Fraud and AML Integration - Beyond the Hype

To fight financial crime more effectively, several financial institutions are working to integrate Fraud Prevention and Anti Money Laundering under the egis of Financial Crime Prevention, leveraging the natural synergies between the two functions. There are a few rationales justifying this integration, including crime prevention (particularly with money laundering activities), operational cost savings, promulgation of research and development (particularly in artificial intelligence and machine learning), and simply just doing the right thing. ?

While these rationales make good business sense, organizations will typically lack the understanding and specificity needed to make it an effective undertaking. For any merger, even a seemingly simple integration of two functions within an organization, it is imperative to conduct thorough due diligence, develop a clear integration strategy, communicate with stakeholders, and mitigate associated risks. However, before formulating a plan of action, we should start by understanding each of the functions and their intended scope and objectives.

?

Fraud Prevention

The primary purpose of Fraud Prevention is to stop the fraud before any financial losses are incurred. This function has three distinct objectives: Prevent, Detect, and Resolve. These objectives are designed to protect businesses, customers, and stakeholders from various types of fraudulent schemes, whether first-party fraud (where the customer is the perpetrator either directly or through collusion), or third-party fraud such as identity theft, payment fraud, account takeover, and unauthorized access.

A few key features that differentiate a fraud prevention function include:

• Fraud practitioners work with their counterparts within the business to set upfront controls on which businesses and customers can operate to safeguard businesses from catastrophic losses.
• Data and Analytics are utilized to detect fraud trends early and stop fraudulent activities from taking place. Fraud rules are probabilistic (includes legitimate activities being impacted) in nature and thresholds for an activity interdiction (i.e. new account application, financial transaction, etc.) are determined based on risk and financial impact to the business.
• ?Customers are notified and contacted (either digitally or through live agent outreach) to confirm transactions and verify identity and activities.
• The foundation of detection strategies and models relies on the ability to define a target variable representing known fraud. Since fraud losses are ultimately accounted for, either reported by the customer or realized by the bank on uncollectable dues, the target variable (whether fraud or non-fraud) is well defined, making accurate Return on Investment (ROI) determination possible.

Fraud prevention is largely driven by ROI, balancing Loss Prevention with Operational Expenses. The competitive advantage obtained through better operational efficiency, lower fraud losses, and improved customer experience drives investments in research and development, new technologies, and novel business strategies. Banks, after considering financial and non-financial impacts on ROI, can make investment decisions to proactively safeguard customers.?

?

Anti Money Laundering (AML)

AML policies and processes are regulated and monitored by governmental agencies, therefore innovation in this space must consider regulatory adherence as well as consideration for the firm’s Risk Tolerance Framework which guides such measures as effectiveness and efficiency.

A few key features that differentiate this function include:

• As a policy, customers are never contacted or informed of their suspicious money laundering activities, merely Suspicious Activity Reports (SAR) are filed with the Financial Crimes Enforcement Network (FinCEN) to determine appropriate next steps.
• Like the fraud function, the AML transaction monitoring framework rests in institutions being able to define a target variable with known money laundering activity. However, in the absence of a closed feedback loop, a SAR is filed by the bank based on the investigation (a judgmental process) and is used as a proxy target function (dependent variable). Determination of accurate ROI, even if desired, is not attainable.
• ?Cut-off thresholds for suspicious activity review are guided by the Risk Tolerance Framework set by AML within the bank. Breakeven thresholds based on risk captured versus operational expense tradeoffs do not inform or guide a firm’s decisions and in turn, discourage long-term technology and analytics innovation.

?A proactive approach to stop a crime merely on suspicion of illicit activities, particularly when crime is not established, may open banks to risk from legal or regulatory authorities.

?

Driving Value through Integration Use Cases

Instead of trying to integrate AML and Fraud Prevention organizations under the umbrella of achieving “greater efficiencies”, a more effective approach is to determine use cases that are most applicable and beneficial to the organization based on its structure and capabilities. The following is not an exhaustive list of potential use cases, however, based on my experience implementing these solutions for large financial institutions, they have proven to generate value.?

Data Infrastructure

Data capabilities play a crucial role in managing Fraud and AML programs - from identification of risk, detection of patterns, anomalies and suspicious activities, to deployment of advanced analytics, machine learning (ML), and artificial intelligence (AI) capabilities. Key datasets between Fraud and AML may differ; however, there is a need for foundational components and systems that enable the collection, storage, processing, and analysis of data on shared common platforms.? Fraud detection is primarily a real-time function whereas AML which relies mostly on offline batch data, runs on a weekly, bi-weekly, or monthly basis. Similarly, specific use cases, data intelligence, and deployment capabilities may also differ between these two functions.

Financial Crime with unified Fraud and AML data infrastructure and roadmap can tap several unexplored potentials such as sharing of negative databases, customer-level profiling with insights from both functions, digital intelligence, and deployment infrastructure with AI-ML capabilities. Additionally, combined efforts between these two functions will provide better economies of scale to improve the likelihood of investments in driving much-needed innovation.

Banks can strengthen their capabilities in Fraud and AML by firming data infrastructure that is capable of storing and sharing data intelligence across the customer lifecycle at scale with analytical capabilities to deploy traditional and advanced AI algorithms, including static,? dynamic, and cognitive AI capabilities.

?

Monitoring for Risk

Considering the increased velocity at which funds are moved out of banks, the Fraud function is more mature in its monitoring for potential risks. Over time this function has evolved from offline monitoring to real-time anomaly detection of digital, transaction, and new account application activities. Similarly, it has evolved from static rule-based monitoring, which generates a plethora of false positive activities overburdening investigative resources, to AI/MLdriven capabilities that can identify hidden fraud patterns much more efficiently. These developments have helped identify fraud risk earlier in its lifecycle while reducing false alarms by accounting for ‘noise’ from natural variations within customer activities.

