Customer Research in AML/CFT

By

 

Research is the process of discovering new knowledge or using existing knowledge in a new way to create new ideas, methods, and understandings. It involves collecting and analyzing data in a systematic way to support a specific purpose. Research is the careful consideration of study regarding a particular concern or research problem using scientific methods. According to the American sociologist Earl Robert Babbie, “research is a systematic inquiry to describe, explain, predict, and control the observed phenomenon. It involves inductive and deductive methods.”



Customer research is a key part of anti-money laundering and counter-terrorist financing (AML/CFT) activities. It helps financial institutions evaluate the risk of customers and prevent money laundering and terrorist financing.


Customer Due Diligence (CDD)

This process involves verifying a customer's identity, assessing their risk level, and monitoring their transactions and accounts. CDD is a vital part of the AML/CFT regulatory framework.

Customer Risk Assessment

This process helps financial institutions evaluate the potential risks posed by customers. Factors that can influence a customer's risk level include their background, business activity, and the country they operate in.

Customer Screening

This is a primary procedure that businesses use to comply with AML/CFT regulations

Data and Statistics

High quality AML/CFT statistics can help jurisdictions review the effectiveness of their AML/CFT systems. They can also be used to enhance management tools.


Customer research in Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) is the process of identifying and assessing the risk of customers and is mandated by law in most of the nations.  

 

Banks and other financial institutions are required by law to collect KYC information from their customers. In the United States, this is regulated by the Bank Secrecy Act (BSA) and in the European Union, it is regulated by the Fourth Anti-Money Laundering Directive (4AMLD).
 
 In May 2019, the Financial Crimes Enforcement Network (FinCEN) issued a revised set of regulatory guidelines which currently oversee the implementation of the BSA with respect to virtual currencies. The BSA is the nation's first and most comprehensive federal anti-money laundering and counter-terrorism financing (AML/CFT) statute. Under the updated FinCEN guidelines, money service businesses (MSBs) are required to develop, implement, and maintain an effective written anti-money laundering program. MSBs also have to comply with the recordkeeping, reporting, and transaction monitoring obligations outlined in Chapter 10 of the U.S. Department of Treasury’s Money and Finance regulation.

In Singapore, the Payment Services Act (PSA) serves as  the key legislation governing  crypto . One key focus area is AML/CFT, which is dealt with by Notice PSN02. The PSN02 guidance, which came into effect on January 28th, 2020 puts in place robust AML/CFT guidelines and regulations to detect and stop the illegal flow of cryptocurrency funds through Singapore. The regulation includes implementing measures such as KYC processes including beneficial ownership - defined as the natural person or persons "who ultimately own or control a legal entity or arrangement, such as a company, a trust, or a foundation" -, account reviews, and suspicious transaction monitoring and reporting.

Recent FCA guideline- Crypto Asset AML/CTF regime:
 
 The UK’s money laundering regime requires crypto asset firms set up in the UK to register with the FCA. Only firms with appropriate Know Your Customer (KYC), source of funds and proof of funds checks, can be registered to ensure that no illicit money is coming through the system.

Obtaining a sufficient understanding of its customers and the nature and purpose of the customer relationship—together with the ongoing analysis of actual customer behavior and the behavior of relevant peer groups—allows the RE to develop a baseline of normal or expected activity for the customer, against which unusual or potentially suspicious transactions can be identified. 

Customer Research in AML/CFT is inter-wined with Customer Risk Profiling, Customer Screening, Transaction Profiling, and Transaction Monitoring and is essential part of KYC and Transaction Monitoring requirements under PMLA 2002 as well as RBI guidelines in this respect for REs. KYC gives picture of the client’s financial situation and activities along with identity. Transaction Monitoring captures the rolling picture of variation from normal conduct of customer finances. Taken together customer research paints a family photograph of financial conduct of the customer to exhibit deviations from normal conduct of activities and funding during the evaluation period. Targeted STR analysis using modern methods like Network Analysis is capable of throwing out suspicious activities that may be part of ML/FT operations.


