Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Using Technology to Improve the Quality of your AML Program
Moderator: Peter Wild, Wild AML Solutions LLC
Erick Christensen, Protiviti
Brian Ferro, BAE Systems
Kamil Kaluza, Quantaverse
Dan Soto, Ally Financial
1ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Using Technology to Improve the Quality of your AML Program
Agenda
1. Know Your Customer Management Erick Christensen
2. Alert Management Kamil Kaluza
3. Investigation Management Brian Ferro
4. Information Technology Management Dan Soto
2ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Know Your Customer Management
Know Your Customer,
Customer Risk Rating
and Automation
Erick Christensen
Managing Director
Protiviti
3ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
KYC Process – Current Challenges
• Financial Institutions spend substantial resources to conduct KYC activities. Processes are manually intensive and inefficiently designed.
4ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Roughly 80% of Investigator time spent on manual data collection and normalization.
Data gathering from multiple, disjointed data sources to pull customer data.
Error prone and untimely reporting of periodic review schedules due to manual tracking.
Time-consuming manual reviews of negative news results to verify sources and content.
Limited reporting capabilities to provide detailed, accurate metrics through dashboards.
AML Operating Model – Current State
5ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Policies Proceduresand Standards
Governance Training
Second Line: Advisory, Compliance Testing, QA Third Line Controls
Artificial Intelligence
Robotics Process Automation
Compliance with Blockchain
Data Analytics and Visualization
Regulatory Reporting
Data Flow
RiskAssessment
CustomerOnboarding
Screening(Ref Data andTransaction Data) Transaction
Monitoring
PeriodicReviews
Reporting
KYC Process – Solution Benefits
• Replace cumbersome, manual activities with an intuitive, customizable platform that simplifies and automates KYC activities.
6ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Orchestrate a tailored KYC Review platform for
your specific needs
Accelerate reviews through intelligent
automation
Eliminate manual data gathering and
consolidate data sources
Strengthen accuracy of reviews and focus on
investigations
AML Periodic Review Powered by Smart Orchestrating Platforms• A KYC Periodic Review (“PR”) Tool based on a smart orchestrating platform provides a solution to six
key pain points commonly found in financial institution’s review processes today.
7ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Summary views of transaction activity over the review period are provided. Additional analysis can be incorporated to identify potentially suspicious activity or additional due diligence requirements.
Dynamic reporting is available to include tracking SLA compliance, identifying exceptions, assessing trending, and performing day-to-day monitoring of individual cases.
Reviews are easily and immediately escalated within and between departments. Review schedules and event trigger rulesets are systematically maintained.
AML Periodic Review powered by Smart Orchestrating
Platforms
Data Orchestration
Automated Searches
Holistic Transactional
Reviews
Streamlined RFI Process
Ease of Escalation &
Workflow Management
Real-time Reporting
Negative news, sanctions and internal blacklist searches are automated; results are displayed and dispositioned by the Analyst within the tool.
Sources dispersed customer information from various systems and displays for review in a centralized, interactive review platform.
RFIs are systematically generated and tracked and an Audit trail is maintained.
KYC and Robotic Process Automation (RPA)
• KYC provides a fertile environment for RPA implementation as tasks are generally heavily manual, rules-based and high in volume.
8ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
RPA provides an opportunity to automate KYC activities, including for CIP, CDD and
EDD.
Protiviti, in collaboration with RPA vendors, has
developed Next Generation AML bots to address the
complexity and cost traditionally associated with
KYC activities.
FIs are required to divert capital and labor to time-
consuming activities.
Increase in KYC regulatory requirements has led to a
complex yet heavily manual regulatory environment.
High Risk Customer Review – Multiple Bots• The following bots were developed for a mid-sized bank in order to make the high risk customer
reviews (periodic reviews) more efficient. Two Bots were subsequently customized and are now being used by the Bank’s AML Transaction Monitoring Alert Investigations team. The key tasks performed by the Bots are listed below.
9ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Customer Information Drawdown Bot
TransactionalAnalysis Bot
Negative News Bot
• Logs on to the bank’s KYC database and transcribes relevant information (name, address, SSN, etc.) in a prescribed template
• Pulls in the information on the related parties on the account as well, recording it in a pre-existing Excel template
• Accesses the bank’s documentation warehouse and pulls down KYC documents related to the customer in question. The pdf copies of the KYC documents are then available for an Analyst to review
• Logs on to the Bank’s transactional database and downloads the account activity over the specified review period (12-18 months). Bot transcribes the transactions in an Excel file
• Transaction pulls are performed for all accounts of the customer
• Performs data standardization on the transaction data to ensure usability by the Analyst i.e. labels transactions consistently such as ACH In/Out, Wire In/Out etc.
