As financial service firms rely more on digital methods to on-board new clients, they should not ignore basic red flags in a quest for speed and efficiency
Many firms’ pivot to digital on-boarding has prioritized speed over collecting enough information to determine whether transactions are suspicious. Experts say it has created an inefficient, expensive process where AML analysts are sifting through thousands of alerts looking for the proverbial needle in a haystack. Firms should re-engineer their anti-money laundering (AML) systems and controls to refocus on know-your-customer (KYC) processes to prevent this inevitable pile-up of transaction monitoring alerts.
In order to onboard customers digitally in less than 24 hours, some banks rely tools that verify identity based on existing information. These verification tools use customer addresses, credit bureau information, previous bank account details to risk-score applicants. Some banks do not ask for photo identification, like a driver’s license or a passport, for customers deemed to be low risk.
Banks can take this approach, because, in the United Kingdom at least, there is no minimum standard for KYC checks. The U.K. takes a principles-based approach and some anti-financial crime professionals believe that is a mistake. Experts said there should be a minimum KYC standard for low-risk customers and principles to apply for high-risk customers.
Firms should get more information from customers and take more time to conduct checks prior to onboarding, even if it is more expensive. They should then use technology, such as artificial intelligence, to build their understanding of customer behavior to detect the difference between legitimate transactions and actual money laundering.
Transaction monitoring is a reactive AML control, according to Ray Blake, a director at The Dark Money Files podcast in London. “[The controls] kick in only when the bank absolutely has to do something. Whereas proactive controls that took time out when there wasn’t a sense of urgency, when something didn’t need to happen to unlock a transfer, for instance, could be going on in the background, and could actually create huge wins down the road, but because we don’t earn those wins today, we’re not going to do it,” Blake told The Human Risk Podcast.
To save time and money, firms do minimal KYC checks, but then hire hundreds of people to wade through alerts, most of which are false positives. “What we’ve done here is we’ve said this front-end [KYC] process we’ll do as cheaply as we possibly can. It means that we have a problem, but that’s not today’s problem,” Blake explains. “That’s a problem later down the line when we get more alerts than we need. So now that we’ve got more alerts than we need, we’ll get extra people in to wade through all of those alerts and find the ones that we really need.
“Guess what? The main focus of the technology that’s being introduced is aimed at reducing your false positives by looking at that large pile that you’ve generated and getting rid of some of them for you. Now, is it me or would it be more effective not to create that large pile in the first place?” Blake adds.
Friction in the process
Following up on transaction monitoring alerts can take an average of two weeks, because either bank branch or call center staff are tasked with contacting customers to query suspicious transactions, said Uri Rivner, chief executive at Refine Intelligence, an AML software company in Tel Aviv.
Branch staff at one of Refine’s customers were able resolve suspicious transaction alerts without contacting customers in only 12% of queries. The rest — 88% of queries — required multiple calls between the AML team, the branch and customers to resolve.
“Chasing customers over the phone for such inquiries is very high-friction, very costly, and often inconsistent. One person in the branch may run the inquiry in a different way than other people, or one investigation officer may ask different questions than another investigation officer,” Rivner says.
Contacting customers digitally is more effective at resolving queries more quickly. Some 85% of customers contacted digitally complete the process and provide information about source of funds, the relationship of the beneficiary and the nature of the transaction. The process usually takes a few minutes, Rivner notes.
Continuous KYC, modeling the good
Financial services firms treat on-boarding as a procedure that happens once a customer opens an account. KYC processes are a hurdle to entry into the firm, but once the customer is onboarded, information collection for AML purposes, in effect, stops. Bearing in mind that customers can stay with a bank for decades, it is a false economy to minimize the cost of KYC while speeding up the process. Firms should keep learning about their customers because learning more about them, more often, will minimize friction in the relationship, Blake said.
Banks have lost their “KYC superpower” because few in-branch staff have personal contact with regular customers now that most conduct their business online and use digital onboarding to open accounts. Customers’ interaction with their banks is very one-sided now. They make transactions, but the bank has no context because it does not know its customers. Losing the two-sided interaction has led to a sharp decline in a bank’s ability to know a customer, Rivner said.
“Most of the AML alerts, I would say 99%, don’t have that context; so, approaching the line of business does make sense, but the manual approach used today is simply inefficient and bias-prone,” Rivner says.
Good AI and machine learning tools can use data sets that help the financial crime analyst see the difference between money laundering and a customer paying cash for a car. That means collecting demographic and transaction data to model common life events involving financial transactions. Is this customer a grandparent sending a cash gift to a grandchild for university graduation?
“Why is the customer moving a lot of funds into the account and doing a big international wire transfer? A good AI model will tell you that the most common explanations are perfectly legit real estate or investment activities. Why is the customer pulling thousands of dollars in cash from their account all of a sudden? The top reasons are related to buying a vehicle or doing a renovation project, where contractors ask to be paid in cash,” he adds.
This approach permits firms to “green flag” transactions. It also requires tapping into a labelled data set of confirmed genuine, falsely flagged anomalies and their legitimate explanations, Rivner said.
Firms should model what good or normal transactional behavior looks like, not just the bad, to get the context with regards to customer behavior.