Is your information useful or not? Terry Pesce of KPMG talks about using analytics to identify the transactions you really should be focused on.
According to various online reports from Forbes and IBM, humans generate as much as 2.5 quintillion bytes of data every day. At a more granular level, consulting firm McKinsey speculates that by the year 2020, every person will create 1.7 megabytes of new data every second. While these and similar statistics are mind-boggling in and of themselves, they help to underline the very real challenge that the financial services industry faces in managing data flows in the fight against financial crime.
Though a large focus on data management tends to be around the use of data analytics to help uncover potential business-building opportunities, what shouldn’t be overlooked is how technology can also be deployed to look for warning signs and patterns of potential criminal activity by a financial institution’s customers. According to Terry Pesce, Global Head of Anti-Money Laundering Services and Financial Crimes Services Leader for the Americas Region for KPMG, technology alone won’t solve the problem; the answer lies in ensuring you are asking the right questions and seeking the right data.
“Data and information are key. There does have to be a real top-down and bottom-up look at the way that what we do things in the anti-money laundering space, because I think there is a lot of money being spent to generate a lot of noise, not all of which is as effective as it might be. As an industry, we need to do a global review that asks, ‘Are we attacking this the right way?’”
– Terry Pesce, KPMG
ANSWERS: What are your thoughts on how anti-money laundering practices and processes can be made more effective in the global financial system?
TERRY PESCE: There are number of things I think that could be helpful. Some are fairly basic and some are a bit more complicated or longer term. One of the challenges, particularly for global organizations, is the inability to share as much information across jurisdictions as they would like. There are some jurisdictions where privacy laws and regulations that do not permit the sharing of information. At the same time you have regulators who are asking global banks to take a global view of their clients across business lines and jurisdictions. Global legislatures, regulators and policy makers have to come together if they are serious about this fight and allow some form of information sharing that would make the view of the customer and the customer’s activity more holistic.
Data and information are key. There does have to be a real top-down and bottom-up look at the way that what we do things in the anti-money laundering space, because I think there is a lot of money being spent to generate a lot of noise, not all of which is as effective as it might be. As an industry, we need to do a global review that asks, “Are we attacking this the right way?”
ANSWERS: That brings up a point about effectiveness. For instance, the 2011 United Nations Office on Drugs and Crime report estimated that roughly only 1 percent of criminal funds in the international financial system are frozen or confiscated annually. And that low, low rate persists.
PESCE: It works two ways: industry-wide, while we’re probably not catching a lot of it, we’re also collecting and capturing a lot of useless information. Think about the information that goes through the various transaction monitoring and filtering systems and the number of eyes or resources that review those alerts or hits – the majority of which will be deemed unproductive. If even half of what was captured was useful, that would be a huge improvement. Now, only a small fraction of alerts are meaningful. That’s a lot of time and resources spent not helping us prevent financial crime. In fact, it could be diluting resources and inhibiting us from focusing on the information that really is useful. We’ve got to be looking at it in a different way.
ANSWERS: How do you see emerging technologies such as artificial intelligence and automation being deployed in the fight against money laundering?
PESCE: If we can use artificial intelligence and more predictive analytics to understand what really normal and expected activity is and what is not, particularly for higher risk customers, we might get a better understanding of where we should focus our attention. For instance, we might find that a certain customer sent a big dollar amount to a high-risk jurisdiction, but then when we look at it more closely, we may determine, “That’s normal, because they’ve done that seven times before and each time they’ve done it, we’ve looked at it and we’ve cleared the transaction.”
If you use more machine learning, you may be able to weed out normal occurrences and look for real changes that are unusual, to look for patterns using different data elements that will tell us more. In the anti-money laundering space, we’re looking at everything after it happens. If we could better predict behaviors based on unique factors, we may better predict whether a customer presents a greater risk of engaging in criminal behavior. I think that’s where we ultimately need to go. We need to be ahead of them, not behind them.
ANSWERS: Would organizations benefit from centralizing their AML compliance efforts and if so, what are those benefits and how would they go about centralizing them?
PESCE: The simple answer is yes. Centralizing the ability to see customer information and activity across an entire organization is plainly optimal, but it’s very challenging, and I think there’s an idea that it’s a simpler exercise than it seems to look at actors cohesively across lines of business and jurisdictions.
