Reports of money-laundering leaks that broke out across the globe before the U.S. election remain stuck in my brain. Partly because I and others helped develop the first systems to combat money laundering, and all the crimes that go with it, and I don’t think we understand how big the problem is today.
Most public comments and reporting following the FinCen leaks focused on whether the government will crack down on banks over money laundering. But blaming banks misses a bigger point. Do our systems actually permanently put us in a position of playing catch up? Is the way we do automation today deeply flawed? I think it is. Automation actually needs machine learning or it can make problems it’s meant to fix worse. And maybe it’s more than most banks can take on at the same time after all.
Don’t get me wrong about banks’ responsibility. We have some pretty big systemic, cultural and technical challenges in the financial system that are exceptionally easy to exploit. Banks will need to update a money-laundering approach the government put in place twenty years ago. They have taken guidance from the regulators, calibrated to regulatory expectations, making our fight against the narco-economy, terrorism, human and animal trafficking and fraud slow and about a decade behind the creativity of our opponents.
It could be time for banks to take the lead. Any moron can avoid “rapid movement of funds” or “deviation from expected behavior” rules, and regulatory oversight just isn’t sufficiently focused on the speed, creativity and layered activities of modern financial crime. The FSA is perhaps the exception as they wrestle with the challenges of London as the center of global cash (rather than New York’s securities) markets.
The way we did it
Twenty years ago, a few of us helped banks make the technological leaps required to track money laundering. A mission following 9/11 that drove a digital rehaul of compliance and financial crime — it’s also a mission that needs to be revitalized.
Reliance on the regulators to drive this transformation will fall short. The business creativity, access to necessary data and the clear competitive demand of deeply and intimately understanding and predicting the behavior of the customer offers a fantastic opportunity.
It’s a critical time — massive cash injections into the economy, a generational shift in the expectations of bank services, and technology-driven transformational change in white collar productivity offer a heady strategic equation. Of course, there’s a pandemic with enormous economic, cultural and organizational consequences raging.
As I’ve said before, I believe the banks are capable of making these changes. I am not sure they can do them all at the same time however.
That’s a lot of digital
The question that’s not being asked is how banks can evolve the technical operations necessary to bring financial crime significantly down to avoid being called out in future leaks of this kind. It’s financial crime and not laundering, then fraud, then cyber, then evasion — these come from the same genome of behavioral activities. They may all have different pathologies, but they are all linked; looking at them separately creates huge opacity and unnecessary costs. Many shortsighted bank investors are already skeptical that the money being poured into better digital customer experience is working for big banks.
As a serial fintech CEO and board member, I’ve gone on the record saying I think banks are more capable of digital transformation than they’re given credit for.
The problem isn’t that banks can’t both digitally transform how they are accessed by their customers and upgrade their data operations to stop sloppiness. The question is whether banks can do both at the same time.
Given space, legacy banks can evolve to outlast and dominate the digital-first challenger banks that have been eating market share and attention. But behind the scenes, the FinCen leaks have banks scrambling to cover the reputational risk that’s been exposed in their operations. I suggest three things need to happen, none of them completely unexpected:
Tone from the top
A bank needs to clearly grow a reputation as a firm a deep ethical authority. Not words, but actions. Incentive plans need to be structured correctly, HR needs to be deeply involved in relationship management decisions, and unfortunately the bank may need to take some loses as operating focus changes around some regions or client categories. Tough decisions. But I for one bank with a firm that I feel is doing a good job looking after, not just my money, but the environment that my money works within. As environmental sustainability becomes more important to millennials, so will general brand reputation. This pushes the need for clear, transparent customer decisions (see the Royal Bank of Canada for one example).
The promise of AI in discovery, interdiction and operational productivity is huge. The execution has been poor. The FSA is pushing hard, and a lot of innovation is coming out of Europe. The United States has a lot of catching up to do. It’s simple really — who will have the breakthrough in applying higher cognitive technology to finding the activity that doesn’t want to be found in the 95 percent of potential criminal alerts that are never even looked at. The bank that finds that signal will change exams and enforcement. Everyone else will need to catch up — at enormous cost.
Find that signal and operations transforms. Ninety-five percent of alerts are not investigated; of the 5 percent remaining, 95 percent are false positives — so how is money laundering $2 trillion to $4 trillion dollars? Because the regulatory, technology and operational environments aren’t working. They are based on technology from 20 years ago, trying to discover behaviors from the 1980s and 1990s. Focusing on false positives is pointless since they are the symptom of a system technology that have been completely outmaneuvered over the last decade.
So let’s be clear, false positives are a symptom, not the disease. The solution is not to cut down on false positives after they come across someone’s screen. The solution is to be more accurate at the start so there are fewer false positives at the beginning.
Banks have a process of internal experimentation and then going to external partners and software companies to scale what they’ve learned. But that process takes time. Challenger banks started from the ground up as software can achieve greater success faster. But banking as a whole needs to get faster regardless of a single bank’s starting point on technology.
What does a solution look like?
Making progress may require less of a focus on more spending and diverting resources, and more attention to rationalized investment. All healthy organizations employ a cycle of regularly reviewing what works and what doesn’t. They then invest in what works. And they reduce what doesn’t. It’s called rationalization. Financial crime and particularly AML is long overdue for rationalization.
It may now be forced by regulators, who are in turn spurred by activists and the public who don’t understand how the current process works. This will be painful and unproductive if governments react to public concerns by simply making rules stricter, rather than more efficient and goal-driven.
It would be helpful if governments re-examined some of the obstacles they insert into the process. Money laundering relies on obfuscation, anonymity and disorganization. Too many jurisdictions lack clarity in regulations and dynamism to keep up with rapidly changing markets, asset classes and customer behaviors.
The change that’s coming will be less painful for banks who adopt an ongoing process of rationalization that aims to maximize the outcomes without overshooting the goal for the sake of symbolism and politics. The goal is great accuracy and, ultimately, drive efficiency.
To get there two fallacies must be confronted. The first is that financial crime is unchanging. What definition of financial crime and the identity of its perpetrators both change rapidly. A set of rules once established will increasingly age and become ineffective. They need to be tested on an ongoing basis and refreshed automatically. That is where technology can be better applied.
But the other fallacy is that there is a perfect algorithm for detecting money laundering. In reality, no such thing may exist. It’s better to maintain and coordinate dynamism, an evolving set of algorithms that evolve and rationalize at the speed of financial crime. Evolution and effectiveness occurs when there are options and differences, not in the absence of options.
Anti-money laundering efforts and strategy haven’t evolved much since the mid-2000s. We have a lot of catching up to do.
Simon Moss is CEO of Symphony AyasdiAI, an artificial intelligence software company serving the financial services industry.