Customer Risk Profiling

Customer risk profiling is a system that enables businesses to assess the risk of customers and identify any potential money laundering activities. The system works by analyzing customer data, such as demographic information, financial activities, social networks, and public records.

This allows businesses to better understand their customers and identify any red flags or suspicious activities. Many businesses also use dynamic customer risk profiling to identify key customer segments, allowing them to tailor their anti-money laundering (AML) compliance strategies to specific customer types.

By using this system, businesses can have greater confidence in their AML compliance and ensure they stay up to date with all regulatory requirements.

Factors Considered in a Customer Risk Profile

The FATF has identified factors relating to the Customer, Products & services, Channels of Delivery, Transaction and Jurisdiction as the major factors affecting Customer Risk Profile.

Through a proper risk assessment, the bank  can determine if the customer:

 

  • Poses a money laundering risk.
  • Is a politically exposed person. 
  • Is financing terrorism. 
  • Appears on watchlists or other blacklists.
  • Is a sanctioned person or a sanctioned business.

 

For this reason, to conduct a risk assessment, companies often verify customer identities and then screen their users against sanctions lists, as well as analyze their transactions in order to detect certain red flags based on factors like their location or services used. 

Customer risk assessment is also a measure that’s required by anti-money laundering (AML) regulations for regulated entities, such as banks and other financial institutions.

Transaction Monitoring

Transaction monitoring is the practice of proactively and reactively identifying outlier events such as payments or business arrangements using rules and data to flag these suspicious transactions for manual review. At its core, that act of transaction monitoring is an essential and required practice for organizations that move money on behalf of customers or businesses. It aids in preventing terrorist financing, money laundering, and other malicious financial crimes that cause challenges to security and safety across the globe.

There are several ways a business can conduct AML transaction monitoring. The chosen transaction monitoring process will depend on many factors and considerations unique to the business, including:

  • Sector, size, complexity and geographic reach
  • Customer profile, including any intermediaries
  • Corporate culture 
  • Associated operational risk

While money laundering regulators do not provide prescriptive guidance on the transaction monitoring process , FATF has prescribed the Risk-Based Approach

 Transaction Monitoring Procedures: the Risk-Based Approach

Regardless what of transaction monitoring or fraud detection process a business chooses to adopt, regulators around the world expect to see a risk-based approach to AML activities with enhanced due diligence for high risk customers. For transaction monitoring this means adjusting the process according to the customer risk profile.

The risk-based approach was first introduced by the Third Money Laundering Directive in 2005 in European Union. It later became central to adopting the global FATF Recommendations by 2007 and underwent several amendments along with developments in technology and globalization.  

Machine Learning and Artificial Intelligence (AI) technologies play a crucial role in transaction monitoring. These advanced techniques enable the automation of rule generation, anomaly detection, and behaviour modelling

AI can automatically monitor transactions and reduce the need for initial human review.

Machine learning algorithms learn from historical data to detect evolving patterns and adapt to new forms of financial crimes.


FIU-Ind & Customer Research

REs sent regularly reports prescribed under PMLA 2002 to FIU-IND. Suspicious Transaction Reports sent to FIU-IND is after studying the transaction behavior, Front Office intelligence reports as well as Adverse Media screening process. These process together can be called customer research in AML/CFT 

Under customer research, a holistic view of customer transactions are arrived at FIU level in addition to that at the RE level. So the criminals operating with single bank is caught as well as multiple banks/FIs across asset classes. 

The new updated version FINnet 2.0 deployed has capabilities of "advanced analytics" by employing artificial intelligence and machine learning tools and a strategic analysis lab to stay abreast with the developments in anti-money laundering and emerging technologies. 

 The new tech uses natural language processing (NLP) and text mining tools to analyse textual inputs like 'grounds of suspicion' to provide sophistication in FIU's "analytical and data processing capacity" collected from  Income-tax department, ED, CBI, DRI and intelligence agencies like the IB, military intelligence and the NTRO. The National Technical Research Organisation (NTRO) is a technical intelligence agency in India that's responsible for gathering intelligence and protecting the country's national security.