The objective of AML transaction monitoring is intended to identify risks in a batch mode (bi-weekly or monthly) and has not progressed beyond static transaction monitoring scenarios. Regulators have realized the existence of such gaps within banks’ monitoring framework and have recently started to hold them accountable by mandating the monitoring and reporting of newer money laundering and other financial crime schemes.?

A synergized Fraud-AML monitoring framework can help identify newer AML schemes without excessive operational expenses needed to review below-the-line sampling. Examples of such monitoring can include mule activities used in transporting funds from one account to another, card transaction monitoring for activities akin to human trafficking, and digital signals from collusive fraud-AML schemes, among others. While the objective of AML is not to stop financial crime in real time, active monitoring for newer financial crime schemes can enhance systemic controls and satisfy regulators with a promise of proactive actions.?

?

Advance Analytics, Fueling AI/ML Research & Development

Fraud is an extremely rare event problem; even as fraud attempts are increasing steadily, fraud occurrence is still below five basis points (5 in 10,000 events) for most banks. It is essentially a needle-in-the-haystack problem. With fraudsters constantly modifying their schemes, fraud trends typically follow non-linear patterns. Therefore, traditional models and algorithms such as decision trees and regression are unable to identify hidden fraud risks without impacting a large number of good customers. Advanced analytical and AI/ML solutions, with their focus on capturing non-linear behaviors much more efficiently, play a crucial role in anomaly detection, predictive modeling, fraud rulesets, alert management, and customer authentication. In addition, advanced analytics has started to play an increasingly decisive role in enhancing the accuracy and speed of fraud prevention efforts, enabling organizations to adopt these technologies as a competitive advantage.

AML modeling, however, heavily relies on explainability – something that can easily be aligned to a firm’s Risk Tolerance Framework in justifying those thresholds with regulators. Although the use of AI/ML within AML is still in nascent stages, a McKinsey article from October 7, 2022, identifies that Machine Learning could be a game changer in the fight against money laundering. The volume of money laundering and other financial crimes is growing worldwide—and the techniques used to evade their detection are becoming ever more sophisticated. While traditional transaction monitoring scenarios such as cash restructuring, wire, and digital money movements will continue to remain, the use of Machine Learning can transform below-the-line space (activities falling below the model threshold). By expanding coverage with the power of ML, banks can reduce their risk of undetected laundering, optimize operational costs, and reduce regulatory fines.

In the fight against financial crime, banks are always in a race to catch up with the bad actors. A unified effort with the use of advanced analytics techniques can help banks improve transaction detection by reducing false negative and false positive rates, concurrently. A combined Fraud-AML function can realize the full benefit – by leveraging the cross-functional knowledge of subject matter experts, building a pool of decision scientist talent, and fast-tracking investments in data technology and platforms.?

?

Know Your Customer (KYC) Integration

A branch of the U.S. Treasury, FinCEN mandates that financial institutions have a customer identification program for consumers and businesses. Under KYC requirements, banks are required to obtain and make reasonable attempts to validate the customer or business name, address, date of birth, and identification number (i.e. SSN, EIN, etc.) where applicable. It is primarily an AML function enforced at new customer onboarding, although, information is also validated periodically throughout the customer lifecycle for accuracy under the customer due diligence process. The current KYC process for most financial institutions utilizes third-party score/identifiers but with the following two main limitations:

1. The process being treated as a mere regulatory formality does not significantly add functional value in mitigating fraud or financial crime risk.
2. With significant manual alerts generated with a high degree of false positives, this process can be costly.?

Fraud detection for new account application targets to reduce account takeover and synthetic applicant risk by successfully verifying the customer identity. Traditional bureau and behavioral biometrics offered by third-party vendors provide application fraud scores to establish customer identity with newer profile variables and digital signals. These customer identity markers are then compared with the inputs provided by the applicant to determine mismatches with a high degree of confidence, thus reducing false positives substantially.

At the heart of Fraud and AML, the objective is to attempt to establish true customer identity, therefore a unified process can offer improved efficiency and better detection. New age markers such as establishing customer identity through digital biometrics can offer a competitive advantage.

?

Suspicious Activity Report (SAR) Filing

SAR filing is a critical aspect of AML function. When financial institutions detect activities that appear suspicious of money laundering or other illegal activities, they are required by law to file a SAR with the appropriate authorities (FinCen in the United States). Being a core function, AML has evolved to achieve consistency, sustainability, and quality in the SAR filing process.

Financial institutions are also required to file a SAR if they detect third-party fraud including unauthorized transactions and identity theft that exceeds the specified monetary thresholds. However, guidelines for SAR filing for a fraud function are not as clearly interpreted. Banks are left to interpret these requirements with a fair degree of independence. As a result, SAR filings for Fraud lack quality and consistency. However, more recently, regulatory agencies have started to examine banks’ SAR filing for third-party fraud, holding them accountable for adequate internal detection and reporting processes, documentation, and record-keeping.??

Merging the Fraud SAR filing process with that of AML can bring discipline to this function that traditionally lacked attention and resulted in non-compliance with regulatory mandates.? Furthermore, synergies such as a combined talent pool of decision scientists can help fast-track research and development using Generative AI to fully automate SAR filing, driving substantial savings in operational expenses.

??

Taking a bottom-up approach to Fraud and AML Integration can help banks take this mandate beyond the hype and deliver its true potential in improving detection, advancing innovation, reducing operational expenses, and proactively meeting regulatory mandates.