The risk of money laundering is great. It spans the entire financial services ecosystem, including banks, payment providers and newer cryptocurrencies, such as bitcoin and Ripple.
Today global money laundering transactions comprise an estimated 2%-5% of the global GDP, or roughly $1 trillion to $2 trillion annually.
And the costs of noncompliance are high.
Problem areas cited in the recent case of Commonwealth Bank of Australia are not unique. They reflect common challenges for banks missing the mark with anti-money-laundering (AML) compliance. To use this particular case as an illustrative example, the bank was fined for:
Failure to properly monitor transactions for money-laundering red flags on 778,370 accounts for three years. More than likely this was due to a flood of AML alerts generated on a weekly basis, with insufficient resources to address them. We can assume that a high number of false positives (flagged alerts that don’t end up being related to AML activity) contributed to this; and suspicious activity reports being filed late, or not filed at all. Finding false negatives or hard-to-find AML alerts buried deep inside intricate network of accounts and identities is time consuming. This often leads to late filing or, worse, no filing at all.
Given how much financial activity occurs every second, every day, it’s important for banks and financial organizations to develop a robust AML strategy that is effective in stopping fraudsters in their tracks.
However, few people outside the AML compliance profession fully appreciate how hard it can be to get it right. Thankfully, there are new technologies such as graph analytics that can help. As we dive into this topic, let’s first consider key challenges contributing to this exceedingly difficult task.
Three fundamental issues with AML monitoring contribute most to ineffective AML processes. These include:
High numbers of false positives in AML alerts. More than 95% of AML alerts raised in routine monitoring processes are ultimately unrelated to money laundering, an incredibly high rate of false positives. However, banks and financial institutions are not entirely to blame as regulators mandate that banks cannot miss a single productive alert that might warrant a suspicious activity report (SAR) filing. Banks therefore will tune alert rules to flag anything that is suspicious.
Hard to find actual money laundering. Money launderers are becoming more sophisticated every year, creating an intricate network of identities and accounts to funnel their criminal efforts. This makes it particularly hard and time-consuming to find the false negatives buried deep inside the mountain of legitimate transactions.
Manual time-consuming process of case investigation. High-risk alerts are processed as cases for further investigation by an AML analyst. It can take anywhere from 20 minutes to several hours to investigate and resolve complex alerts, turning each case into an SAR or closing it when the investigator deems the activity as unrelated to money laundering. The process is costly, time-consuming and ineffective.
Naturally, the best way for banks to cut cost is to lower the false-positive rate without sacrificing the number and quality of SARs filed. In order to achieve this goal, a bank may be tempted to reduce the total number of alerts generated, hoping that this will cut out a lot of false-positive alerts. But this is a dangerous approach since it could mean throwing the baby out with the bathwater.
Today, existing AML compliance systems, for the most part, are built upon relational databases, which store information (customer, account, transaction, etc.) in rows and columns. Relational databases are great tools for indexing and searching for data, as well as for supporting transactions and performing basic statistical analysis. But they are are poorly equipped for connecting the dots and identifying relationships within datasets — essential features for analyzing money trails and assessing AML risk.
The problem is exacerbated given analysts need to join a number of tables to run queries for finding potential connections. These queries can take hours or even days to run using a relational database. The effort renders meaningful analysis of linkages among parties and transactions practically impossible.
Graph databases provide the ideal technology for analyzing known relationships and revealing hidden linkages, networks and clusters. Unlike a relational database model, a graph database stores information in nodes — representing customers, entities and their attributes, and edges, representing connections.
When there are multiple nodes and edges, a graph is formed. Connections between nodes can be identified by traversals throughout nodes and edges on the graph. This is more efficient and faster than running queries across tables joined together. In the case of AML, fund-flow trails and parties involved in money laundering activities together create a web of entities and relationships. This is achieved through the three phases of money laundering: placement, layering and integration.
Using linkage and network analysis enabled by the graph model, this web can be dissected with speeds and accuracy that were impossible using a relational database. Combined with conventional AML compliance tools, we can incorporate graph analytics to uncover key insights. This involves looking deep and hard at data from all types of sources — much like how our brains learn and recognize patterns of suspicious behaviors, activities and relationships — through intelligent analytics and advanced algorithms.
In short, graph is a powerful tool to bring together seemingly fragmented pieces of AML data into a coherent whole. Using graph analytics, institutions can gain new insight into the story behind a particular money movement — including the use of various media and the systems used.