Account Aggregators

IndiaStack, is a set of APIs that allows governments, businesses, start-ups and developers to utilise a unique digital infrastructure to solve India’s problems towards presence less, paperless and cashless service delivery. India Stack provides four distinct technology layers including a universal biometric digital identity, a single interface for all of the country’s bank accounts, a secure way to share data and the ability of digital ID records to move freely, eliminating the need for paper collection and storage. This infrastructure comprises of Aadhaar, eKYC, eSign, DigiLocker and UPI, tools that are facilitating orderly growth of open banking in the country.


Technology Supported Customer Research for AML/CFT

Opportunities and challenges of new technologies for AML/CFT, FATF, 2021 has detailed the use of modern technologies by different FIUs. Following is a discussion on techniques and examples relevant to AML/CFT drawn heavily from the FATF report.

1. Natural Language Processing

 Natural language processing (NLP) is a branch of AI that enables computers to understand, interpret and manipulate human language. Fuzzy logic is a logical technique that takes imprecise or approximate data and processes it using multiple values, in a way that produces a useable (but imprecise) output. Such logics are nonbinary, using a range of values instead of only 0 or 1. Fuzzy Logic systems can produce useful output in response to incomplete, ambiguous, distorted, or inaccurate (fuzzy) input, simulating human decision making more closely than classical logic, and extracting more useful information from data that is too imprecise to enable definite results to be derived using classical logic. Fuzzy logic can be implemented in hardware, software, or a combination of both

Here are a few prominent uses of NLP applicable in AML/CFT regime.

  • Email filters. Email filters are one of the most basic and initial applications of NLP online.
  • Smart assistants.
  • Search results.
  • Predictive text.
  • Language translation.
  • Digital phone calls.
  • Data analysis.
  • Text analytics.



Natural language processing (NLP) is a branch of artificial intelligence (AI) that allows computers to understand, generate, and manipulate human language. NLP enables machines to communicate with people in everyday language, and is used in many applications, including: 


  • Virtual assistants: NLP is the core technology behind virtual assistants like Siri, Alexa, Cortana, and the Oracle Digital Assistant. 
  • Web search: NLP is used in web search. 
  • Email spam filtering: NLP is used to filter spam in emails. 
  • Automatic translation: NLP is used to automatically translate text or speech. 
  • Document summarization: NLP is used to summarize documents. 
  • Sentiment analysis: NLP is used to analyze the sentiment of a message. 
  • Grammar and spell checking: NLP is used to check grammar and spelling. 
  • Subtitles: NLP is used to automatically generate subtitles on YouTube. 
  • Grammarly: NLP is used in grammar checkers like Grammarly. 


NLP uses algorithms to understand the meaning and structure of sentences. Some NLP techniques include:


  • Stemming: Reduces words to their base form by removing prefixes or suffixes.
  • Word Segmentation: Divides a sequence of characters into individual words or tokens.
  • Sentence Breaking: Identifies and segments individual sentences within a larger body of text.
  • Morphological Segmentation: Breaks words down into constituent morphemes, which are the smallest units of meaning in a language.

Broadly, the application of AI to AML/CFT processes may enhance the capabilities of actors to respond to risks and implement requirements more effectively. These tools are not a replacement but rather a complement to the systems aimed at improving results and simplifying compliance. Transaction monitoring using AI and machine learning tools may allow regulated entities to carry out traditional functions with greater speed, accuracy and efficiency (provided the machine is adequately and accurately trained). These models are useful for filtering the cases that require additional investigation. The use of new technologies for monitoring purposes should, for the most part, continue to be integrated with the broader monitoring systems which include an element of human analysis for specific alerts or areas of higher risk. These systems must also improve their degree of explainability and auditability in order to fully comply with the majority of supervisory requirements

According to FATF report, machine learning add value in:

