerships at OpenAI
Identifying Deeper Patterns from KYC to KYCC
Amid a sort of arms race between the emergence of new fintech regulatory solutions and new technologies that merely facilitate the development of new types of AML concerns, regulatory pressures mount on financial institutions to continuously improve their compliance programs.
That extends to Know Your Customer programs, a key component of AML compliance efforts that is often broadened and called, Know Your Customers’ Customers (KYCC).
In turn, name entity recognition has developed into a key area of KYC and how it relates to AML. That brings to financial services firms the challenges of unstructured documents and data, time-consuming keyword searches, and foreign-language barriers.
The complexity of these workflows is ripe for AI applications, as Thomas Mangine of the Bank of Montreal explains on the AI in Business podcast:
“AI, most importantly, is an efficiency issue – and it makes you incredibly more efficient. I come from the world of the infantry and the human intelligence in the army. I’m a big believer in the individual, the individual soldier, the individual service member… The best resource that you have in investigative work is your individual experience, trained investigator, the creativity of that person, and the depth of their experience is the most effective thing that you have in prosecuting cases or moving cases forward and determining what’s going on what’s a real problem from what’s not a real problem.
And I say that because artificial intelligence is designed to largely replicate the creativity and the capacity of the human brain. Your AI should be focused on going through those smaller, more repetitious tasks, almost like meditation that allows your investigator to focus on the more complex issues.”Thomas Mangine, Director of AML and Risk Reliance at the Bank of Montreal
In the past, compliance personnel looked to keyword searches and random sampling to bolster their KYC compliance efforts. More recently, they have turned to machine learning technologies to broaden their reach and improve the accuracy of the concerns they investigate.
But even traditional machine learning comes with shortcomings and can be tricked even with a simple change of spelling. So where do today’s financial services institutions look when they need effective, leading-edge KYCC compliance programs?
“When auditors and compliance personnel have the ability to do semantic search,” says Gaines. “Their productivity has been shown to increase 2 or even 3 times. Imagine if you had an auditor who could search for what they are looking for, rather than reviewing legacy reports?”
Thus, the key differentiator among current leading KYCC programs is name entity recognition empowered by semantic search capabilities.
How semantic searches work is explained in the following one-and-a-half minute video:
Effective semantic searches:
- Overcome the shortcomings of traditional machine-learning approaches by integrating the innovations that deep learning and NLP now offer
- Looks at contextual information for KYCC red-flags
- Cannot be tricked by changing the spelling of a keyword term
- Extends beyond the transaction and entities, looking to find relationships that a business has with other firms
As a process, semantic searches streamline the following workflows:
- Enables compliance personnel to pull up documents, even when the majority are unstructured – streamlining the process by not having to spend time ordering them into rows and columns.
- The deep-learning model then finds and learns patterns as it matures.
- Flags transactions and pend them for investigation where they are vetted by human intelligence and experience
- Augmented intelligence then decides which red-flag concerns to pull aside for human follow-up
In many current compliance workflows, KYCC efforts revolve around disjointed caches of documents. Semantic search solutions aim to change that by:
- Not replacing existing tools
- Making current workflows smarter
- Making models more accurate
- Making true patterns easier to detect
- Increase automation
Underpinning it all, though, is the human experience and intuition that form the foundation of any compliance effort.
Given that, worldwide, the costs of AML compliance to American banks surpass $200 billion every year according to LexisNexis, the potential returns on solutions that add efficiency and optimize the role humans play in the process can grow significantly.
Semantic search solutions rely on:
- Advanced machine learning methods like deep learning and advanced neural networks
- The emergence of new data housing technologies like data lakes and warehouses
- New frameworks upon which to build these solutions, like DaaS (Dataflow-as-a-Service)
DaaS solutions help compliance organizations fast-track AI with an extensible machine learning services platform that cut implementation costs and deployment timelines.
The days of sample-based testing and search-engine-style query-and-answer testing have passed. Compliance personnel in 2022 need semantic searches that look at the queries users are entering, translate their intent, and deliver better, more intelligent responses.