By Jason Chorlins, CPA, CFE, CAMS, CITP, Principal of Risk Advisory Services at Kaufman Rossin
Financial institutions are increasingly leveraging technology and trying new approaches to combat financial crime, in line with regulators’ encouragement of innovation in this area. As solutions continue to evolve, a layered approach using intelligent automation can help banks and other financial institutions to enhance their Bank Secrecy Act/anti-money laundering/ (BSA/AML) compliance programs.
Regulatory agencies recognize the role of new tools and technologies in combating financial crimes and have said they are “committed to continued engagement” as new tools are developed. The December 2018 Joint Statement on Innovative Efforts to Combat Money Laundering and Terrorist Financing emphasized this commitment.
Some of the most sophisticated solutions for using technology in financial crimes compliance today often layer robotic process automation (RPA) with other technologies – including machine learning, natural language processing and artificial intelligence (AI) – that are collectively known as intelligent automation. For example, a system might use RPA to pull data, machine learning to compare the data to known patterns and AI for initial suspicious activity reporting (SAR) decision making and auto-filing of SAR forms.
Together, these technologies can help financial institutions reduce costs and errors while improving efficiency and effectiveness in BSA/AML compliance.
Understand robotic process automation (RPA)
RPA uses bots to automate work that requires little subjectivity and follows rules that have no variation. It works well when the knowledge model is highly developed across cases and rarely needs changing, and with data that is highly reliable and available. When all of these conditions are present, RPA can create highly effective and efficient financial crime monitoring systems. RPA can review a high volume of transactions and quickly flag potential issues/patterns for further investigation.
RPA greatly increases the speed and efficiency of BSA/AML compliance programs. However, RPA isn’t effective at tracking hidden, multichannel and complex transaction patterns, or patterns that are inconsistent and require subjective analysis.
Poorly configured and/or tuned systems may miss suspicious patterns or AML indicators and tend to produce a high number of false positives that require manual intervention and investigation. Alert thresholds and configurations need to be set and regularly adjusted manually, and employees need constant training to look out for new threats and typologies. This is where intelligent automation comes in.
Layer with intelligent automation
As the volume of financial transactions and the number of transactions that banks and other financial institutions must monitor continues to grow, the value of adding intelligent automation increases. Intelligent automation integrates the capabilities of RPA and adds an extra layer: bots capable of learning and adapting to changes in real time (I.e., machine learning).
Intelligent automation supports manual, routine and complex human decision-making processes. It allows institutions to save time and money while increasing the effectiveness of their efforts to combat financial crime.
With its ability to adapt, learn and move beyond rules-based processes, intelligent automation is a key component in scaling compliance efforts. It expands on RPA, adding important capabilities:
- Consistent learning from data patterns
- Behavior-based analysis of data
All of this is made possible with a strong feedback loop which trains the algorithms to learn when activity should be escalated as an alert and suppress activity that does not present risk of financial crime.
How financial institutions benefit from RPA and intelligent automation
Automation allows financial institutions to balance appropriate controls and operational requirements with regulatory compliance requirements; this helps them process transactions as smoothly and quickly as possible. Intelligent automation provides additional layers of analysis within any BSA/AML compliance program, while freeing up humans for more subjective, judgement-based work.
The incorporation of intelligent automation expands on these benefits while also aiding overall institutional operations and decision-making. Intelligent automation may help financial institutions to:
- Reduce costs by augmenting employees and improving productivity. With intelligent automation, companies can quickly scale their processes without increasing risk, compromising quality or straining their employees. This results in improved ROI and higher efficiency.
- Improve the customer experience and increase competitiveness. Providing high-quality products to the market and answering customer queries instantly can result in a positive customer experience.
- Improve process accuracy and reduce false positives. With better data analytics, the ability to focus on crucial key metrics, and the capacity to see behavior patterns humans might not spot, intelligent automation flags more transactions likely to be in violation of compliance and legal requirements. At the same time, intelligent automation facilitates more accurate list-matching, with fewer false positives.
- Make decisions more effectively. An advantage of intelligent automation is the ability to use AI to drive critical decision-making.
- Address compliance issues more successfully. Institutions leverage the additional capabilities of intelligent automation to more effectively comply with regulatory and legal policies.
Case studies: Intelligent automation in real-world applications
Intelligent automation can be leveraged in a variety of ways.