• Summarizes and pivots transactions by transaction type and/or counterparties
• Accesses the bank’s transactional documentation web app and downloads the relevant pieces into a PDF for easy access by the Analyst.
• Pulls the names of the related parties and counterparties from the output of the CustomerInformation Drawdown Bot and the Transactional Analysis Bot and prepares a list of names for the Negative News Bot
• Logs on to Thomson-Reuters World Check One and performs zero-footprint (non-case manager) searches on parties, taking in names and TINs from the output of the Customer Information Drawdown bot
• Obtains potential matches and pdf the search results based on the pre determined thresholds
• Saves all pdf in designated folders
Lessons Learned from RPA Implementation• Lessons learned after the implementation of several RPA bots at a diverse group of clients
10ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
• Teams encounter challenges with scope management given limited business requirements available in advance of initiating projects.
• Having deep dive scoping sessions in advance of initiating POCs may help alleviate this pain point.
Proofs of Concept
• Security evaluations may create roadblocks and increase time to implementation.
• It is a best practice to hold off on bot development until there trial RPA licenses are obtained.
Security Infrastructure
• Establishing boundaries on early COEs and right sizing can be a challenge.
• As COEs are ongoing, deliverables and tools created for them should be living documents/tools that continue to improve.
Center of Excellence
• Deliverables and tools needed after an RPA program is up and running for multiple months differ from early deliverables.Governance
Data Governance – Next Generation KYC
• Improve data infrastructure and governance to strengthen accuracy and efficiency of KYC program.
11
Capture, integrate, process and sort data on a timely basis through common data repositories and a simplified data ownership structure.
Simplify manual, complex KYC data gathering and consolidation efforts through infrastructure redesign and automation.
Effectively maintain, understand and use data to obtain a holistic view of the customer and reduce time spent conducting manual due diligence.
Leading practices in Customer Risk Rating
12
Client RiskProduct /
Transaction Risk
Geography Risk
Other Risk factors
(incl. Auto High criteria)
Customer Risk Rating
The traditional CRR models are static.
Move to a Dynamic Risk Ranking By:- Looking at actual transactions and comparing with anticipated activity - Adjust risks based on thresholds set for customer who have higher dollar values and/or volumes for higher risk
products services (Internation wires to high risk jurisdictions, excessive cash transactions, structuring, etc.)- Periodic reviews on High Risk customers to be tee-ed up when a High risk customer alerts through the banks
transaction monitoring system. In other words, build a link between CRR/KYC and Transaction Monitoring and actively monitor results
- Move beyond just the three categories of risk (H, M, L) and think of further customer segmentation – (e.g. a customer with “High Wire Low Cash” activity should be in a different segment than a customer with “Low Wire, High Cash” activity) Leveraging new machine learning tools customer segments can be dynamic as well
Advanced Data Analytics With Link Analysis• Rely on advanced data analytics, including Link / Network Analysis to strengthen KYC program and
obtain a holistic understanding of customer.
13
Eliminate duplicative entries, standardize data and consolidate sources to simplify complex data gathering efforts.
Enrich traditional KYC information by leveraging all data that exists across the institution, including cell phone numbers, user names, Mac and IP addresses.
Identify ‘hidden relationships’ through link/network analysis to obtain a holistic view of the customer and establish an informed customer risk rating.
