Smart weaponry aids bank fight against money laundering

Advanced algos and machine learning gain credence as regulators encourage innovation

  • Stung by fines for money laundering breaches, banks are looking to machine learning techniques to complement existing detection systems.
  • Machine learning is a self-correcting tool that can adjust to new trends and behaviours, an advance on existing systems that rely on fixed rules.
  • Two-thirds of banks are already thought to be deploying machine learning in their anti-money laundering efforts, or are close to doing so.
  • US regulators have given tacit approval to the use of technological innovation to combat AML, giving banks more freedom to experiment.
  • Techniques in development include using random forests and neural networks.

In the struggle against money laundering, banks are on the defensive. Tough laws have forced firms to develop elaborate procedures to detect prohibited transactions. But when these systems fail – as they often do – lenders leave themselves open to crippling financial penalties. US banks faced fines for anti-money laundering breaches of $1.37 billion in 2018, with those in Europe not far behind at $979 million, anonymous industry loss data from ORX shows.

As banks look to develop more advanced tools to root out criminality, their efforts have been undermined by suspicion among regulators over machine learning, and specifically the difficulties in explaining and justifying its use.

In December, though, the US Federal Reserve gave a clear signal that financial firms would no longer be penalised for trying to innovate to tackle money laundering. With fear of regulatory censure partly removed, banks are renewing their efforts to develop machine learning programmes to fight financial crime.

“We are looking at advanced technologies which are machine learning-based to help us detect new behaviour patterns,” says Jayati Chaudhury, global investment banking lead for anti-money laundering (AML) transaction monitoring at Barclays. “Machine learning has the potential to reduce false positives and create more efficiency so resources can focus on what is truly suspicious based on the business and risk appetite of the firm.”

The use of machine learning for AML is not new; financial firms have been developing self-learning algorithms for years. But the tacit acknowledgement by regulators that existing rules-based systems are, on their own, not up to the task of stamping out money laundering has lent extra impetus to the push to explore new methods.

Two of the most common machine learning techniques used in AML models are decision trees and neural networks. The approaches sit at opposite ends of the artificial intelligence spectrum in terms of complexity – but each has advantages for particular aspects of the fight against suspicious transactions.

Decision trees model the factors that contribute to a particular event or outcome. They provide a visual representation of splits, or branches, within a dataset. They can be used to show, for instance, how geography, movement of funds, and different types of payment interact towards the likelihood that a transaction is suspicious.

“Decision trees typically use many more features and provide more granular explanation of client activity compared to rules-based systems,” says David Stewart, director of financial services, fraud and security intelligence at vendor SAS.

More complex, random forest models capable of generating many decision trees allow users to build more predictive machine learning algorithms. Random forests remove the bias that may exist in a single decision tree, and are thought to provide more accurate plots of cause and effect.

Neural networks, on the other hand, attempt to find non-linear correlations in large datasets by using methods that mimic the way the human brain operates, calculating millions of possible combinations before arriving at a result. The idea is to use advanced analytics to find patterns that classical AML systems would miss: whereas older rules-based systems classify transactions according to pre-set criteria such as age, occupation and income, which are determined by analysing existing data, neural networking uses advanced statistical techniques to detect anomalies in behaviour.

For example, a customer could have accounts in a bank’s corporate, correspondent banking and institutional brokerage businesses. Analysing the transaction activity among these different relationships may highlight suspicious activity that had not surfaced previously.

Accentuate the positives

Not only can machine learning help improve detection rates, banks hope, but the technology also promises to slash the incidence of false positives, where transactions are flagged as suspicious but turn out to be legal. Industry sources routinely put the number of false positives in financial crime analytics as high as 90%. Machine learning can reduce false positives by up to a half, according to some estimates.

In contrast to retail banking where it is comparatively easy to track a customer’s transactions, an investment banking client could have multiple relationships with a bank – meaning traditional AML systems tend to generate lots of false positives. For example, companies usually have multiple legal entities both within and across different jurisdictions. The large sums of money that shuffle back and forth between these entities – all legitimate transactions – might be flagged by a rules-based system because they appear suspicious.

In cutting down false positives, banks accept the risk that a small number of genuinely suspicious transactions might slip through the net. But the hope is that traditional systems will hoover up any suspicious activity that machine learning may have missed. For this reason, most banks are looking to develop machine learning alongside existing systems, rather than instead of them.