  •  Identification and Verification of customers: In the context of remote onboarding and authentication AI, including biometrics, machine learning and liveness detection techniques can be used to perform: micro expression analysis, anti-spoofing checks, fake image detection, and human face attributes analysis.
  • Monitoring of the business relationship and behavioural and transactional analysis:
    • Unsupervised machine learning algorithms: to group customers into cohesive groupings based on their behaviour, which will then create controls that can be set more adequately based on a risk-based approach (ex: transaction threshold settings), allowing a tailored and efficient monitoring of the business relationship.
    • Supervised machine learning algorithms: Allow for a quicker and real time analysis of data according to the relevant AML/CFT requirements in place.
    • Alert Scoring: Alert scoring helps to focus on a patterns of activity and issue notifications or need for enhanced due diligence.
  • Identification and implementation of regulatory updates: Machine Learning techniques with Natural language processing (NLP), cognitive computing capability, and robotic process automation (RPA) can scan and interpret big volumes of unstructured regulatory data sources on an ongoing basis to automatically identify, analyse and then shortlist applicable requirements for the institution; or implement (to a certain extent) the new or revised regulatory requirements (via codification and generation of implementation workflows) so regulated entities can comply with the relevant regulatory products.
  •  Automated data reporting (ADR): the use of standardised reporting templates using automated digital applications (data pooling tools) making the regulated entities underlying granular data available in bulks to supervisors.

Named Entity Recognition

Named entity Recognition looks at extracting name of entities  entities in a piece of text into predefined categories such as personal names, organizations, locations, and quantities. The input to such a model is generally text, and the output is the various named entities along with their start and end positions. Named entity recognition is useful in applications such as summarizing news articles and combating disinformation. This method is  useful in CDD of PEP, Adverse Media screening  among other uses in AML/CFT context.

Predictive Analytics

Predictive analytics uses historical data and statistical algorithms to predict future fraudulent activities. By analysing patterns and trends, it helps financial institutions identify financial crime attempts before it occurs.

Example: Credit card companies use predictive analytics to detect potential fraud by analysing spending patterns and transaction behaviours. If a customer's spending behavior deviates significantly from their usual pattern, such as an unusual number of high-value transactions in a short period, the system flags these transactions for further review, thereby stopping fraud in its tracks.

Pattern Recognition

Machine learning models can be trained on historical transaction data to recognise complex patterns that are indicative of fraud or money laundering

Example: If fraudsters spread out transactions across multiple accounts, a pattern recognition model can identify similarities in the transaction metadata (such as IP address, or transaction timing) that link these accounts together

Anomaly Detection

 ML algorithms excel at identifying deviations from normal behaviour. This involves creating a baseline of what normal behaviour looks like for each user and flagging transactions that fall outside this expected behaviour.

Example: If a user typically makes small, local transactions and suddenly has multiple transactions in different locations or larger amounts, the system would flag these as anomalies.

Natural language processing and fuzzy matching tools also allow for a more efficient reduction of false positives and negatives (e.g. in sanction screening processes) but chiefly overcomes problems of data quality (such as incomplete or distorted data), as the programmes become better at linking elements of information, for example, connecting search engine results with PEP lists, identifying fraud attempts, monitoring sanctions lists, etc. 

2. Artificial Intelligence (AI)

AI is the science of mimicking human thinking abilities to perform tasks that typically require human intelligence, such as recognizing patterns, making predictions recommendations, or decisions. AI uses advanced computational techniques to obtain insights from different types, sources, and quality (structured and unstructured) of data intelligence to “autonomously” solve problems and execute tasks. There are several types of AI, which operate with (and achieve) different levels of autonomy, but in general, AI systems combine intentionality, intelligence, and adaptability.

The FATF recommends the use of AI-enhanced transaction monitoring as it can allow regulated entities to comply with greater speed, accuracy, and efficiency. AI and machine learning are especially useful when applied to big data to strengthen ongoing monitoring, distinguish normal from suspicious activity in real-time, and filter cases that require additional investigation. Machine learning, which is the currently the best-known form of AI, also provides the ability to automate the process of risk analysis partially or fully by analysing a greater volume of data and identifying emerging risks. This can increase the degree of confidence when applying risk-based measures.

