In an effort to become more efficient, large banks increasingly automate anti-money-laundering and fraud detection work, and centralize decision making among a small group of people far removed from customers. Innocent customers can get caught up in the rush, and they often have little to no recourse if their accounts are flagged or closed.
Earlier this year, out of the blue, The New York Times' Your Money columnist Ron Lieber received hundreds of complaints from bank customers who said their bank accounts had been suddenly shut down without explanation. He
Lieber and his colleagues received more than 1,200 complaints. Most were customers of large banks writing to complain about checking account closures. Lieber told the stories of six of these people in a
Former anti-money-laundering executives at banks and other experts say there are a few reasons for this apparent rise in account closures. One is a heavy reliance on AML software to monitor transactions overseen by decision makers who don't know individual customers. Another is outdated rules used to determine which transactions are suspicious. A third is a set of incentives that push banks to rush and not take the time to understand individual cases.
Advanced AI technology could help, some say. AI-based transaction monitoring software could discern that a customer's behavior may be different from others in a category, but is not criminal.
Quest for efficiency
At one large bank, "everything we did was to make it more efficient for the bank," said Aaron Ansari, a former AML executive, in an interview.
If AML software determined an account had tripped up several preset AML rules, the account would automatically get shut down and the software would generate a notification letter or email to the customer, Ansari said.
"The number of customers that you lose is minuscule compared to the efficiencies and the regulatory headaches that you would get if you continue to service those accounts," Ansari said. "It never makes sense to make an exception. I never saw an exception."
Once software detected suspicious activity, there was no way for customers to dispute the account shutdown.
"For years, the decisions have been so heavy-handed, so de-risking," Ansari said. "The business justification is that it's much easier for us to close and to cancel than it is for us to mitigate and deal with the humanity of things."
The push for efficiency and reliance on software takes away the 20 minutes that an investigator in a bank once had to look at that transaction and determine whether it's suspicious, according to Nicholas Gilmour, author of the book
The transaction data that's fed into AML software comes from a web of mainframe batch systems, cloud applications and mobile applications. It comes from core systems, ATMs, credit and debit card systems and digital banking software.
"Syncing all that is very complex," Ansari said. "And it's not something a team of humans could do accurately, which is why there is this decision matrix and engine. Trumping all this are the federal data feeds. So if you get a notification from an agency that says, shut this account down, you must shut it down." The FBI, for instance, might tell a bank to shut down an account that has been used for criminal activity.
It would be too costly to let branch staff who know customers personally to make decisions about shutting down accounts, Ansari said. It would also make their jobs more difficult.
Call center agents would be in a better position to work on these cases, Ansari said. "I would put a little bit more of a process for arbitration or some sort of process for appeal."
Outdated rules
Another reason banks are shutting down accounts of innocent customers is that the knowledge and rules programmed into AML software "are based on a decades-old understanding of how criminals work," Gilmour said. Money launderers understand these rules better than customers do.
"No money launderer, unless they are absolutely desperate to get caught, will do anything that attracts attention to them," Gilmour said.
Back in the 1990s, financing terrorism was a big issue, according to Cleber Martins, head of payments intelligence and risk solutions at ACI Worldwide, a provider of anti-money-laundering software to large banks.
"There were a lot of discussions in 1998 during the Basel II meeting where the central banks and the banks met, that articulated the concept of continuous monitoring to catch the behavior that was allowing this type of bad money to be put in financial systems," Martins said in an interview.
The continuous monitoring was about looking for big red flags, such as a deposit of $100,000 in cash. But it was also meant to look for the kinds of "structuring" that obfuscate money laundering, such as several $9,000 deposits that wouldn't independently require a form to be filled out or trigger any rules-based red flag.
"The idea articulated at that time was that a system should be monitoring for those behaviors and finding those patterns," Martins said.
Today, regulators tell banks what suspicious behavior they should look for and banks configure their AML software to red-flag these behaviors. AML software vendors include ACI, Nice Actimize, ComplyAdvantage, Feedzai, Quantexa and Thetaray.
When alerts are generated, there is a due diligence process through which, ideally, analysts will talk to relationship managers or branch managers who might understand a customer's situation, Martins said. (Talking to customers is tricky because those who are trying to launder money will say the transactions are fine.)
But regulators have pressured banks to get suspicious activity reports out quicker, which has driven more automation of the decisions on what to report.
Good customers get caught in the middle. Some legitimate businesses, like the bar owners profiled in The New York Times, have behavior that to AML software could look like structuring.
The role of AI
Really understanding customer behavior requires advanced technology, according to Martins.
The technology excels at spotting money laundering and suspicious transactions, but it still can't be trusted to help bank customers make big decisions, such as what to do with retirement savings.
AI-based transaction monitoring can help analyze customer behavior and understand unusual transactions that are normal to a particular customer. ACI, Quantexa, Nice Actimize, Thetaray, ComplyAdvantage and many others offer AI-based behavior monitoring.
While basic money laundering rules can trigger AML software to spit out hundreds of thousands, if not millions, of alerts every day, many of them false positives, artificial intelligence, in theory, can quickly investigate and separate the true instances of fraud and money laundering from the transactions that look odd, but are perfectly innocent.
If a credit card is used to make purchases in three different cities in three days, for instance, rules-based AML/fraud detection software will most likely flag that account for suspicious activity. But AI could analyze the account activity and quickly see that the user is a commercial airline pilot, the time is the week before Christmas, and he is buying presents for his family each time he makes a stop.
There are limitations. "Artificial intelligence is expensive and difficult to manage," Martins said. "It's definitely a gap that exists."
And where AI is used to analyze behavior, Ansari said, the data used to train the AI models can be racist, sexist and generalist, based on past decisions that were all those things.
Even if software could be trained to understand cases better and be less heavy handed and absolute, this could lead to an unwanted outcome for the bank: The customer service team could get flooded with extra tickets to work on.
A failed system?
One would think that banks would get better at anti-money-laundering work over time.
But the money mules who commit money laundering are not being caught, Gilmour said. If they haven't been caught in the past, software is not going to catch them now.
"The best money launderers in the world are those that hide in plain sight," he said.
Banks do not receive feedback on the suspicious activity reports they file to regulators, so they don't have the chance to learn which of their red flags truly represented criminal activity and which did not.
"There is a critical need to provide information back to banks so that they can target money launderers and money laundering techniques," Gilmour said. "But the difficulty is, there's no intelligence agency in the world who will share its intelligence because it doesn't want to expose that information back to criminals who will circumvent it within seconds and still continue their business."
Another factor to all of this is that the fines regulators impose on banks for money laundering infractions provide a perverse incentive. When a bank is fined by a regulator for inadequately addressing money laundering and it pays that fine, its stock price goes up — the bank's ability to pay a large fine gives the market confidence in its financial strength. So there isn't a financial incentive to get money laundering right, and there are incentives to de-risk and cut costs.
"A bank's job is to make money," Gilmour said. "A bank's job is not to do AML compliance any more than what it needs to do, nor is it to be law enforcement to stop criminality. The job of stopping criminality is the responsibility of law enforcement."
So the system really doesn't work, he said. And logically, the people whose accounts suddenly get shut down should have a way to appeal.
"There should be some opportunity for these people to at least explain their scenario," Gilmour said, especially if the numbers of people getting caught up in these dragnets is going up.
"You can't continue to just de-risk and de-risk and de-risk, because society will be damaged by that," he said.