“A machine learning-based solution may not be sufficient in and of itself and may need to supplement the rule based monitoring to achieve the efficiency target of the institution,” says a senior financial crime expert at a global bank.

Financial firms are still honing the models they’re using to monitor suspicious transactions. For example, Barclays is piloting a machine learning system for its institutional brokerage business. The system can analyse the transactions that take place between a customer and different corporate entities, which could signal a potential money laundering risk. Similarly, Standard Chartered is using machine learning in its Singapore office to screen real-time transactions for money laundering violations.

Although it’s still too early to draw conclusions, Barclays expects the machine learning system to reduce false positives and allow investigators to focus on genuinely suspicious transactions in their suspicious activity reports (SARs). Banks predict that improving the effectiveness of SARs will not only raise the hit rate for money laundering investigations, but also slash the wasted cost of producing false SARs. The annual deluge of these reports has dogged the industry for more than a decade, and a 2017 report estimated that 80–90% of SARs were of no value to law enforcement efforts.

Given the scattergun nature of existing AML detection methods, it is no surprise that banks are looking to machine learning for a more targeted approach. According to an October 2018 report by the Institute of International Finance based on a survey of 59 banks, one-third of firms said they were already deploying machine learning for AML, while a further third said they were piloting such methods.

On the face of it, financial crime would appear to be a classic application where machines could pore over large sets of data and predict the likelihood of unauthorised or illegal activity. The rigid rule-sets that currently power legacy AML systems are less well equipped to detect new behavioural patterns.

One of the hallmarks of machine learning systems is their ability to self-adjust and identify relationships on the basis of new information. A fixed rules-based system can check whether a transaction fits within certain parameters – the amount of cash deposited in a retail customer’s account during a typical month, for example – but over time, the parameters might change: what is considered abnormal behaviour today might become normal behaviour a year from now. Or, criminals may modify their behaviour to adapt to rules in an attempt to circumvent detection.

These are patterns that rules-based system will not be able to detect, but which more advanced behavioural monitoring systems may be able to.

Learned behaviour

Simple machine learning techniques have been in place within banks for some time. To take an example from credit cards, if a customer has never shopped at department store Macy’s, the first time they shop at Macy’s it might be flagged as unusual. But subsequent uses of the credit card in the store will be considered normal and will result in a lower risk of transaction. In a basic sense, the algorithm is said to have “learnt”.

However, many rules-based systems are unable to learn. Such models typically employ a technique called logistical regression, a simple risk estimation method. A credit card company might suspect that when a mismatch exists between the name a customer uses on a transaction and the name on file at the customer’s credit bureau, the likelihood of fraud goes up. It could run that assumption through the model and see if the data supports it. The algorithm might determine that, based on historical data, a mismatch carries a chance of fraud.

Over time, however, the reliability of that assumption could decline – perhaps because users stop sharing information with credit reference firms, and the bureau relies on information that is not up to date.

The moment you let a computer learn and make decisions on its own, you can no longer explain it
Fraud management executive at a global bank

Machine learning-based approaches can be used to create new categories, or buckets, of customers that don’t rely on predefined groupings. Historically, banks would segment customers by demographic criteria such as age, occupation and income, but machine learning is capable of analysing more data in finer levels of detail. It might turn out that grouping customers by hobby or where they go on holiday might have more predictive power.

“When you’re trying to detect abnormal behaviour, you’ve got to group similar objects. The historic way of doing that would be using pre-set rules, whereby we determine what segment you should be in. But with machine learning, segmenting takes in lots more data to determine how customers should really be grouped together,” says Ray O’Brien, global risk chief operating officer and head of global risk analytics at HSBC.

With money laundering, segmenting customers is complicated by the fact that an individual might be doing business via a correspondent bank, for which the primary bank has little information. In such cases, machine learning can be used to create “pseudo customer” segments, based on frequency of transaction, country of origin, or counterparty.

HSBC is working on such applications. The bank has developed around 400 characteristics that feed into its pseudo customer segments. The work has resulted in a 50% reduction in initial alerting as the focus is shifted to a smaller segment of the population, Patrick Dutton, regional head of intelligence, analytics and systems delivery at HSBC, told Risk.net last year.

Machine learning algorithms can create an optimum number of segments that will provide the maximum separation between each segment. For example, segments could be created based on occupation. One segment might contain students and another might contain bankers. Within the student segment, there might be subcategories containing those who come from wealthy families versus those from middle incomes. Within bankers, the subcategories might be investment bankers versus clerical staff. Firms are betting that a more granular understanding of customers will give a greater insight into what’s unusual or suspicious.