Machine Learning (ML): ML is a subset of AI that focuses on enabling computers to learn from data. Instead of following fixed rules, ML algorithms identify patterns and make decisions based on the data they analyze. This means they can adapt to new types of fraud as they emerge, making them incredibly effective.

Key Terms:

Algorithms: Sets of instructions that tell the computer how to perform tasks.

Data Sets: Collections of information that algorithms use to learn and make decisions.

Training Models: The process through which an algorithm learns from data to improve its performance in detecting financial crime.

Machine Learning is a type (subset) of AI that “trains” computer systems to learn from data, identify patterns and make decisions with minimal human intervention. Machine learning involves designing a sequence of actions to solve a problem automatically through experience and evolving pattern recognition algorithms with limited or no human intervention — i.e., it is a method of data analysis that automates analytical model building. Respondents cite machine learning and natural language processing as the AI-powered capabilities offering great benefit to AML/CFT for regulated entities and supervisors (see Box. 5). Machine learning reportedly offers the greatest advantage through its ability to learn from existing systems, reducing the need for manual input into monitoring, reducing false positives and identifying complex cases, as well as facilitating risk management.

Machine learning applications are useful for detecting anomalies and outliers identifying and eliminating duplicate information to improve data quality and analysis. For example, Deep Learning (DL) is an advanced type of machine learning in which artificial neural networks (algorithms inspired by the human brain) with numerous (deep) layers learn from large amounts of data in highly autonomous ways. DL algorithms perform a task repeatedly, each time tweaking it a little to improve the outcome, enabling machines to solve complex problems without human intervention

Behavioral Analytics

AI can analyse user behaviour over time to detect subtle changes that might indicate fraud or money laundering.

Example: If a user’s transaction behaviour changes suddenly, such as an increase in transaction frequency or a switch to different geographical locations, the system can flag this as potential fraud.

Deep Learning (DL):

DL is a subset of ML. DL uses neural networks with many layers (hence ‘deep’) to analyse various factors in large amounts of data. It’s particularly effective for tasks like image and speech recognition.

How AI and ML Differ from Traditional Financial Crime Detection Methods

 Traditional fraud detection relies on predefined rules to flag suspicious activities. While this can be effective, it's limited by its inability to adapt to new fraud tactics.

Example: a traditional system might flag a transaction if it exceeds a certain amount or occurs in a high-risk location. However, fraudsters can easily bypass these rules by spreading out transactions across multiple accounts or locations.

AI and ML, on the other hand, continuously learn and evolve, making them much more effective at keeping up with ever-changing financial crime schemes.

Example: AI and machine learning can detect the above fraud scenario by identifying patterns and anomalies across multiple accounts or locations, analyzing behavior, to spot suspicious activities that traditional systems might miss.

3. Distributed Ledger Technology

DLT may improve traceability of transactions on a cross border basis, and even global scale, potentially making identity verification easier. A responsible and regulated use of DLT for data and process management purposes may also speed up the CDD process, as consumers can authenticate themselves and can even be automatically approved or denied through smart contracts that verify the data .

In addition, under appropriate safeguards and regulatory environment, transactions can potentially be managed via a single ledger shared among several institutions across jurisdictions, or via interoperable ledgers. This would significantly increase the monitoring possibilities compared to the existing frameworks. It also means that, as DLT becomes more widely understood and accessible, contractual arrangements, for example, could be built into securities as they are issued via smart contracts, which means that every time a transaction in securities is initiated, other shareholders would be automatically notified and could become – dependent on the contract design – counterparties in the transaction..

DLT technologies may also offer benefits for managing CDD requirements contributing to user concerns regarding this process, greater cost effectiveness for the private sector, and a more accurate and quality-based data pool. For example, in China, DLT is being used by financial institutions to share watch lists or red flags on the basis the scope of confidentiality permitted by this system.

Distributed Ledger Technology may improve the traceability of transactions.The FATF puts forward the use of Distributed Ledger Technology (DLT) owing to its several potential benefits, including:

  • The ability to make identity verification easier by improving transaction traceability on a cross border and even global basis.
  • Increased monitoring possibilities because transactions could be managed via a single ledger and shared among several institutions across jurisdictions, or via interoperable ledgers.
  • Improved management of customer due diligence requirements as well as greater cost effectiveness and a more accurate, quality-based data pool.