Alert Management
Alert Quality Needs An End to End Approach
Kamil Kaluza
Chief Revenue Officer
QuantaVerse
14ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Alert Management
Alert Quality Needs An End to End Approach
Table of Contents
1. Data Quality
2. Natural Language Processing
3. Unsupervised Learning
4. Supervised Learning
5. Case Study - Data Quality
Case Study – Correspondent Banking
Case Study - Retail Banking
15ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
End to End Approach to Alert Quality
16ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Pre-Detection Work
Better Detection
BetterInvestigations
▪ Visualization▪ Automated
narratives▪ Auditable▪ Validation
processes
Post-Investigative Work
▪Normalization, standardization, of existing data
▪Data enrichment and augmentation
▪ Consider all observables
▪ The whole is greater than the parts
▪ Automated “decision” engines
▪Network relationship analysis
▪ Transactional and non-transactional
▪ Identify non rules-based risk-bearing typologies
▪ Client and pseudo-client risk detection
Expand the quality and quantity of information
Find risks beyond rules’ capabilities
Draw and support a conclusion
Facilitate human understanding and final adjudication
1. Data Quality Drives Down False Positives
17ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Internet, Open Source, and Private
External Data
Field Value Value Value
ID Number ABC 123 XYZ
NAME_INTERNAT HAL Holding N.V. Campina Melkunie B.V. Electricite De France
NAME_NATIVE HAL Holding N.V. Campina Melkunie B.V. Electricite De France
Street, no .,1 Venecolaan 17 22/30 Ave Wagram
Street, no.,1 (native) Refer To Parent
Street, no., 2 Register
Street, no., 2 (native) 5, Avenue des Citronniers Register
Street, no., 3
Street, no., 3 (native)
Street, no., 4
Street, no., 4 (native)
Postcode 98000 9880 75369
City Monte Carlo Aalter Paris
City (native)
Country Monaco Belgium France
Country ISO MA BE FR
QuantaVerse
This text represents QuantaVerse discovered data field
AI agents scrape the internet, i.e. business websites, then search 3rd party data
2. NLP Connects More Dots
18ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Reading and Understanding Using NLP• Web parsing• Named-entity extraction• Sentiment analysis
Leads to interpretation of data and relationships in structured format
# Construct Value Relationship
1 Concept closing share price 3, 4
2 Location OSLO, Norway 1
3 Company Fast Search & Transfer ASA 1, 2
4 Date Jan 4 2008 1
5 Amount $1.2 Billion 3
3. In-Depth Behavioral Analysis
19ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Suspicious Value Transfers Can Be Found Using NAICS Codes And Transactional Data
Originator Industry: Electronics Beneficiary Industry: Casino
4. Decision Engine Finds Risk, Avoids Noise
20ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Economic Purpose:
Supplier Payment
Originator Industry:
Electronics
Beneficiary Industry:
Casino
Payment Value:
$20,000
Suspicious?Not SuspiciousSuspicious
21%
79%
Economic Purpose:
Supplier Payment
Originator Industry:
Cement
Beneficiary Industry:
Gravel
Adverse Media:
None
Payment Value:
$19,288
Suspicious?
▪ Financial crime investigators
train decision making
algorithms by presenting them
with red flags and
suspicious activity,
alongside with the decision
they would have made
▪ Once, trained, the neural
network acts like a static
model. Combinations of inputs
result in output with a natural,
measurable error rate
Not SuspiciousSuspicious
95%
5%
5. Automate Investigation
21ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Pre-defined Templates
and Phrases
Observed Data
# Principal Relationship Acct
1 Mr. X Beneficiary 1234
2 Mrs. Y Beneficiary 5678 QuantaVerse
• The following report documents the activity of Mr.
X and Mrs. Y, account number 1234 and account number 5678.
• Between October 11, 2017 and October 26, 2017, Mr. X received 46 transactions totaling $1,046,131.
• Between October 13, 2017 and October 31, 2017,
Mrs. Y received 32 transactions totaling$484,449.66.
• The presence of Crypto risk and Jurisdiction risk red flags prompted further investigation by the platform.
# Etc
1 ABC
2 XYZ
# Red Flag
1 Jurisdiction
2 Crypto
External Data
Mr. X address is 123 Main Street United States
Investigator’s Report
Case Study – Data Quality
22ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
What We Found Why It’s Important
AI agents identified unique name / address / account combinations of Originators and Beneficiaries that should be a single entity.
• Poor entity resolution removes ability to know and track customers. Understanding of client, originator and beneficiary country codes is an fundamental risk mitigation data point.
• Not being able to identify that slightly different names or addresses are in reality the same entities means that it is easy to by-pass many KYC and AML controls.
225,010Total
Entities
169,014Unique Entities
of originator and beneficiary country codes identified by AI agents
85%
204,035Total
16,525 Total
Banks
11,472Unique Bank Entities
AI agents identified unique name / address combinations of bank clients that should be a single entity.
16,525Total
81% of bank country codes identified by AI agents
BEF
OR
E
AFT
ER
BEF
OR
E
AFT
ER
Case Study – Correspondent Banking
23ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
displayed sets of questionable transactions and end-clients, including some with connections to Mossack Fonseca, 6 months before Panama Papers
All 13 correspondent banking customers 5 correspondent banking customersshowed significant transaction risk factors.