Explain your workings

Machine learning exists as a spectrum of activity, from simple approaches to more complex models. An algorithm can be programmed to analyse data within existing parameters, while another can be taught to reinvent itself as new patterns emerge in the data. A senior fraud management executive at a large global bank says: “You can do it as a one-time exercise, where you pull data and learn through algorithm, so you have an algorithm capable of assessing a new event. That’s one thing. The other thing is an algorithm that’s constantly changing and identifying new patterns. That’s not being done widely.”

As algorithms develop, they may reach the stage of unsupervised learning models. When examining hundreds of variables, machine learning models will adjust risk factors according to new patterns they are picking up. If, for example, illegal transactions appear to be concentrated in a geographic region recently, the machine will identify it as a new risk factor.

The increased complexity brings challenges for model governance. When a model starts to learn and make decisions on its own, it becomes harder to explain. An analogy can be made with a chatbox that starts learning words that developers wish it wouldn’t and starts responding to customers in an inappropriate manner.

“The moment you let a computer learn and make decisions on its own, you can no longer explain it,” says the fraud management executive.

Before you deploy a deep neural network, weigh the risk and reward. If you can explain it, then go for it
David Stewart, SAS

Given the correlation between the predictive power of machine learning techniques and the difficulty of explaining their workings, banks face a tricky balancing act in deciding how complex a model should be. The explainability factor has so far inhibited banks from realising the full potential of machine learning.

HSBC’s O’Brien says: “In financial services, we are at the beginning. If machine learning is going to be used where it could affect people, it has to be transparent, explainable, and undergo independent validation.”

Stewart of SAS agrees: “There are some mature methods, like regression analysis and decision trees, that are more broadly understood and easier to explain to an auditor or examiner. Before you deploy a deep neural network, weigh the risk and reward. If you can explain it, then go for it.”

The reticence to explore the limits of machine learning may explain why the models most banks have implemented to date in the fight against AML have been static, in the sense they’re based on coded instructions rather than evolving as new events happen.

“I don’t know of any financial institution that is [solely] relying on automated learning for fraud detection. What I see being used is traditional modelling where you take historical data from fraud cases, and run it through algorithms like logistic regression or decision trees,” says the fraud management executive.

Open to innovation

Recent guidance from the US Federal Reserve, along with the financial crime agency FinCen, has put a new slant on the development of machine learning tools for AML. The senior financial crime expert says: “Given the recent encouragement from regulators to innovate – and not be penalised if an outcome is different than that of current monitoring – I think it is safe to assume that more and more financial institutions are now willing to try new approaches.”

The Fed guidance reassures financial institutions that they will not face “supervisory action” if new techniques such as machine learning reveal deficiencies in existing AML efforts. The regulatory emphasis now is on innovation, rather than strict control.

“All regulators are open to these conversations. Some are more mature in terms of what is the art of the possible,” O’Brien says. “I think that areas like financial crime and internal decision making will use machine learning first before capital models.”

The new guidance does not mean that regulators are taking a light-touch approach to the supervision of AML. If anything, many are seeking to tighten their procedures. The UK financial regulator has announced its intention to ramp up spot checks of financial firms for money laundering compliance. And the European Union is taking steps to unify its AML reporting practices, following the discovery of systemic violations at European banks.

Innovation will need to focus on teaching the machine how to detect prohibited behaviour from available data. With rule-based systems, humans identify ways that people are trying to launder money, build a rule around it, put that rule into a system and construct scenarios that can be fitted to real-world cases. But what about other scenarios that might not have happened in real life, but are still plausible? The machine would need to be sufficiently flexible to search out those as well.

The machine needs a sufficient amount of data to build the algorithm, but how much and what data to use will determine the accuracy of the model. If the sample contains too much data, this can lead to overfitting, where the model becomes so complex that it can’t make accurate predictions for out-of-sample data. Conversely, too little data can lead to underfitting, wherein models working from too-small datasets become a poor predictor of out-of-sample data.

“If the data you use to build and train your algorithm is bad, you'll have an algorithm that makes the wrong assumptions from the beginning. You need to make sure you have decent data quality,” says Adrien Delle-Case, policy adviser at the Institute of International Finance.

Editing by Alex Krohn

Jayati Chaudhury’s views do not necessarily represent those of her employer, Barclays

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact info@risk.net to find out more.

Most read articles loading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here