The FATF further acknowledges that DLT continues to pose challenges and raises significant concern from an AML/CFT perspective and thus its use needs to be closely monitored and further considered.

Despite its merits, DLT seem to continue to pose challenges and raise significant concern from an AML/CFT perspective, as seen in the regulation and /supervision of virtual assets. Unlike transactions through conventional intermediaries such as banks, transactions in virtual assets (VA) based on DLT are decentralized in nature and enable un-intermediated peer to peer transactions to take place without any scrutiny. They also pose jurisdictional challenges, if there is no single entity or clear location responsible for the activity. This could pose potential challenges to traditional FATF standards that have focused on regulating/supervising intermediaries. The use of this technology should therefore be monitored and further considered by FATF members in detail. Authorities may also want to consider the carbon footprint of using DLT compared to traditional tools.

4. Digital Solutions

Digital solutions for customer due diligence will streamline onboarding processes. 

Applying new technologies, including digital ID and client screening/matching onboarding tools, can facilitate more streamlined onboarding processes adapted to the risk, context, and individual which can facilitate more effective compliance and also improve customer experience.

Client screening and matching tools benefitting from NLP and advanced fuzzy matching tools allow elements of identification to be differentiated, like similar names. They can also overcome language differences and identify cross references with adverse media information and different databases.


5. Application Programming Interfaces

Application Programming Interfaces are essential to AML/CFT efforts

For AML/CFT, APIs (Application Programming Interfaces) can connect KYC software to monitoring tools or risk assessment tools to customer risk profiles which can generate alerts and even alter risk classifications as behaviour changes.

APIs are particularly important in helping financial institutions overcome the difficulty of integrating many different - and often incompatible - systems, including specialised tools and legacy technologies created by different developers.

6. Network Analysis

At an abstract level, a network refers to various structures comprising variables, which are represented by nodes, and the relationships (formally called edges) between these nodes. For example, from the Foresight Report the variables such as stress, peer pressure, functional fitness, nutritional quality of food and drink represent nodes in the network, and the positive and negative relationships between those nodes are edges. There are some differences in nomenclature in the network literature: nodes are sometimes referred to as vertices, edges are sometimes referred to as links, and networks are also called graphs. Networks can be estimated based on cross-sectional or longitudinal time-series data; in addition, networks can be analysed at the group or individual level. Cross sectional data from a group can reveal group-level conditional independence relationships (e.g. Rhemtulla et al., 2016). Individualised networks based on times series data can provide insights into a specific individual over time (e.g. Kroeze et al., 2017). Furthermore, the networks produced by different populations can be compared. In general, network analysis represents a wide range of analytical techniques to examine different network models.

Network and Cluster Analysis in AML/CFT is instrumental in unraveling complex networks and relationships involved in financial crimes. This technique maps and analyzes how individuals and entities are interconnected, revealing clusters or networks indicative of illicit financial rings. It enables financial institutions to identify and investigate suspicious networks, breaking down sophisticated money laundering and terrorist financing schemes that might otherwise go undetected.

Network and Cluster Analysis in AML/CFT is an advanced analytical approach that examines how individuals, entities, and transactions are interconnected.

This technique is key to uncovering hidden relationships and patterns within financial data.

By analyzing the structure and dynamics of networks, financial institutions can identify unusual clusters of transactions or relationships that suggest illicit financial activities.

Use Cases:

        ·         Uncovering Money Laundering Networks: Mapping transaction networks to identify clusters that could indicate structured money laundering operations.
·         Detecting Fraud Rings: Identifying networks of accounts and transactions that exhibit patterns typical of fraud schemes.
·         Analyzing High-Risk Jurisdictions: Examining transaction flows to and from high-risk jurisdictions to identify potential money laundering hotspots.