The system identified
1,834 pseudo-clients
Of those 5,
34 pseudo-clientsdisplayed significant transaction risk factors.who had participated in transaction(s)
indicative of a money laundering technique.
▪ Bank customers were found to be transacting with risky jurisdictions including known war zones like Syria
▪ Transactions from the Tri-Border area of South America to the EU appeared to be linked to Hezbollah financing
▪ Significant numbers of bank customers transacted with cryptocurrency exchanges. While some were registered exchanges, these transactions often demonstrated money laundering attributes that represent significant transactional risk to the bank.
▪ Broad instances of risky transaction typologies such as structuring, round dollar transfers, keyword risk, one to many, and invoice anomalies such as multiple invoicing
▪ PEPs (politically exposed persons) were large sum, round dollar beneficiaries of bank customers from transactions with no detail or derivable economic purpose
▪ Within the supplied transactions, the bank’s TMS was alerted only 31 times.
▪ Through QuantaVerse’s automated investigation process, it was found that the TMS alerts were all of insignificant risk, while the CCO Checkup uncovered more than 800 risky entities that previously went undiscovered by the bank.
Case Study – Data Quality
Investigation Management
Technology Strategies for Investigations
Creating an efficient process
Brian Ferro
Global Head of AML/BSA Compliance Product Management
BAE Systems
25ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Why this is Important?˃ Understand the risks
Improved Consistency
Reduction in Human Errors
Audit Trail
Facilitate Risk-based Activities and Decisioning
Traditional Investigation Cycle
Alert Review
• Who?
• Why?
Exposure
• Related Entities
• Accounts
• Transactions
Research
• Negative News
• Corporate Structures
• RFI
Disposition
• Suspicious
• Not Suspicious
27ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
New Technologies˃ What do all these mean?
Big Data Technology
Machine Learning and Artificial Intelligence
RPA / IPA
Visual Tools
Network Link Analysis
Enhanced Investigations
Enrichment
• Consolidate Alerts
• Resolution
Scoring
• Prioritize
• Hibernate
Visual Tools
• Interactive Graphs/Charts
• Analyze Data
Data Integration
• Enhance core data
• Lower overhead
Link Analysis
• Follow the money
• Suspicious patterns
29ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Combine open source technologies, analytics and automation with the power of human intelligence to create focused investigations with a more refined outcome
Enrichment
30ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Collect alerts from different detection engines, parse and verify data fields in order to identify gaps. Add missing information and consolidate at entity level
✓ Core banking✓ External data providers and ✓ Display in single system for
customer centric investigations
✓ Reduce alert volumes by 20%
Scoring
31ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
• Customer centric investigations
• Score Customers automatically based on detected levels of suspicion
• Prioritization and hibernation are key additions at alert level
Visual Tools
32ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Pain points:
• Thousands of alerts per month across both AML and WLM
• Investigators can spend up to 10 minutes per alert
• For better results, FIs need more investigators but these are hard and costly to find
Data Integration
33ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Reduce effort and triage times
Single Customer Investigation with cross domain / data integration✓ Anti-Money Laundering✓ Name Screen✓ Know Your Customer
Example✓ UBO data integration into
customer risk scoring and name screening
✓ Risk score entire complex UBO structures
On avg. Investigators spend 70% of their time gathering data
Link Analysis
34ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Identify and investigate
suspicious patterns and extended
linkages within data which are not obvious when
reviewing raw data
Information Technology Management
Dan Soto
Chief Compliance Officer
Ally Financial Inc.
35ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
36ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
BEF
OR
E
AFT
ERBudget
• Project timeline• What is sustain vs what is project• Staffing at the IT vs Compliance
level
37ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
When and how to
integrate with other
AML technologies
• Requirements for integration• Considerations outside
Compliance• Physical vs virtual integration• Staffing evaluations
BEF
OR
E
AFT
ER
38ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Sunsetting
• Setting expectation up front• Minding the store• Pulling the plug
BEF
OR
E
AFT
ER
39ACAMS Carolinas Chapter Annual Symposium July 17th, 2019
Developing
strategies for next
generation of
improvements
• First mover vs fast follower• Revenue generator vs cost
center• What does this mean for
organization structure?• Change approach
BEF
OR
E
AFT
ER
Take Aways
• Socialize your budget early and often!
• Decide at the beginning if you wish to be a first mover vs a fast follower
• Don’t forget that politics plays a big role in developing your technology strategy
40ACAMS Carolinas Chapter Annual Symposium July 17th, 2019