In today’s era of data explosion, it’s more important for organizations to make the most of analyzing their colossal amounts of data in real time for anti-money-laundering efforts.
The key to capturing money laundering activities is to represent transactions in a manner that enables understanding of the flow of money through the various accounts, potentially spanning several intermediaries in the graph. In addition, side information, such as media used to interact with the accounts can be used to further study the money transfer behavior for laundering activities.
By supporting this effort, real-time graph technology and analytics offer a rare opportunity to revolutionize the entire field of AML in banking and financial services. It will become the industry best practice in the near future and may well become part of the regulatory expectations.
Implementing any new technology requires some investment and commitment, but at the same time, not having graph in an AML compliance toolkit will likely prove to be even more costly and painful over time. The best way to get started is to with baby steps (e.g., alert prioritization) to get real benefits first, and then to follow an evolutionary path to more widespread use of graph in AML compliance.
As the entire banking and financial services industry embraces graph in AML compliance, institutions that start early will surely get ahead of the curve. Using graph, they are finding that the once burdensome process of AML compliance can transform into an advantage.
Graph-aided alert prioritization does not replace banks’ existing alert-review processes, but only enhances it by enabling more complete and accurate AML risk assessment of alerts. This allows banks to allocate more time and resources to review higher risk alerts, while leaving lower-risk alerts to more junior analysts.
Some large banks have even started experimenting with auto-closure of alerts that fall below a certain threshold during an alert-prioritization stage. This way, banks can save time and lower costs by getting through lower-risk alerts quickly, while ensuring the quality of review by having sufficient justification to be confident every high-risk alert receives careful review in due course.
A graph can reduce false positives by ruling out low-risk alerts. For example, an AML alert is raised for a second counterparty due to recent financial transactions with a customer account. A traditional approach would determine this new alert as high risk. Traditional metrics, such as high number of alerts generated and multiple suspicious activity reports (SARs) filed on the same customer account, would point to the likelihood of high AML risk.
Through graph analysis, we see out of all the previous alerts, only those related to Counterparty 1 became SARs. Those related to Counterparty 2 have all been closed.
Given that this new alert is related to Counterparty 2, it will likely be more similar to alerts 3 and 4, as opposed to alerts 1 and 2, and thus probably should be closed, or at least low risk. This demonstrates how graph analysis can identify and group “like” alerts. A conventional transaction monitoring system would miss the relationship.
Another benefit is finding false negatives. Here, a new alert is classified as a low-risk alert under a conventional scoring approach, because none of its attributes measured by the traditional scoring model displays any AML risk. But the conventional approach fails to consider the cluster of high-risk customers that this alert is associated with.
This new alert is connected to a new customer, who shares the same phone number with four other high-risk existing customers, on whom multiple SARs have been filed previously. This sort of hidden linkage through a phone number would have been quite difficult to uncover using human review or existing models and systems. Thanks to graph, it is revealed, and the new alert can be elevated to a high-risk alert.
Let’s examine an alert for a customer who is not located in a high-risk geography, does not have any alerts or SARs and has no history with the financial institution.
A traditional AML solution would not flag an alert for this new customer. However, graph-based features dig deeper to find that new account shares a phone number with several customers with SARs. The graph-based solution creates a new AML alert missed by the traditional AML solution, marking it high risk for further monitoring and investigation. In this way, our graph-based solution finds the false negatives, or hard-to-detect money laundering cases, that would be missed using traditional solutions.
Training data for machine learning incorporates key features, such as financial transaction amount, SARs filed for related accounts, and whether the particular account is part of a high-risk geography.