In the context of AML, network analytics enhances detection accuracy, reducing the number of false positives and ensuring genuine threats are identified promptly. It aids in the proactive identification of potential risks, allowing institutions to act swiftly before substantial damage occurs. The technology also offers an aggregated, holistic view of customer activity, enabling a deeper understanding of individual behaviors and group dynamics, which is key in identifying illicit networks.

The Hong Kong Monetary Authority (HKMA), in its whitepaper "AML Regtech: Network Analytics," has emphasized the crucial role of network analytics in modern AML efforts. The paper extensively explores the successful application of this technology in various banks, emphasizing the need for Hong Kong's financial institutions to adapt to these novel, effective ways of combating financial crime. 

The fundamental premise of network analytics is that individuals and entities don't operate in isolation; instead, they form intricate networks of interactions, where each interaction signifies a transaction or a relationship. Network analytics leverages this premise to scrutinize and interpret these interactions, utilizing advanced data analytics and machine learning techniques to expose potentially suspicious activity.

The process typically begins with data gathering. Banks and financial institutions collect vast amounts of data from various internal and external sources. This data might include transaction details, customer profiles, and other relevant information. Next comes data preparation, where data is cleaned, formatted, and consolidated to ensure it's in a suitable state for analysis.

This data then forms the basis of a 'network'. Each customer or entity becomes a node, and each transaction or relationship forms an edge connecting two nodes. In this way, the often-disparate pieces of data are synthesized into a coherent structure that's ripe for analysis.

From here, advanced algorithms analyze the network to uncover hidden patterns and associations. These algorithms can identify clusters of closely related nodes, detect anomalies that deviate from normal patterns, and highlight nodes or connections that are of particular interest based on predefined criteria. Importantly, machine learning allows these algorithms to learn from the data, enhancing their accuracy and predictive capabilities over time.


Network analytics can be applied to a variety of AML tasks. For example, it can identify money mule networks, where numerous interconnected accounts are used to funnel illicit funds. It can also highlight unusual transaction patterns that may indicate money laundering, such as rapid movement of funds between accounts or transactions that always fall below a certain reporting threshold.

One of the most compelling features of network analytics is its ability to provide a holistic view of a customer. By consolidating information from disparate sources, it enables a more complete understanding of a customer's activities and relationships, aiding in both risk assessment  and customer due diligence.

Visual Tools

Link analysis is a part of graph theory - the study of graphs. Graphs are mathematical structures used to model pairwise relations between objects. A graph in this context is made up of vertices, nodes, or points which are connected by edges, arcs, or lines. A graph may be undirected, meaning that there is no distinction between the two vertices associated with each edge, or its edges may be directed from one vertex to another.

Link or Network Analysis focuses on the relationships between entities rather than attributes of entities. It gives a sense of interdependence at a group level rather than at the individual level.

This is helpful to those in the compliance industry as it enables analysts to process information faster thanks to it's a visual format.

When a bank is tasked with an anti-money laundering ("AML") investigation, the task can be daunting because of the sheer amount of information that must be reviewed. Most perpetrators of money laundering do not conduct illegal business during a singular transaction. Instead, they attempt to bury their illicit behavior under a bevy of normal activity. For example, a criminal who is trying to launder their proceeds typically uses several different accounts, and their transaction flow looks vastly different from that of a normal bank account.

Visual link analysis provides an easier way to "follow the money" and identify account flow and account relationships.

At first, it can be overwhelming to look at the intermingling spider web-like networks of data. It's often challenging for a compliance professional to determine where to start the analysis. The good news is that there are measures and metrics that can be used to identify the relative importance of an entity within a given network like:


  • Degree Centrality provides the number of links going in or out of each entity. This metric gives us a count of how many direct connections each entity has to other entities within the network. This is particularly helpful for finding the most connected accounts or entities which are likely acting as a hub, and connecting to a wider network. The layout of the network for the entity can then be quickly compared to the purpose of the account that was given during initial client onboarding to uncover anomalies.
  • Betweenness gives the number of times an entity falls on the shortest path between other entities. This metric shows which entity acts as a bridge between other entities. Betweenness can be the starting point to detect any money laundering or suspicious activities.

