In the ever-evolving cat-and-mouse game between financial institutions and money launderers, AI might be the best mousetrap ever to come to compliance. Adept, adaptable, and affordable, it checks all the boxes of an ideal solution-based system.
AI, or more specifically, its algorithm-based subset of machine learning, is positioned to radically change how AML efforts are undertaken by banks and, in turn, regulators and law enforcement.
How are AI and AML connected?
AI and AML have significant crossover — both rely on patterns in what are often very layered data sets. In AML, important patterns in variables can include frequency, size, and location of deposits, as well as jurisdictions of companies, controllers, owners, and politically exposed persons (PEPs). Machine learning is well-equipped to unearth the buried nexus points between the variables.
In the current economic climate, when banks and financial institutions are looking to reign in operational expenses, people-heavy cost centers like AML and compliance are being closely scrutinized. Concurrently, these companies are facing increasingly onerous and ever-changing regulations and requirements.
CFOs are on the hunt for cost-effective methods to enhance programs and do more work with less. Off-shoring and relocating teams to tax-friendly states can make a dent in the bottom line, but automation is positioning itself as the final frontier.
What are the benefits of using AI in AML?
Many industries are still justifiably wary about its unchecked usage and utility, but AI just might be a dream employee for beleaguered compliance teams. There’s no need for interviews or desks, no vacations to schedule, and no managers to check on productivity. It is far less costly than the human equivalent, relatively quick to onboard, and largely trains itself. AI can speak unlimited languages and is increasingly adept at reading images. With AI on the job, the days of an analyst trying to read a blurry passport pdf could be coming to an end.
Unlike its human counterparts, AI adapts easily to changing conditions, trends, and new regulations. It spots patterns quickly and can adjust accordingly. And, with nary a complaint, it accepts the demands of new regulations, though it may need some human intervention by way of programming and instructions to get up-to-speed.
Finally, AI greatly reduces time-consuming false positives that can clog screening and transaction monitoring processes. The work required to review and determine if there is a true match between a result and a client can quickly bottleneck and detract employees from the more critical work of investigating and escalating true matches.
For instance, a transaction to a company with “Cuba” in its name will immediately get flagged for having a possible nexus with the Office of Foreign Assets Control (OFAC)-sanctioned jurisdiction. Staff can spend valuable time determining that it is a payment related to the sale of a house on Cuba Street in Los Angeles that has no sanctions risk for the banking institution. AI could eliminate the need to cross-check the transaction by doing the background work itself.
As with all tools, AI isn’t rendering people obsolete. Companies, especially those in heavily regulated, risk-averse spaces, should aim for partial automation to avoid further fraud and costly errors caused by a simple oversight. Rather than reducing staff, companies can retrain compliance analysts to monitor and adjust AI outputs and empower highly trained staff to focus on the most complex cases, including client relations and investigations. The World Economic Forum further supports a collaborative environment by stating, “We see this as a true partnership. Machines and humans must collaborate to accomplish things that neither could do as well on their own.”
AI techniques used in AML
There are three primary AI techniques that are most beneficial to AML: natural language processing (NLP), network analytics, and predictive analytics.
Natural language processing
Natural language processing is a language-based AI technique that uses AI and data to predict the next word in a sentence sequence. It is essentially auto-complete on growth hormones. Using behemoth language sets, tools like ChatGPT are learning to complete increasingly sophisticated written requests, such as legal contracts, and advanced cognitive tasks, such as computer coding and programming, all based solely on text prompts.
NLP has the potential to simplify standard AML tasks, including the screening of client names and their related parties across various lists for sanctions, negative news, risk indicators, political exposure, etc. Companies will even have the ability to easily cluster groups of names with entities or specific jurisdictions, further reducing false positives. For example, a CEO named “Marc Anthony Jacobs” can be searched, along with any or all of his identifying information, in order to automatically reduce the number of results for other individuals with any part of the same name.
Network analytics is like AI’s family historian. Machine learning and analytics can handily analyze a single factor, such as an account, a name, or a geography, but they can’t reliably combine these factors across an entire network of individuals — for example, the sister of a beneficial owner of a client who uses her maiden name but is married to a PEP in another country.
Predictive analytics uses historical data and machine learning to predict future events. In AML, this can be used to study expected vs. actual activity, one of the keys to ongoing risk assessment and fraud detection through transaction monitoring.
Does FinCEN recognize the power of AI to combat AML in the U.S.?
The Financial Crimes Enforcement Network (FinCEN), the U.S. regulator tasked with managing compliance with most federal AML laws, has been a proponent of emerging technologies for decades. As with other agencies, it has been encouraging companies to embrace innovations, such as the use of AI for Bank Secrecy Act (BSA)/AML compliance as far back as 2018, to protect the financial system against illicit activity and new threats, while also maximizing limited resources.
Are there limitations associated with AI and AML?
AI won’t change existing AML processes overnight. If history is any indication (remember the hype around blockchain?), it may not even be the cure for all the ails. Money laundering is a creation of the criminals committing it, and they will always be at least one step ahead of anyone — or anything — trying to stop them.
Imagination isn’t the only limitation in using AI for AML. Teams of programmers and other end users have to be trained in highly sophisticated data analytics and related processes, many of which are not even developed yet. Any short-term cost savings with AI could evaporate if a company can’t find adequate technology to address their needs and regulators’ requirements. Continual reinvestment in new technology requires retraining, patches to work with existing systems, and often compromises or redundancies. Even more costly is building an in-house solution that necessitates designers, testing, troubleshooting, and round-the clock support. Even the best solution may not be able to deliver uniform or immediate results.
Data privacy concerns
Data protection is an industry-wide concern for banks and financial institutions, which are strictly regulated in where and how they use sensitive customer information. AI, or more specifically the vendors offering it to banks, holds considerable risk for data to be misused or inadvertently disclosed. Even internal data usage will need to be carefully segregated to ensure that only those with authorized or business use have access.
On a more meta level, algorithms don’t yet understand the implications of what they discover. Their mission ends with telling a story with the data, regardless of whether it is true or not. While AML rightly seeks to root out bad actors and suspicious activity, there are potential implications to whether all of the data and determinations that AI finds will be appropriately or accurately applied. Know Your Customer (KYC) processes are meant to protect banks from risky client relationships; in theory, AI could lead some banks to end relationships — and report them to law enforcement — based on faulty rationale.
Concurrently, privacy laws continue to create additional protections for people as a result of the damage, even that which comes from improper data processing. Under the EU privacy law, for example, people can qualify for compensation if they can prove that they have been hurt. It remains to be seen how far AI will push the boundaries of data.
How will AML be impacted by AI moving forward?
As AI becomes more widespread and its specific usage becomes clearer for AML, regulations will surely be introduced to limit what banks and financial institutions do with it. Likewise, best practices will be developed and shared to better harness the vast powers of AI’s tools.
Even as tech leaders and elected officials grapple with the more sinister applications of rapidly advancing AI, banks seem to be accepting of their fate when it comes to deploying it to combat crime. “AI and data use is complex; it must be done following the laws of the land. But it is an absolute necessity that we do it … for the protection of the company and the financial system — because you can be certain that the bad guys will be using it, too,” wrote CEO Jamie Dimon in JP Morgan’s most recent Annual Report.