By Simon Moss, CEO, AyasdiAI
It’s essentially impossible to definitively determine the amount of money that’s laundered each year – there is just so much money laundering happening. Estimates range from $800 billion to $2 trillion but in all likelihood, that barely scratches the surface. We’re seeing regulatory bodies increase fines in a mild attempt to discourage this type of financial crime. Last year, those fines equaled $5.6 billion – an increase compared to previous years. When the figures come out for 2021, we’ll surely see a further increase in 2022.
But fines are, unfortunately, in the category of cost of doing business, rather than the behavioural motivator they are supposed to be.
Moreover, financial fraudsters have evolved even quicker, utilising new technology, regulatory fragmentation, plus detection technology and risk topologies from the stone ages. This mismatch is foundational to the challenge that banks have in addressing financial crime.
Banks map investment and innovation to regulation and compliance, but not stopping crime. Criminals are motivated to evade, hide and exploit weakness, and the agility quotient between the two groups is extraordinary. Add to this some banks’ tone from the top seeing such matters as a hindrance to business and you have the perfect mess. Agile, intelligent adversaries outmaneuvering large cumbersome institutions that have both a different motivation at best, at worst, a benign neglect of stopping their institutions from being arbitraged as enablers of global crime. Criminals are changing their tactics, but the methods used to try to catch them are decades behind. The sophistication gap is absurd, and the regulations can’t even begin to catch up.
So, what of 2022 – a continuation of the exploited and arbitraged system, or some signals that the banking system will reconsider its role in holding capital to a higher standard?
The bad news first…
Money laundering is flourishing
Money laundering is thriving – and the pandemic fueled its success. Two years ago, we talked of the incompetence of the Western stimulus plans stimulating a whole new wave of financial crime access. The result has expectably been the number of shell companies skyrocketing and huge numbers of “trojan horses” continuing to be formed with clandestine change of control (but not change of ownership) following cash injections into distressed firms. So, all the raving of beneficial ownership is nothing but expensive noise, given how even deeper criminal facilitation has buried itself into the system.
Innovation – a lot of noise at the moment: 2022 will separate the wheat from the chaff
Current AML technology was architected half a decade before the iPhone 1. It’s a steam engine in terms of potential and abilities. We all know it, but the inertia and orthodoxy of these old solutions (“stickiness” in investment parlance) prevents institutions from getting close to hindering our adversaries. And solid, powerful technologies are absolutely ready for prime time. Finding them in all the noise is understandably a challenge. Even while huge amounts of capital are flooding the AML market, it’s been hard to find true, reliable innovation during the past year. The global AML software market is rapidly growing, with BIS Research predicting it will grow at a CAGR of 14% from now until 2025. New vendors are entering the market all the time, but what’s happening is that for banks, it’s harder to see the forest for the trees.
It’s difficult for IT buyers to understand the differences, the real value. I can’t blame them; they’re getting hit from every angle by consultants pretending they have product, over capitalised SW firms desperate to sell within the ROI window, and toolkits promising everything, but you need to do it yourself (selling against the arrogance/failure curve that will take a couple of years to flesh out).
2022 will demand proof, not noise and marketing, for the market to adopt innovation and truly have a chance to catch up.
Proof of innovation will be aggressively focused on rapid and measurable comparisons on the delta of improvement in the innovation. Most critically, these tests must use exactly the same data as previously used, otherwise apples-to-apples comparisons and real value measurement will never be understood. Data is constantly going through the wash-cycle on repeat. Now it’s time to drive information yield out of that data and maximize the transparency of the firm’s operating model with yet another death march of data mapping. Success comes from accelerating the progress of the past, not starting again.
So, three things are essential to run a proof of concept (PoC) for discovering financial crime in 2022:
- Use EXACTLY the same data currently being used; do not provide anything else. It is the only way to see that discovery of crime innovation is materially better.
- Measure “effectiveness,” not efficiency, in discovering crime. This is a big deal. Efficiency will drive you to reduce volumes of alerts and make discovery less effective. Increasing effectiveness, on the other hand, will directly improve efficiency.
- Cost of deployment: Another massive business case for large amounts of implementation or consulting work is worthless. Pressure on budgets will increase next year. Non-invasive, quick and early value must be realised. Make sure the service level agreement (SLA) states delivery expectations and date certain delivery schedules.
So, in other words, make sure all this impressive marketing noise can prove itself in 2022.
Changing technology, lagging regulation
Change is accelerating in the realm of enterprise technology. It’s everything from how exactly blockchain is changing the financial supply chain to how crypto is being used more effectively to commit financial crime. Are new payment mechanisms making access to the financial markets easier and more opaque? How are deep fakes and robust synthetic identity designs changing the risk in understanding and predicting risk? How is social media stimulating new global communities, both good and bad? How will the democratisation of equities and options trading be protected against bad actors?
Regulators and legislators are finding it hard to answer these questions. There’s a significant chasm when it comes to technology and those tasked with trying to understand it – let alone know how it can be used to facilitate crime and then regulate it. In the next several years, a generational improvement in understanding will be needed to curb new technology exploitation. Please refer to the above. Otherwise, government and regulator legislation will remain focused on the market as it was 20 years ago – not as it currently is – leaving the banking system full of holes for exploitation, arbitrage and outright crime. That includes some of the worst crimes impacting humanity.