First of all, there are still data challenges. If an organization has the wherewithal, a complete data cleansing exercise would be optimal, especially for institutions that have come together through mergers and that continue to maintain multiple systems. The organization could have its golden source of all its customers; it doesn’t matter what product the customer is in, it doesn’t matter if the customer has multiple accounts – the organization has a system that has all the information for that customer in one place. That would be actually very beneficial to be able to tap into and understand a customer centrally, as opposed to being spread out across lines of business where the various lines don’t know that they all have the same customer.
With the data centralized, having a centralized compliance function can give you a better picture of who the client is, what they’re doing and whether or not there’s something risky occurring. Of course, you have to understand the local laws and regulations. It is beneficial to have the ability to look across jurisdictions and business lines so as to really understand not just the customer’s accounts but the customer holistically.
ANSWERS: How do you see global anti-money laundering efforts evolving in the future?
PESCE: Technology will enable an optimization of the processes. When you think about anti-money laundering it’s really kind of an end-to-end process. It’s a continuum of onboarding, of understanding who your customer is and what they do, and monitoring their activity during the course of the relationship.
Now, there’s discussion about expected activity and that’s often something that’s really very hard to capture because activity can be market-based. Activity can sometimes be hard to predict, but by watching what ordinary and regular activity is for a customer and being able to monitor that over time, you can see occurrences that are unusual using machine learning. That’s definitely something that I see on the horizon.
There’s a re-imagining that has to happen with the process. We need to better understand which information we collect from clients that doesn’t really help us and which information we really do need to understand how they’re acting, what kind of transactions they’re engaging in, where they’re transacting and with whom they transact. That’s going to provide useful information to give to law enforcement. There’s a bit of a challenge because examiners are understandably nervous about telling firms to change or do less in any way as they too are under scrutiny. There’s a lot of information that is collected due to a fear of a regulatory risk. And, much of this information is not necessarily used by law enforcement. So, I think there is a bit of a disconnect between what regulators and examiners look for in a program and what law enforcement really uses when it’s fighting financial crime.
ANSWERS: What advice do you have for financial professionals on steps their organizations can take to manage and comply with the burgeoning inventory of laws and regulations?
PESCE: In the first place, you really have to understand what applies to you. We are finding that more and more of our clients are asking, “What are the laws and regulations in the countries where I do business that apply to me and my suite of products?”
You can start with that full inventory and understand how it applies, so you are not missing something. That’s just step one because laws and regulatory expectations change constantly. Once you understand your baseline, you need to really maintain a constant review for changes so that you can keep on top of changing expectations in the regulatory environment and how your program responds. Understanding your legal and regulatory obligations is critical. You can also understand where the requirements are consistent so that you are collecting information in a more efficient way. You don’t have to have somebody trolling through paper releases every month. That is definitely another place where automation can help.
ANSWERS: Do you think people are waking up to the fact that money laundering is not a victimless crime?
PESCE: The only way that bad organizations can operate is if they can be financed. Money laundering either hides the proceeds of a crime that was committed, or furthers criminal activity. If the terrorists don’t get the financing, then they’re not going to be able to conduct the terrorist act. That means it’s not a victimless crime by any stretch of the imagination. Think about some of the major frauds that emerged after the financial crisis. Those were not victimless crimes; people’s whose life savings were wiped out. And, that’s not just fraud, that’s money laundering too because the money is moved from place to place so that the fraud can be concealed.
Nothing comes without a cost. If the “financial system” is the victim, that just means that everybody else is paying more for the financial system to work. There are victims involved here of many stripes. Organized crime relies on money laundering, as do drug cartels. When you think about white-collar crimes (for example, boiler rooms), there are real people who are being seriously hurt, and money laundering is part of it. Criminals must disguise the source or use of their money to reap the benefits of their activity. They want to use the dirty proceeds, or sink the proceeds back in to commit further crimes. If you only think that you’re pushing a button on a computer and not thinking about what happens when all the bytes connect, you must understand that somebody’s paying for it somewhere.
In our new series, AI Experts, we interview thought leaders from a variety of disciplines — including technology executives, academics, robotics experts and policymakers — on what we might expect as the days race forward towards our AI tomorrow.