Link or network analysis is valuable because it allows multiple cross directional account relationships to be revealed quickly and easily. The information is placed into visualization software, analysts can view large amounts of interrelated accounts which indicate a larger cluster. This cluster then has the ability to indicate illegal activity. Now that each transaction is visually represented by a link, it is much more difficult for money launderers to carry out their usual tasks.

For those who are curious how these are really achieved, the link by BIS is given to understand how the link analysis or network analysis is performed 

Link Analysis, also referred to as Network Analysis, helps compliance officers better analyze large data sets to discover possibly fraudulent patterns between entities. 

BIS on Data, Technology and Innovation

In its Stocktake on data pooling, collaborative analytics and data protection,  the FATF outlined several technologies and approaches that could be used to improve AML/CFT efforts, including different approaches to data-sharing,  privacy-enhancing technologies (PET), advanced analytics,  data standardisation and data protection.  Digital transformation to enhance AML/CFT efforts is a strategic priority of the FATF.

Additionally, in 2020, the G20 leaders endorsed a Roadmap for enhancing cross-border payments. As part of this roadmap’s prioritisation plan, the FATF is also considering updating its recommendation 16 (the travel rule)18 to take into account developments in the architecture of payment systems, including the adoption of ISO 20022 messaging standards. This is to improve the consistency and usability of payment message data in cross-border payments and could also facilitate more efficient AML/CFT checks.

Technology and collaboration could support financial institutions, central banks, supervisory and other public authorities to address AML challenges through collaborative analytics and learning (CAL). Such initiatives could leverage payment system-level data and public-private collaborative approaches to analyse privacy protected data19 to reveal suspicious networks and activities that may not be detected by financial institutions acting in isolation.

The protection of individual and fundamental rights to privacy can be a concern when considering the use of data and technologies to fight financial crime. Data privacy and protection, and countering financial crime are important public interests that are not opposed to each other. They should be supported by the right technological tools and by a balanced legal framework.

BIS Innovation hub brought out Project Aurora report (2023) where the use of Network Analysis was employed for two different typologies , viz.., Structuring and Surfing and proved beyond doubt the relationships established by the study protects person’s privacy and at the same time establishes nexus between criminal persons/entities  in the financial system

HKMA on Customer Research for AML/CFT

The response towards AML/CFT by Monetary Authority of Hongkong was developed around two main areas of focus: modernising supervisory activities, or Suptech, and promoting responsible innovation by the industry, or Regtech. During 2019-2023,  balancing the threats and opportunities from the transformation of the digital economy has become a central theme in how the HKMA delivers its mandate to ensure the stability of one of the most efficient banking systems in the world. HKMA  shared  the industry’s  practical insights and lessons learned on Regtech adoption, encourage broader adoption of Regtech solutions and ultimately uplift the collective AML/CFT effectiveness of our ecosystem.

Conclusion

The FATF report acknowledges the adoption of new tech may come with regulatory or operational challenges and the need for clear support from FATF and national competent authorities for innovation in AML/CFT is paramount to increase private sector interest, investment and trust in new technologies.

To help secure this support, FATF highlights that interpretability and explainability of tools for AML/CFT is key. Not only do regulated entities need to explain and remain responsible for their operations, but supervisors themselves must be able to understand the models used by AI tools to determine their accuracy and relevance.

Technologically active AML supervisors are integral to new tech adoption. The FATF acknowledges that if it, along with supervisors, shows more active support for new technologies then this would help respond to the outstanding risk and trust concerns expressed by regulated entities. The role of “technologically active supervisors” (supervisors willing to engage with technology developers), as is already the case in many jurisdictions, therefore becomes integral to new tech adoption.

The FATF also acknowledges the need for greater collaboration between supervisors and regulated entities, specifically in the form of ongoing exchanges and cooperation rather than at specific events.


Happy Reading,


Those who read this, also read:

1. Transaction Monitoring

2. Know Your Customer - India Perspective

3. Periodic Updation of Customer Risk Profile

4. Financial Intelligence Unit(FIU-Ind)

Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more