AML regulations are trying to catch up
So, there are a few rays of light in opportunity and technology promise.
Though late by about a decade, some regulations have come up recently that are moving in the right direction. The U.S. Anti-Money Laundering Act of 2020 was a big positive, containing some of the most significant changes ever made to the Bank Secrecy Act of 1970. In early December, President Joseph Biden introduced a new strategy to crack down on corruption that specifically focuses on key areas of money laundering.
Another good step forward came in the form of the Corporate Transparency Act (CTA). Its purpose is to keep shell companies from becoming havens for money laundering and other illicit activity. It creates a registry and requires millions of domestic and foreign companies registered that do business in the US to disclose information about their beneficial owners (similar to what the U.K. introduced in 2016.) Those rules go into effect Jan. 1, 2022, a year after the rules were passed.
It’s great that the U.S. government is stepping up and recognizing the need for much stronger action on money laundering, but it’s the banks and financial institutions that must bear responsibility for rooting it out and halting the arbitrage of the financial system as an enabler of global criminal activities. Some institutions are finally starting to take the higher road and recognize that the status quo can’t continue. Others have acknowledged that a new approach is needed, that they are using antiquated systems and they can’t just bury their heads in the sand. And they will make a significant amount of money making some rational, clear decisions here. We as a company are seeking such firms out.
Addressing the cryptocurrency threat
Cryptocurrency is a whole new class of problem, and a problem it most certainly is. Ironically, cryptocurrencies are providing a vehicle for criminals to shift their money laundering activities away from traditional banks and other such financial institutions. There may actually be a decline in money laundering involving the world’s biggest banks, simply because they’ve been left behind by technology. But we’ll see an increase in crypto-based extortion and other crypto-based crime.
For the regulators and the system, this will create a massive problem. On the upside, governmental bodies are taking notice, and we should expect to see more of that, although regulation is always several paces behind the technology and the bad actors using it. For instance, in November, the Financial Action Task Force released a new report urging crypto platforms to do more to verify the identities of their users and regularly report suspicious activity – the takeaway being that regulation must happen now.
And the U.S. government announced in October the creation of a National Cryptocurrency Enforcement Team. This team will combine the expertise of several sections of the Department of Justice Criminal Division. Its members will fight money laundering and “assist in tracing and recovery of assets lost to fraud and extortion, including cryptocurrency payments to ransomware groups.”
Fines, Fines, Fines!!
Above I stated that fines will increase in 2022. The Biden commentary, Janet Yellen’s comments, and the NatWest debacle all put the U.S. and U.K. financial systems integrity in question, or at the very least, under severe scrutiny. Ad hoc fines may not be enough. In fact, they are often counter to what they should achieve given how arbitrary they are, thus enabling an unfortunate risk/return decision.
What is perhaps needed – given the cost of doing business perspective that compliance is now categorised as – is not ad hoc fines, but percentage of revenue. Not a chance in 2022, but maybe further down the road. This not only clearly allows a much more aggressive fines structure, but also enables institutions to plan better and understand the cost of failure enabling risk to be accurately understood and measured. Mapping fines directly to revenues (let’s say 10-20% for a major and knowing facilitation of crime) will certainly be a wakeup call to focus on this issue, rather than dismissing it as a back-office function and even an annoyance. Why? Banks are not staffed with bad people. Far from it. But the power of capital and shareholder return expectations is undermining the need to provide the social and moral foundation that banks, whether they like it or not, have in the system of capital that keeps our democracies flourishing. They have a responsibility and 2022 will see a greater awareness of that responsibility.
Predicting a future with less financial crime
No, that’s a joke. We have to be honest and acknowledge as a system we are at least a decade behind our adversaries. They play by different rules and alas have different motivations. And bad actors are always several steps ahead – using new technologies to further advance their nefarious activity. At the same time, the status quo isn’t financially sustainable – and this is likely to finally start to push forward more innovation.
Past is sometimes a prologue, but on occasion, people can learn from the past and take a different path. The new year comes with newly minted regulations and some true promise in technologies that can leverage the investments of the past. The question, as always is, will the system and its participants focus on discovering and stopping criminal exploitation or will they simply comply with old, laggard, slow and opaque regulations and associated technology. 2022 will see a few firms focus on the former, and as a result will change the market over the next half decade.
About the author
Simon Moss is the Chief Executive Officer of Symphony AyasdiAI with strategic and P&L leadership responsibility. He brings three decades of market-recognized business experience in financial crime, risk, and compliance, and patented leadership in financial services technology innovation in network and edge computing, cognitive analytics, and AI. Previously, Simon led Mantas, a firm that defined the founding phase of anti-money laundering (AML) and compliance behavior detection, led multiple other firms as founder, CEO, or board director, and most recently was global head of AI and automation for Infosys Consulting. He delivers a unique balance of strong leadership, deep subject expertise, and focused technology knowledge.