Traditionally, banks have thought of anti-money laundering and know your customer (AML-KYC), fraud and cybercrime as three separate problem sets. They each have their own distinct teams with their own independent processes, tools and reporting structures.

Female office worker at workstation near window, looking at desktop monitor (screen not shown). Open laptop also on desk (screen not shown).

AML-KYC has been the primary focus for financial regulators. However, increasing attention is being paid to cyber risks and fraud, with more emphasis on the overall effectiveness of a bank’s approach rather than just adhering to rules.

For larger banks, there is already significant effort required to consolidate data, profile customers and transactions and to detect and investigate threats. This is only expanding as regulations become more extensive and watchlists continue to grow.

Multiple teams, systems and solutions are applied to detect anomalous behaviour and there is often overlap in these efforts. Up to 30 percent of money laundering activity may involve fraud as well – and a portion of that could also be linked to cybercrime.

With this in mind, it makes sense to think about financial crime in a more holistic fashion. This is exactly the shift we are seeing today. More organisations are considering how to optimise their teams, processes and tools to improve detection insights and reduce rework.

While there are certainly benefits to doing so, overcoming these existing silos in a large complex organisation is no mean feat.

Unlock the value of data by reducing siloes

Two adults conducting a meeting in a conference room while collaborating over a Microsoft Teams video call presented on a Surface Hub 50” device. Two Surface Pro 8 devices are also shown. One in laptop mode with Surface Pro Signature Keyboard and one in tablet mode with Microsoft PowerBI shown.

The ultimate vision is to have a single, secure data platform that brings together all data from across a bank to help support risk decisions in real time. This can then be complemented with processes and teaming models that enhance collaboration between case workers. A single operations centre may work for some.

However, consider how entrenched these siloes may be within large banks. Attempting to integrate these systems might be a long-term North Star to aim for. Instead, it may be initially more appropriate to take smaller and more actionable steps.

Distinct financial crime teams have spent years focussing on their metrics and deliverables. So simply getting people talking regularly or sharing data in a weekly stand-up is a great starting point. Recently, a bank reflected on a series of perimeter attacks picked up by their cybercrime team, logging it as a COVID-related anomaly. However, once the fraud team got wind, these were linked to a vulnerability in account numbers being issued sequentially – helping them quickly change their approach and reduce future vulnerabilities.

At Microsoft, we’re working with a group of banks to take collaboration a step further. Pooling data to collectively get better insights of how money moves around the country and more easily pick up on transactions that might be suspicious.

For banks coming together like this, both data privacy and competitive information is a concern. But through the use of Microsoft privacy enhancing technologies, each banking team can share encrypted data representing the history of all suspicious transactions they’ve investigated and the results. All without sharing underlying data that they may not want to disclose.

These can then be put into a model with insights from the participating banks. This gives a more accurate dataset than any individual bank could achieve on their own. Additionally, ‘post suspicion’ investigation information can be shared between banks using secured documents that can only be accessed by selected recipients in the other organisation.

We’ve seen similar initiatives starting in Singapore and the Netherlands, which shows the mindset change happening now across the financial world. Sharing information across borders and organisational boundaries to enhance everyone’s collective AML capabilities.

Finding efficiency in AI and automation

a man and a woman standing in front of a laptop

Sharing data between teams and organisations may be the ultimate goal. Additionally, there’s still an optimisation role for technology in how banks investigate cases post-detection.

For example, fraud systems have had a mini revolution over the past 10 years. They’ve moved from determining whether a transaction is fraudulent using individual data points to leveraging more in-depth knowledge about a customer’s spending habits.

While this creates a more insightful view, it’s not easy to interpret this volume of data using a set of rules. However, you can ask AI to spot what’s anomalous within the data. Using a platform like Microsoft’s Azure Sentinel, behavioural analytics models can look for anomalies at the cyber level based on a combination of data. And all while keeping within any existing rule sets the bank has in place.

So if AI can lead to more accurate fraud detection, can the same be useful for AML?

A common approach is to apply AI on top of the bank’s existing rule system. Then, using all available data, it can provide a rating on if a detected anomaly requires further investigation.

This has many obvious benefits from a productivity and efficiency perspective. A low rating could be the difference between an investigator spending minutes double checking a case to hours looking deeper into the transaction history.

Regulators are becoming more open to using AI and automation in this space. Not just as a guidance to reduce work for investigators, but also for optimising workflows and processes.

Human workflows like logging into systems, pulling up records and combing documents for the right data are all tremendously time consuming. Through a solution like Microsoft’s Power Platform, these human and system workflows can be automated and even combined with cognitive services for more advanced tasks – such as extracting key information from supporting documents during an investigation.

A significant bank can spend up to 60,000 hours across its case team performing annual KYC checks for existing corporate customers. However, AI can support these checks even if 20 percent still need to be investigated further. As a result, a bank can save a substantial amount of time and resources and put them to better use.

Use AI to improve business processes

The rules-based systems banks use today fulfils an important compliance role. Yet it may not be very effective at detecting generally anomalous behaviour. This presents an opportunity for those who want to circumvent the systems.

AI is very good at detecting anomalous behaviour. As a result, it can help cover those gaps. But it probably can’t solve the root of money laundering problems, at least not until things like universal disclosure and sharing of information is more accessible.

But can AI help banks get more accurate at detecting and make AML less of a problem for customers? Absolutely. And utilised in the right way, it can help a bank dramatically enhance the total quality of its operation and the productivity of its workers – all while still staying compliant.

This starts by thinking about your organisational structure and the technology you’re using. Here are some steps to keep in mind:

  1. Make sure information is being properly shared within your organisation. Both weekly stand ups and virtual team meetings can help get different teams out of their siloed thinking.
  2. When thinking about your data strategy a unified customer and transaction data profiling solution is your North Star. Keep this in mind while working within existing constraints. What steps can you make towards that single data platform that can make a difference today? And what technologies can you implement that will be as relevant today as they are in the future?
  3. Don’t think of AI and automation as solving every problem. Find the 20 percent of investigation processes that are burning through your time and consider what human workflows you could automate within your financial crime processes. Then, partner with a cloud provider that understands automation and cognitive services to help you extract data or search entries automatically and build a focused model that will land you a couple of quick wins each month.

Find out more

Microsoft Cloud for Financial Services

Redefine risk management in an era of data and disruption.

Empower intelligent banking

Risk assessment and compliance guide for financial institutions

About the author

Ruper Nicolay headshot

Rupert is a Global Specialist for Financial Services in Microsoft’s Industry Solutions team. In this role he meets with strategic customers and partners globally to share Microsoft’s technology strategy in financial services, learn from their successes and to support Microsoft engagements. As such he has practical insights into successes and challenges relating to the use of leading edge Microsoft and partner technology in financial services around the world. Particular areas of focus include data driven solutions for Risk Management, Financial Crime and Data and AI in banking scenarios.