The growing complexity of the financial system and increasing regulatory requirements have led to significant challenges in the fight against financial crime. The efforts required to keep criminals out of the system and meet changing regulatory expectations have made technology an essential driver for a sustainable fight. The growing field of ‘regtech’ looks to leverage a range of new technologies to make financial crime compliance more effective and efficient.
Artificial intelligence (AI) in particular has been broadly considered a key regtech tool, promising to take over much of the human element of the compliance function. However, those more familiar with it are decidedly more guarded. They recognise that the “rewards for innovation are unclear and must be balanced against the risk of costly failures when implementing change,” states a recent report by the Boston Consulting Group (BCG) on Future-Proofing the Bank Risk Agenda.
Markus Schulz, Standard Chartered’s Global Head of Financial Crime Compliance Controls, including FCC Innovation, echoes that sentiment. “There is a general misunderstanding among regulators and, frankly, also within C-suites, that artificial intelligence will solve all the problems, because we have consultants running around telling them it will. It won’t. It will help us be smarter and more efficient, but there’s no such thing as a silver bullet.”
Regulatory change shifts into overdrive
The growing complexity of the financial system and the threats it faces have led to commensurate growth in the complexity of regulations addressing it.
From the Patriot Act of 2001, to the more recent EU Funds Transfer Regulation of 2015 and the New York Department of Financial Services (DFS) Banking Division Transaction Monitoring and Filtering Program Requirements and Certifications (2017), regulators have been increasingly raising expectations. Their aim is to choke funding to terrorists and criminals, and to intensify pressure on non-compliant states and enterprises, by clamping down on flows that skirt sanctions.
The flood of new laws is compounded by their increasing complexity, as well as a sea of revisions – BCG estimates that banks around the world must track an average of 200 regulatory revisions per day, more than triple the number in 2011.
Whereas once it was feasible to rely on manual controls to be compliant, for the past two decades at least, automation has been crucial to compliance.
“The volume of payments and payment channels available to customers is constantly growing – and without automation, it would not be possible to review transactions manually and identify potentially suspicious activities,” says Praveen Jain, Standard Chartered’s Head of FCC Controls, Strategy and Innovation.
Regulators not only expect banks to understand how their automated compliance systems work, but to also demonstrate that their overall programmes are effective. As a consequence of increasing regulations and regulatory expectations, spending on compliance by the world’s 50 largest banks doubled from USD64 billion in 2009 to USD127 billion in 2016.
Investment in regtech is booming
The increasing use of technology to facilitate financial transactions, is also posing new risks – in particular, enabling bad actors to layer payments in such a way that traditional automated systems often fail to flag them. Additionally, given the manual nature of investigations and resource-intensive tasks, institutions are facing additional costs and potential risks. This is where the rapid evolution of regtech must play a key role, using solutions like artificial intelligence and big data analytics.
Global investment in regtech surpassed USD1 billion last year, with growth accelerating into the beginning of this year, when USD532.7 million of investment was recorded in the first quarter alone. Over half that investment is going into companies focused on furnishing solutions to address anti-money laundering and know-your-customer regulations.
Recent advances in the AI fields of natural language processing and machine learning are a big factor behind the newfound buzz surrounding regtech – not to mention advances in big data analytics, biometrics and blockchain. They enable automated detection of patterns, not only paving the way for false positives reduction (that distract from genuine risks to be addressed), but also to uncover false negatives that might be overlooked by existing systems. The technology will greatly expand the capacity to analyse transactional and client information from various data sources, including transaction monitoring systems, KYC systems, investigative databases, public internet sources and social media, as well as the dark web, where modern criminals often conduct business.
“Importantly, although the AI technology needed to pursue such solutions has been around for a decade or more, it has only just become affordable enough to drive return on investment”, says Schulz. “Now the question is, how can I leverage it to augment what I’m doing today?”
Augmenting human capabilities
“For me, AI truly stands for ‘augmented intelligence,’” Schulz continues. “How can we take what the machine adds in terms of capabilities to augment what the human is best at?”
Schulz mentioned that the initial task for machines is to automate often repetitive, mundane compliance tasks, so humans can focus on more important cases where judgement, subjectivity and analytical skills are required.
“Investigations within financial crime are part science, part art,” adds Jain. “While the science portion of it we can automate eventually, the art will still remain. I don't think we can ever fully automate what analysts do.”
Jain added that analysts have various fragments of information which allow them to make risk-based judgements (not all of which can be built into the AI process) which cannot be replaced by machines. Also, humans play a critical role in directing and tuning artificial intelligence based solutions.
That view underlies Standard Chartered’s approach to next-generation technology, which Schulz sees as “a journey we’ve started by seeing where machines can add value through creating input to help analysts do their work.”
Among Standard Chartered’s various partnerships with third-party vendors on next generation technologies is an AI initiative, in conjunction with award-winning Singapore-based regtech firm Silent Eight, to improve the name-screening process. Dubbed Screening Optimisation, the technology, which is currently in the process of being rolled out, uses machine learning and natural language processing to resolve cases that are created when customers and related party names are matched against various watchlists. The solution collects relevant pieces of data from other sources, applies a decision tree it has built, and provides analysts with a recommendation in plain English, where possible. Screening Optimisation will help analysts review cases faster by validating the recommendations. By using machine learning techniques to analyse historical case decisions and update algorithms, the quality of recommendations will also constantly improve as the technology becomes more expert at the task.
Gaining regulatory acceptance
However, the financial industry is still in the early stages of bringing regtech into the regulatory environment. “A lot of effort needs to go into explaining how the solution works and convincing regulators and auditors that we’re not just trying to cut corners, but trying to more effectively manage risk,” says Jain.
There is cause for optimism, with the world’s major financial regulators having declared a welcoming stance on regtech, and several of them setting up so-called regulatory sandboxes to permit banks and their technology partners to conduct live trials.
Standard Chartered is leading the way in fighting financial crime – it is one of the only banks to be using a combination of AI, big data and other tools at such a global scale. The Bank has already moved beyond proofs of concepts for regtech solutions and has several projects being implemented globally. These will pave the way for further enhancements in the surveillance systems and processes it uses.
As Jain stresses, the main thing is for involved banks to be able to understand how such solutions work and be able to explain to regulators in clear terms exactly the reasoning behind decisions, or the output from AI solutions.
For Standard Chartered, this helps ensure it is enabling systems that drive effectiveness and efficiencies, without additional risk. Data plays a key role here; the richer and more comprehensive the data clients can provide banks focusing on this area (like Standard Chartered), the more effective solutions will become.
Regtech should be cooperative, not competitive
Meanwhile, there’s been much talk of regtech’s ability to confer a competitive advantage. However, Standard Chartered doesn’t see it as a winner-takes-all scenario.
“We’ve made a deliberate decision to team up with vendors on these solutions,” states Schulz. “If you’re serious about fighting financial crime, that’s not something one bank can do alone. We’re in this together as an industry. So, if we develop something smart and really useful, why would we develop that only for us? We are not doing this as a competitive advantage. We want to make it harder for money launderers worldwide.”
Additionally, regardless of how much banks invest in technology to thwart financial crime, their efforts will be ineffectual if they don’t partner with other banks as well as the public sector and law enforcement agencies to allow more targeted monitoring.
“Because each of us only sees a fraction of the transactions of a suspect, we can only be truly successful and take it to the next level if we all – vendors, banks and the public sector – come together around the same table,” concludes Schulz.