When it comes to anti-money laundering and anti-fraud, together is better

Where there's fraud, there's often money laundering. Where there's money laundering, there's often fraud. For this reason, even when there's no known connection between a fraudulent transaction and money laundering, financial institutions have an obligation to file a suspicious activity report.

Anti-money laundering (AML) is often overseen by a chief compliance officer and anti-fraud is often overseen by a chief risk officer. Typically, they view their missions as separate, despite the fact that they perform similar work centered around discerning patterns that may indicate a problem, investigating system-generated alerts, and identifying criminal behavior.

Financial institutions consider mitigating fraud losses to be a key component of the core business process. The process requires real-time data solutions. And identifying a case as fraudulent is relatively easy because the customer usually reports or verifies it. Conversely, the AML cost center is often driven by regulation. It requires audit trails and documentation. And identification of suspicious activity can be very difficult.

In the past, AML and fraud teams often did not communicate, work together, or share case management or monitoring systems. And they competed for budget, resources, and senior management attention. This meant anti-fraud investigators would be unlikely to know that a person was also being investigated for money laundering, and vice versa.

In recent years, however, more financial institutions have been combining their fraud and AML functions under an enterprise-wide anti-financial crime umbrella. Likewise, third-party providers that traditionally offered distinct AML and anti-fraud solutions are increasingly offering platforms, monitoring systems, and case management tools that are more integrated.

Regulators have encouraged this trend. For example, the Financial Crimes Enforcement Network (FinCEN) expects financial institutions to promote "communication and collaboration among internal AML, business, fraud prevention, and cybersecurity units."

There are many advantages to merging the AML and fraud functions, including:

1) A holistic view of the customer

Much of the data required to detect money laundering is the same data that's needed to prevent fraud. For example, both groups consider similar product types, such as international wire transfers and stored-value cards, to be high risk and therefore monitor them more closely.

AML and fraud prevention groups also rely on the same transactional parameters, account and customer information, peer group definitions, watch lists, and detection models. So, from business and compliance perspectives, there's value in a united database that provides a holistic view of a customer's relationship with the bank and any concerns that the relationship may raise. Such a view can lead to better identification of fraud and money laundering schemes that cross channels, products, and lines of business, and therefore greater visibility for management through aggregated data reporting.

2) Improved employee development and retention

AML and fraud prevention professionals tend to be knowledgeable about similar laws and adept at conducting research and complex analytics, interviewing people, and writing comprehensive reports. Alert and case analysis and investigations also require many of the same skill sets. Consolidating the two functions provides cross-training opportunities, which promote more well-rounded analysts and investigators. It can also improve employee morale and retention by providing more opportunities for learning and advancement. For example, rather than having AML and anti-fraud analysts review AML and fraud alerts respectively, businesses could have financial crime analysts review both. Consolidation also mitigates the risk of inadequate coverage and facilitates load balancing across individual units.

3) Shared policies, procedures, and tools

AML know-your-customer procedures and documentation of customers' expected activity can serve as an important fraud tool. And AML and fraud programs share many policies and procedures, including referral of information to law enforcement, termination of customers for inappropriate activity, and due diligence monitoring. Both teams also use similar tools and protocols for completing workflows and resolving cases. And certain delivery channels, such as online and remote access, are at higher risk for both money laundering and fraud and therefore require closer monitoring.

4) Better effectiveness and efficiency

There's also potential to eliminate redundancies by combining AML and anti-fraud efforts. Consolidation can lead to more targeted and actionable alerts and investigations, with all alerts for the same subject being displayed to the analyst. With more information available, investigators can reach resolutions more quickly. Fraud detection rates also improve, as well as the ability to better identify sophisticated schemes. For example, multiple low-value events may not be registered as frauds, while an enterprise-wide system that aggregates data can detect previously hidden patterns. AML and fraud prevention units working together also makes the handing off of alerts, cases, and investigations easier. This should result in fewer duplicate SARs and more thorough SAR filings.

5) Cost savings

There are potential cost savings realized through more efficient use of resources, including systems, data management, audit consolidation, reduction of IT staffing costs and software maintenance fees, and elimination of duplicate alert reviews and case investigations.

Of course, challenges do exist. These typically fall into one of three domains:

1) Cultural

Individuals in an AML group tend to have a legal and compliance background, while those on the fraud side are generally more operational. Nomenclature is different.

2) Leadership

Leadership from one discipline may lack the knowledge and experience to manage the other area effectively. And management may see one program as more important than the other, leading to insufficient allocation of resources. An AML leader might well worry that AML could be overshadowed by an urgency to reduce fraud losses.

