New Study: To Address De-risking and Comply with AML/CFT Regulations, Banks Are Turning to Artificial Intelligence and Other New Technologies

“Regtech May be the Solution to Some De-risking Woes,” Says Center for Global Development’s Vijaya Ramachandran

Washington – Today, the Center for Global Development released a new study that finds that financial institutions have turned to new technologies, including artificial intelligence, to address de-risking and increase the effectiveness and efficiency of their AML/CFT compliance. These new technologies may enhance transparency and information-sharing capabilities, facilitate automation and interoperability between institutions, and improve banks’ ability to accurately identify illicit activity.

This study is the first comprehensive effort to assess six key new technologies and their potential to solve the de-risking problem: know-your-customer (KYC) utilities, big data, machine learning, distributed ledger technology (DLT), legal entity identifiers (LEIs), and biometrics.

“Some policies that have been put in place to counter financial crimes have unfortunately had a chilling effect on banks’ willingness to do business in markets perceived to be risky in part due to the high price of compliance. This has had costly consequences for people in developing countries, and have hurt migrant workers, small businesses that need to access capital, and recipients of lifesaving aid in conflict, post-conflict, or post-disaster situations the most,” said Vijaya Ramachandran, one of the study’s authors. “But what we’re seeing is that even as these policies are having an impact, financial institutions are coming up with solutions in the form of new cutting edge technologies to help them comply better and faster with anti-money laundering regulations.”

The study suggests that new regulatory technologies (“Regtech”) may offer a partial solution to de-risking by lowering compliance costs and improving risk management capabilities. The technologies include:

• Machine learning is a type of artificial intelligence that allows computers to improve their performance at a task through repeated iterations. Machine learning may be used to augment or transform a number of compliance functions, including those for developing more sophisticated customer typologies and for more accurately monitoring transactions. These uses could simultaneously cut down on false alerts and identify undetected illicit finance techniques.

• Biometrics use distinctive physiological or behavioral characteristics to authenticate a person’s identity and control his or her access to a system, and are more robust than other authentication factors, such as passwords and tokens, as they are generally more secure and easier to use. Biometrics are being used to address the “identification gap” that exists in many developing countries. This use, in turn, could make it easier for banks to conduct customer identification, verification, and due diligence, which may bolster the confidence of their correspondent banks. However, most biometric identification systems are being developed at the national level, meaning that work is required to develop an internationally recognized and interoperable identification system.

• Know Your Customer (KYC) utilities are central repositories for customer due diligence (CDD) information. By centralizing information collection and verification, KYC utilities can reduce the amount of information that has to be exchanged bilaterally between correspondent banks and their respondents, thereby reducing the time banks spend conducting CDD investigations.

• Big data refers to datasets that are high in volume, high in velocity, and high in variety, and therefore require systems and analytical techniques that differ from those used for traditional datasets. Compared with relational databases, big data applications offer more scalable storage capacity and processing. They also allow many different types of data to be stored in one place, so compliance staff spend less time gathering information from disparate sources. Most important, they can greatly expand the range and scope of information available for KYC and suspicious transaction investigations.

• Distributed Ledger Technology (DLT) is a way of securely organizing data on a peer-to-peer network of computers. In a blockchain, which is a type of DLT, data modifications, such as transactions, are recorded in time-stamped blocks. Each block is connected to previous blocks, forming a chain. Modifications are confirmed and stored by all users on the network, which makes the ledger difficult to tamper with. Although blockchain technology is most commonly associated with virtual currencies, such as Bitcoin, the basic technology has a number of other potential use cases, including uses in regulatory compliance. In particular, DLT may be used for securely storing and sharing KYC information, as well as for cheaper and more secure international payments.

• Legal Entity Identifiers (LEI) are unique alphanumeric identifiers, like barcodes, that connect to reference datasets held in a public database. Any legal entity that makes financial transactions or enters into contracts may request an LEI. In many countries, especially developed ones, LEIs are increasingly mandated by regulation. To date, more than 1 million LEIs have been issued worldwide. By serving as common identifiers, LEIs can enable different platforms, organizational units, and institutions to refer to entities clearly and without any ambiguity. This interoperability can, in turn, facilitate greater automation and information sharing. A further extension of the LEI would be to include it in payment messages to identify originators and beneficiaries, which would further enhance the transparency of international payments.

This important study comes ahead of the Financial Action Task Force meeting in Paris – set for next week.

“In the face of de-risking, both the public and private sector have tried to find ways to lower the compliance burden without lowering standards,” said Ramachandran. “Our study finds that Regtech may be the solution to some de-risking woes. But for this to work, policymakers need to invest time in understanding how these technologies work, and what their benefits and limitations may be.”

You can read the full report at /reader/fixing-aml-can-new-technology-help-address-de-risking-dilemma.

##