As banks fight to stem the flow of $3trn in dirty money moving through our global financial system, they face a huge obstacle in their anti-money laundering efforts: false positives. Of all transactions that are flagged as suspicious, 95-98% of them end up being false alarms that go nowhere, costing billions in wasted dollars from dead-end investigations.
This inefficiency is getting worse. Banks are increasingly overcompensating to try and keep regulators happy, but at the cost of customer satisfaction. Regular customers are being shocked to find they’ve been frozen out of their accounts as they unwittingly trip the wire of overly-zealous monitoring software.
There are ways banks can protect themselves without triggering as many false positives, but they need to harness the emerging capabilities of data and analytics, and, sometimes, just take a bold step in a different direction.
Here’s what I’ve learnt working with financial institutions, new and old, about bringing that 98% figure way down and maintaining customer trust.
For a regular account owner like Ms Lettice, selling a car will send an abnormal amount of money flooding into her account. The bank will consider that transaction a diversion from the usual pattern and flag it.
But banks need quite a lot of data to rule this event out as a false positive before taking action and freezing the customer out. We’re not talking about standard KYC data that customers offer when they sign up, as this only gives basic insight into the person and their work. Banks should be more interested in the next level of data behind a person or business.
This includes credit scores, insurance data, data on the client’s investments, assets owned, income, location and more. That data is all necessary to put together the larger puzzle behind a simple cash flow. You may be able to see that a third party just insured a new car fitting Ms Lettice’s car’s description, adding to the evidence that she just sold her vehicle.
The analyst monitoring Ms Lettice’s transaction has to collect a lot of data to rule it a true or false positive. They need access to open sources, sources within the client company, and third-party sources. Large banks have a huge amount of open and closed source data to work with, because they can afford to buy it. Smaller banks don’t.
If that’s you, it’s important to rearrange your budget to prioritise obtaining that data: you can’t conduct effective due diligence without it, and therefore, you risk losing prestige and customers for having an unreliable security system.
Analysts currently have to do a lot of manual work to extract the kind of data that would exonerate Ms Lettice. However, emerging technologies are automating the process of collecting and managing data – this is a momentous development in reducing inaccuracies in financial monitoring. So much so that most of our customers are currently asking for tech solutions that can extract actionable data.
These solutions could be robots that interact with different systems and data sources to extract relevant data on a transaction or client. They can then quickly and accurately generate a report for humans to analyse, reducing the chances of humans leaving valuable information out.
For example, Mr Benitez’s account might be flagged for an unusually large inbound transfer. An automated software programme can scan trading data and KYC data in seconds, providing analysts with a report showing that that same Mr Benitez has just sold a 15-year-old stake in Microsoft.
Some large banks go as far as using AI from start to finish—the bot will receive, process, and close an alert completely autonomously. Without necessarily going so far, it can be beneficial for banks and other financial institutions to have software that can rapidly cross-reference and analyse different data sources. That will help analysts more efficiently gauge whether certain patterns or actions are linked, either showing signs of criminal activity or proving innocence.
Many banks don’t dare rescope their monitoring system. A scope is the set of parameters established in a bank’s due diligence system, and it defines what qualifies as suspicious activity.
Banks fear that changing the parameters of what’s considered suspicious activity is too risky – it could lead to certain behaviours falling out of the scope and, therefore, certain illegal activity going undetected.
Unfortunately, that is a wrench in the wheels of progressing to anything better. Banks must have a risk-based approach to scoping; that means judging whether a scope is valuable or not based on its real outcomes. Is it reducing your bank's risk exposure? Or is it just producing superficially impressive data showing that you flag hundreds of suspicious activities a day while not moving the needle on risk at all?
First, go through your alerts data and assess which ones have led to verified fraudulent or criminal activity. If you have many similar parameters that almost never result in a true positive, you need to change your scope. Move away from the inefficient criteria and focus on the parameters leading to the most correct flags.
It could be that manual alerts from analysts tracking loan requests are getting a 70% success rate. Or it could be that bots extracting data from stock market blogs and publications flag multiple real cases of market fraud every day. Use positive outcomes to adapt your scope to where the most risk is.
False positives are always going to be a hurdle for financial institutions, but we’ve never had as many tools at our disposal to take the bull by the horns and direct our resources—human or robot—towards the most effective strategies.
The original story was published at The Retailer Bank International