3) Technology

Financial institutions must use technology across disciplines. In this regard, they continue to ramp up their efforts to use advanced digital technologies, such as artificial intelligence (AI), for many purposes, such as reducing false positives, rendering customer segmentation and alert generation smarter, and automating manual investigative processes. This move to more real-time and intelligent decision-making and workflow should be coordinated between AML and fraud prevention teams to best take advantage of available synergies.

So, how can an institution maximize the benefits of AML and anti-fraud consolidation, while minimizing cost, burden, and inefficiency?

• Proceed slowly and methodically: A move to combine the two groups may not be right initially. It would require, among other things, creating a single transaction monitoring system running both fraud and AML rules and an entirely new set of policies, procedures, and processes. A better tactic might be to keep the groups separate but formalize the relationship with both areas reporting to the same executive. There should be regular meetings between the groups to discuss strategies, provide feedback, and share information about cases. The institution would maintain separate databases for the two groups. Likewise, it would maintain separate AML transaction monitoring and fraud transaction monitoring systems. But now AML and fraud staff would be specially trained to look out for, understand, and share information and red flags for the benefit of both departments. If an AML alert does not turn out to be positive, it could still indicate the presence of fraud, and vice versa.
• Gradually develop a unified case management system: This approach would gradually develop a unified case management system that facilitates the appropriate handing off of files between analysts and investigators. Other steps useful for maximizing the benefits of this transformation journey include:
• Conducting a data assessment to ascertain quality, identify underutilized sources, and determine how to close any gaps
• Assessing the alert remediation process to fully understand the workflow architecture and identify additional opportunities to embed AI, machine learning, automation, and other advanced digital technologies
• Developing additional management information systems and other performance tracking key performance indicators to create enterprise-wide managerial measures of success and enable improved benchmarking
• Creating a centralized rule-based engine that is more dynamic and real-time, with existing rules optimized and new rules introduced to cover all current vulnerabilities
• Make use of advanced digital technologies

Crucially, technology can make compliance resilient, responsive, and sustainable. For example, digital solutions such as robotic process automation (RPA), machine learning, and AI, can assist in data conditioning and consolidation. In financial crime compliance programs where the AML and anti-fraud divide is severe, there is typically significant data misalignment. RPA can alleviate this issue by quickly and accurately formatting data for use in a single, standardized system.

When it comes to better ways of working, the future for many institutions will be augmented intelligence – combining machine intelligence with human judgment. When it comes to financial crime detection, AI can analyze large volumes of multidimensional, real-time data to generate intelligent recommendations. Combining these recommendations with years of human knowledge, experience, and technological expertise can help determine when and how to act. Only when AI is used in this way can institutions expect to uncover financial crime where employees previously hadn't thought to look.

AI can further improve data conditioning as it can be used to fill in missing information, a problem that plagues both AML and anti-fraud units. These gaps, whether they are found in internal forms, transaction details, or third-party subscriptions, can be confounding to lower-level investigators. Utilizing AI to enrich client data and subject profiles will result in fewer false positives, reduced cycle time, and the alleviation of repetitive work that drains morale and causes investigator burnout.

By creating a single stream or more accurate alerts, investigators and managers will be able to approach their workflow in a properly risk-weighted or risk-segmented manner. A new case management solution, which incorporates intelligent optical character recognition, natural language processing, and computational linguistics for meaningful extraction and analysis of unstructured information, would allow for faster and more accurate decision-making and improved agent and customer experience. And through modern digital interventions, fraud case management and AML case management can be intelligently augmented, allowing for streamlined case allocation, tracking, and suggested cross-unit communication. This would result in decreased information silos, reduced cycle times, and the potential to intelligently automate the dreaded task trackers, which plague managers and team leads alike. These efforts can further inform thematic or key risk indicator reports, helping senior management to quickly understand the burdens and successes of their various units.

If these innovations are implemented in a way that allows for their underlying principles to be easily understood, key stakeholders can opt to bring in or release vendors and third-party data subscriptions with the confidence that these backend systems can be adjusted with minimal disruption to business as usual.

The bottom line is that consolidation of an institution's AML and anti-fraud areas is an industry trend that meets regulatory expectations in a better fashion and offers the opportunity to achieve several benefits. But it must be approached carefully and thoughtfully, incorporating modern digital tools – especially AI – and developing agile risk management frameworks that allow the ability to anticipate and act at speed and achieve greater compliance in an increasingly complex global banking environment.

To learn more, contact our team.