If there’s such a thing as a sure bet, it’s that criminals will always adapt and find a way to grow their bottom line.
And that’s why, in the world of financial crime technology, stagnation is fatal. A lack of technological innovation within their fraud detection and Anti-Money Laundering (AML) units leaves financial institutions (FIs) exposed, unable to adequately protect their customers and reputation — not to mention the elevated risk of fraud loss exposure.
Over the past decade-and-a-half, the industry has experienced three technological landmarks in financial crime detection.
Behavior-based analytics — A step ahead
The first was the introduction of artificial intelligence. In 2003, software utilizing behavior-based analytics burst onto the scene, quickly making the older approach of rules-based systems seem outdated and archaic. For the sake of clarity, let’s briefly look at how these rules-based systems work.
Rules are simplistic — essentially if/then statements. The user creates a rule, which the software then runs against transactions to see if the rule occurred. For example, if a customer makes daily cash deposits of $9000, then fire an alert. At first, this was a welcome step forward from spreadsheets and core reports. However, their lack of sophistication was (and is) their downfall. It’s pretty easy to see how even the world’s least intelligent criminals would quickly figure out what types of activity will land them in a not-so-cozy bunk at their local penitentiary.
So, as criminals figured out how to avoid transactional activity that caused rules-based alerts to fire, FIs, in turn, had to create more and more rules. Before long, a once concise set of rules became a continually-growing, unmanageable workload as FIs struggled to keep pace with the rapid rate of change. In short order, the mass of rules required to uncover crime was no longer sufficient or manageable; more and more false alerts were generated, creating a daily activity alert overload and destroying the efficiency these technologies were supposed to provide.
So, as criminals figured out how to avoid transactional activity that caused rules-based alerts to fire, FIs, in turn, had to create more and more rules.
Step forward behavior-based analytics. This technological advancement shifted focus to the customer and their behavior. Instead of rigid, black-and-white rules, behavior-based analytics alerted FIs when a customer was doing something unusual — for that customer. Here is a simple example of behavior-based analytics in action: John, a Plumber, is depositing $2500 in cash into his account every day. He is also depositing $4500 in cash, every day, into another account where he is joint owner. Finally, $2999 in cash is deposited daily into his wife’s account. If the FI had a rule that fired on multiple $9000 transactions within a particular time frame, John’s activity goes undiscovered. With behavior-based technology, the FI gets an alert on John since his activity is unusual. They can then investigate why he might be structuring deposits.
FRAML — Breaking down institutional silos
The second landmark was the introduction of FRAML, the consolidation of FRaud detection and AML. Fraud detection teams and BSA/AML teams were often siloed, working in isolation. This lack of communication between investigators within the same FI gave criminals the opportunity to spread their activity across transaction channels to avoid suspicion. FRAML software exposed these criminals by creating alerts based on a customer’s overall activity. This gave FIs a complete picture with fraud investigators and BSA/AML professionals working together to stop financial crime.
Cross-Institutional analysis and collaboration — The way forward
Now we are experiencing a third technological landmark — cross-institutional analysis and collaboration.
Today’s criminal is often a team player, acting as a member of larger criminal enterprises that commit crimes ranging from the simple to the complex. These enterprises can stretch across the country and even the globe, taking advantage of as many FIs as they can to launder their illicitly gained funds. It is worth noting that this isn’t a scheme isolated to larger enterprises, as even smaller, individual criminals are now avoiding detection by targeting multiple institutions, spreading their activity amongst numerous banks and credit unions.
In this new criminal environment, FIs are dealing with a problem of isolation. Criminals understand many institutions will discover excessive and highly unusual behavior, so they make their activity subtler. Why use one bank when you can hide activity across ten of them? Each FI is limited to seeing activity that appears perfectly normal in isolation but is devastating when viewed in its complete, cross-institutional, state.
This is what makes the ability to analyze activity across institutions, with investigators working together to voluntarily share information, such an important evolution in financial crime detection.
Faced with today’s sophisticated financial criminal, cross-institutional analysis and collaboration have become essential tools for FIs.
Jennifer Shasky Calvery, former Director at FinCEN, spoke to the importance of collaboration and information sharing her remarks to the Securities Industry and Financial Markets Association Anti-Money Laundering and Financial Crimes Conference in 2014. “[S]haring information between financial institutions is also critical. The 314(b) safe harbor provisions permit financial institutions to share information under the 314(b) program as it relates to transactions involving proceeds of suspected fraud and other specified unlawful activities (SUAs), the predicate offenses for money laundering, if the financial institution suspects there is a nexus between the suspected fraud or other SUA and possible money laundering or terrorist financing activity. And I can tell you as a former money laundering prosecutor who has handled several fraud related money laundering cases, anytime you have funds that you suspect are related to fraud in or moving through your financial institution, you should also be suspicious that transactions made with those funds may involve money laundering.”
Faced with today’s sophisticated financial criminal, cross-institutional analysis and collaboration have become essential tools for FIs.
When asked about the value of information sharing between FIs, Josh Brown, Director of Security at The Fauquier Bank (VA) responded strongly regarding its significance. “I commonly ask investigators at other institutions if they’re 314(b) registered. If they tell me no, I ask them ‘why not?’ There’s no additional workload. Why wouldn’t you want to know what risks someone poses to your institution and our country? You can protect your customers from elder abuse, human trafficking, international terrorism… why wouldn’t you want to do that?”
Analyzing data within the confines of an institutional silo is problematic and limiting in today’s fraud and AML environment. Criminals stretch their activity far and wide. In the fight against money laundering, terrorism, and the fraud tied to these criminal offenses, cross-institutional analysis and collaboration is the next substantial step ahead.
Want to learn more about utilizing cross-institutional analysis and collaboration to fight financial crime? Click here to get FRAMLx: Strength in Numbers, Verafin’s latest white paper.