Amid fears of a recession, a war in Ukraine and continuing political instability across much of the West, the world is becoming an increasingly difficult place to do business. To add to the gloom, money laundering, for so long the grubby engine which has kept the wheels of organised crime turning, is also on the rise.
The best estimate for money laundered worldwide per year now sits at 2-5% of global GDP (a staggering $800 billion-$2 trillion), while according to the Basel Anti Money Laundering (AML) Index, the average jurisdictional money laundering risk score increased from 5.22 to 5.3 (out of a maximum score of 10) in 2021.
Macro events such as COVID-19, the crypto explosion and rising debt are creating a fertile business environment for today's digital-savvy criminal, leaving regulators and law enforcement struggling to keep up.
Solving the problem is far from easy. Not only does it require sustained cooperation between governments at a time of creeping nationalism, but also regulated firms, such as banks, payment service providers and law firms, need to do more to detect money laundering in their own organisations.
Burden of AML compliance
Fortunately, most countries now require these firms to undertake detailed risk assessments on both prospective and existing customers, including identity verification, beneficial ownership discovery and transaction monitoring. The complexity and operational burden of complying with these requirements comes at a huge cost, however. In 2020, Lexis Nexis estimated the total cost of financial crime compliance across financial institutions worldwide to be $213.9 billion.
For AML leaders, the answer to this issue can seem obvious: take advantage of new technologies to automate the risk assessment process and reduce the need for slow, costly and taxing manual processing. Too frequently, however, technology-driven AML strategies fail, resulting in missed deadlines, slow adoption and supplier misadventures. Indeed, in a recent survey conducted by Moody's, three in four firms rated their level of digital know-your-customer (KYC) sophistication as "poor" or "mediocre".
Why technology-driven AML strategies fail
What causes these failures, and what can be done to reverse the odds in AML leaders' favour?
1. Unrealistic goals
Too often, AML transformation projects are assigned lofty goals which, while noble, are unrealistic given the limitations of available technology.
Examples the authors see at Kyckr include "full end-to-end automation of customer due diligence", "instant risk profiling" or "zero-touch onboarding". For firms with low-touch products these may be at least partly achievable, for others — particularly those who sell to other businesses — they are Sisyphean tasks that mislead executives and stakeholders about what is possible.
For an illustration of the difficulty in creating a zero-touch business onboarding flow, take just one common task in the process: uncovering sources of wealth when a business structure involves a trust arrangement.
Trusts can be a closed book due to a lack of public information. Onboarding a business with owners hidden in a trust arrangement will inevitably involve interaction with the customer to obtain privately-held information, making "zero-touch" an impossibility without regulatory change.
2. Hunting for the "unicorn" solution
Another way that firms often mislead themselves is by thinking there is a single solution that can provide all the service functionality necessary to satisfy AML compliance requirements.
It is true that many vendors are trying (and succeeding) to develop integrated systems which can meet many of the needs of the modern AML programme, but the best service deployments usually consist of an ecosystem of specialist technology and data vendors, working together and bringing their individual knowledge to bear on the overall project.
It is, then, important for vendors to work together in this environment and offer "out-of-the-box" partnerships and integrations to make the lives of AML leaders simpler. Fortunately, the regtech industry is full of forward-thinking vendors who realise that partnerships can help drive the industry forward during a time of significant change.
3. Poor execution
Finally, like any form of major change project, implementing a technology-driven AML strategy is a sizable undertaking requiring careful planning, implementation and monitoring.
Firms often fall victim to the fallacy that because digital transformation tends to involve user-friendly software solutions, user adoption should come naturally. In reality — as every student of project management will know — without a defined project vision, a guiding coalition of stakeholders and a method for generating "quick wins" to cement change, the chances of success massively decrease.
AML transformation is not to be undertaken lightly, and any strategy for implementing technology-driven change needs an assigned project team, a clear set of goals and an understanding of risks and mitigants. Embedding external software and data solutions is a task with many moving parts.
The key to success: apply agile principles
With all this in mind, driving digital transformation can seem like a huge task. AML leaders should, however, take heart that there are indeed ways to ensure that technology-driven strategies do deliver results, reversing the trend of ever-increasing compliance cost and effort.
For those working for larger firms, for whom the word "agile" conjures up scary images of sticky note-covered walls, zero-deadline projects and t-shirt-wearing silicon valley types, thinking "agile" does not require implementation all of the processes associated with traditional agile development. Instead, keeping these three lessons in mind will avoid the problems detailed above and cement the notion of AML compliance as an investment, rather than just an expense.
Lesson 1: Start small, then iterate
Instead of setting out with a goal of automating the full AML detection process, leaders should break transformation projects into smaller, digestible chunks which can be assessed to determine the value and feasibility of automation.
Tasks such as entity verification, AML screening or identity checks are all suitable candidates where productivity gains can be achieved quickly with the right deployment of technology. Iterations over time can further drive these gains as new ways to improve become clearer.
One challenge customers can face, for example, is in accessing original UBO declarations from European beneficial ownership registers. Analysts can spend too much time searching hard-to-reach registers in foreign languages, only to find UBO declarations are hidden in PDF documents, requiring them to download and parse the information, before manually keying the information into their workflow platform.
Solutions now exist to combat this, that automate the retrieval of these documents, using a form of AI called optical character recognition (OCR) to automatically extract the relevant data and present it in a clean format in their system – all without the analyst needing to do a thing. Solutions like these save 10-20 minutes per case on average, freeing up their team for more valuable aspects of their CDD programme and reducing the chance of human error.
A project such as this can be initiated, scoped and implemented in just a few weeks with the right vendor.
Lesson 2: Involve technology stakeholders from the get-go
It is amazing how often AML transformation projects only involve technology stakeholders — such as product owners, software engineers and testers — late in the delivery phase. Even worse, the authors have seen projects handed off to engineering teams with very little in the way of detailed requirements, leading to confusion and poor results.
Unsurprisingly, the best technology strategies are crafted in partnership between the end users (AML teams) and delivery function. The siloed approach is the enemy of progress. Instead, it is best to involve colleagues in technology right from the start; that way, they can bring knowledge of new technology to bear, advise on the feasibility of projects and suggest meaningful ways of improving results.
Creating short feedback loops between project leaders, users and technologists can lead to quicker results, a more bespoke solution and a significantly de-risked investment.
Lesson 3: Continuously improve
One of the foundational principles of agile development is a focus on continuous improvement — on measurement and learning, then implementing the findings.
For technology-driven AML strategies, this should take the form of short development, testing and implementation schedules, rather than two-to-three-year mega-projects.
As with new regulations, it is also important to stay abreast of the latest technology trends; in an industry that is moving so rapidly, new vendors are springing up all the time that can help to educate business leaders about the benefits of using technology to fight financial crime.
Keeping an ear to the ground — whether through industry groups, conferences or conversations with vendors — can result in considerable insight.
The future is bright
Getting AML transformation right is hard. Like any major change exercise, it takes time, significant effort and multiple business units working together in harmony. The benefits of a technology-driven AML strategy can, however, be colossal. Automating the various manual elements of KYC review can result in organisational savings of millions of dollars for a multinational bank, while also providing a fantastic opportunity to improve the customer experience and drive additional revenue. There is no magic bullet; implementing these lessons can help firms to turn the odds of success in their favour.
Originally published on Thomson Reuters