For example, a California bank worked with our automation experts to design and implement intelligent automation to help its AML department assess a gap in country risk for wire transactions. This bank was under a consent order from FDIC and the California Department of Financial Protection and Innovation (DFPI) due to conditions identified in a safety and soundness examination. With this additional layer of analysis of international wire transfer risk, the bank addressed the previous gap by being able to identify international activity that presented heightened risk to the organization. This implementation of intelligent automation, along with other improvements in its BSA/AML program, ultimately led to the termination of the consent order.
Another example comes from a New York branch of a foreign financial institution that wanted to improve its customer-risk rating process. The bank worked with our automation experts to add an automated process that analyzed transaction-related information that it uses to assess and update customer risk ratings that previously was performed manually outside of the customer risk rating system. At the push of a button, the system generates an activity-based risk score for the client based on pre-defined thresholds. The results: an 80% reduction in the total cost to risk rate customers, 99% reduction in errors due to the removal of manual aggregation, and 72% less time spent on generating customer risk scores.
Getting started with intelligent automation
Intelligent automation is a new frontier in financial crimes compliance, so institutions should proceed carefully as they incorporate it into their compliance processes. Successful implementations start with a well-defined automation strategy, assessment, road map and pilot program.
Once you have a well-defined automation strategy, assess data and processes to see which will benefit the most from automation. Many financial institutions work with a consultant to help identify problematic data, evaluate current processes and prioritize areas for intelligent automation.
Two areas are most likely to benefit from automation:
- Data that has typically been problematic for existing systems
- Processes that are not working well or not working as you need them to
After identifying priority areas for automation through an assessment, begin with a roadmap similar to this one:
- Define your intelligent automation program objectives, including the business case.
- Choose an effective operating model.
- Establish preliminary program metrics and governance structure.
- Analyze processes for automation and technological feasibility.
- Prioritize automation project candidates to identify a pilot project.
Working from this roadmap – especially your automation strategy and business case – create a pilot project. Implementation of a successful pilot project may look similar to this:
- Develop a proof-of-concept solution.
- Develop a prototype in a staging environment to see how users feel about it.
- Use version control and perform quality assurance on the prototype.
- Draft performance benchmarks to compare the new technology to existing solutions and identify regressions.
- Evaluate the pilot and how well it meets the business case.
- Perform functional enhancements to optimize quality.
- Document everything along the way.
Keep in mind that the pilot project doesn’t have to be a home run right away. The goal is to get started and demonstrate progress. Outside professionals with experience using intelligent automation in financial crimes compliance can help guide an institution through all aspects of the roadmap, as well as creation and monitoring of pilot projects.
Automation risks to consider
Of course, any new technology implementation comes with certain risks. Fundamental errors may produce outputs that don’t match your objectives for the intelligent automation tasks designed. People may also use the system incorrectly or inappropriately. They may also misunderstand the system’s limitations or underlying assumptions that go into the intelligent automation platform. Data governance and process deficiencies may even lead to formal or informal regulatory actions.
And even if intelligent automation models perform better than traditional models, their performance may be more difficult to explain. The lack of explainability may cause model validation or model risk management teams to restrict their usage.
There are ways to mitigate risks:
- Train intelligent automation systems on the best available data via the feedback loop. For example, if you train a system on last year’s SAR data and more than 95% of past SARs were wrong, the new system will simply perpetuate the inaccuracies, albeit more quickly and efficiently.
- Document the development process, pilot program and performance against benchmarks to help identify issues early in the process or demonstrate your compliance efforts if issues reach the regulatory level.
- Stay on top of data governance and processes, making course-corrections as needed.
Continue to explore new automation technologies
Right now, using intelligent automation for financial crimes compliance may be a competitive advantage for institutions. In the near future, however, it will become a competitive necessity. With regulators continuing to encourage innovation and financial crimes risk continuing to grow and evolve, banks and other financial institutions should be proactive about adopting sophisticated solutions, such as intelligent automation, that can enhance their BSA/AML compliance programs to help them to stay ahead.
Jason Chorlins, CPA, CFE, CAMS, CITP, is a principal of risk advisory services at Kaufman Rossin, where he leads forensic and financial service investigative engagements as the banking practice co-leader. He advises clients on money laundering, internal corporate investigations, due diligence and regulatory compliance matters to help them manage risk. You can reach Jason at email@example.com