beyond detection - nice systems · make informed technology and business decisions by providing...
TRANSCRIPT
Beyond DetectionDriving Automation and Artificial Intelligence into Financial Crime Risk Management
Research partner
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved2 | Beyond Detection
Chartis Research is the leading provider of research and analysis on the global market for risk technology. It is part of Infopro Digital, which owns market-leading brands such as Risk and WatersTechnology. Chartis’ goal is to support enterprises as they drive business performance through improved risk management, corporate governance and compliance, and to help clients make informed technology and business decisions by providing in-depth analysis and actionable advice on virtually all aspects of risk technology. Areas of expertise include:
• Credit risk.• Operational risk and governance, risk and
compliance (GRC).• Market risk.• Asset and liability management (ALM) and
liquidity risk.• Energy and commodity trading risk.• Financial crime including trader surveillance, anti-
fraud and anti-money laundering.• Cyber risk management.• Insurance risk.• Regulatory requirements including Basel 2 and
3, Dodd-Frank, MiFID II and Solvency II. Chartis is solely focused on risk and compliance technology, which gives it a significant advantage over generic market analysts.
The firm has brought together a leading team of analysts and advisors from the risk management and financial services industries. This team has hands-on experience of implementing and developing risk management systems and programs for Fortune 500 companies and leading consulting houses.
Visit www.chartis-research.com for more information.
Join our global online community at www.risktech-forum.com.
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved.
No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of Infopro Digital Services Limited. The facts contained within this report are believed to be correct at the time of publication but cannot be guaranteed.
Please note that the findings, conclusions and recommendations Chartis Research delivers will be based on information gathered in good faith, whose accuracy we cannot guarantee. Chartis Research accepts no liability whatever for actions taken based on any information that may subsequently prove to be incorrect or errors in our analysis. See ‘Terms and conditions’ on www.chartis-research.com.
RiskTech100®, RiskTech Quadrant®, FinTech Quadrant™ and The Risk Enabled Enterprise® are Registered Trade Marks of Infopro Digital Services Limited.
Unauthorized use of Chartis’ name and trademarks is strictly prohibited and subject to legal penalties.
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved3 | Beyond Detection
NICE Actimize, a provider of financial crime, anti-money laundering, enterprise fraud and compliance solutions, is a Category Leader in all current Chartis.Financial Crime Risk Management (FCRM) reports, and an FCRM award winner (for Financial Crime Applications) in Charts’ RiskTech100® 2019 ranking.
Everything NICE Actimize does is about Analytics and Investigation, and the company is a leader in Autonomous Financial Crime Management. The Autonomous journey encompasses NICE Actimize’s ActOne, which aims to transform financial crime investigations by providing intelligent automation and visual storytelling for speed and accuracy.
Intelligent automation saves time by enabling a virtual workforce of robots to collaborate with human investigators, while visual storytelling uncovers more risks by showing relationships between entities, alerts and cases in a visual manner.
The Autonomous path continues with the release of X-Sight, NICE Actimize’s Financial Crime Risk Management Platform-as-a-Service, which leverages the cloud. For more information, contact [email protected].
About NICE Actimize
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved4 | Beyond Detection
Table of contents
1. Introduction 6
2. AI and automation in action 7
3. New territory – the expanding role of automation and AI in FCRM 8
4. Making it work 13
5. How to use research and services from Chartis 14
6. Further reading 15
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved5 | Beyond Detection
List of figures and tables
Figure 1: The automation process cycle 7
Figure 2: The AI iteration process 7
Figure 3: AI in the fraud management process 8
Figure 4: Components of the entity screening process 9
Figure 5: A Machine Learning algorithm as a decision-maker 10
Figure 6: A Machine Learning algorithm as an input 11
Figure 7: AML transaction monitoring process 11
Figure 8: Trade communications surveillance process 12
Table 1: Comparison of automation and AI – aims, benefits and requirements 7
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved6 | Beyond Detection
The FIU’s foundation
As explored in the report preceding this one, Three essential steps to a better FIU (published in November 2018), a technology-driven Financial Investigation Unit (FIU) can prove highly beneficial in bolstering a Financial Institution’s (FI’s) investigative capabilities. A well designed and implemented FIU will help FIs tackle financial crime while at the same time reducing costs.
As outlined in our previous paper, to accomplish this an FIU requires three critical elements: strong leadership, a pragmatic data strategy and powerful case management functionality. This report will focus on Artificial Intelligence (AI) and automation – two key technologies that underlie an FIU’s systems, and help maximize its efficiency, by reallocating time-consuming and labor-intensive processes (such as Suspicious Activity Report [SAR] filing and negative news monitoring) away from the desks of Full-Time Employees (FTEs).
Cutting through the hype
The hype around automation and AI has risen to a fever pitch over the past few years. Meanwhile, FIs also find themselves facing a number of new challenges that have boosted the appeal of AI-based technologies. For example:
• Regulatory pressure. New regulations, and the massive volumes of data required for compliance, need new tools to address them.
• Ballooning staff numbers. To deliver compliance, FIs have also hired many new FTEs to aggregate and report on the risk data processed within their organizations. AI presents new opportunities to optimize workloads and manage costs.
• Data demands. The vast lakes of data generated by digitization and its ‘3Vs’ – volume, variety, velocity – present significant integrity and control challenges, which can be effectively addressed by AI.
Facing these difficulties, FIs’ system selection staff must ensure they have the knowledge to cut through the hype to find the right systems and supporting architectures to address their specific use cases. This report examines automation and AI, two integral tools for an FIU. Though each can boost efficiency on its own, bringing them together within processes can also generate greater benefits. Automation and AI have seen rapid uptake in payment fraud, but are now being deployed in other areas of financial crime. This report explores these use cases, looking at entity screening, transaction monitoring, and trade communications surveillance.
1. Introduction
This report examines AI and automation within the context of an FIU. It explores how these technologies can help in AML and trade surveillance, and offers practical advice on overcoming organizational and regulatory obstacles to their deployment.
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved7 | Beyond Detection
Though the terms automation and AI are often used interchangeably, the concepts are not equivalent. Automation is ‘the technology by which a procedure is performed without human intervention’ (see Figure 1).
Figure 1: The automation process cycle
Collecting expected
data
Programmed interpretation
Agreed adjustment
Refreshed data
collection
Source: Chartis Research
In contrast, AI represents a collection of iterative statistical techniques that can be applied in a variety of areas. Instead of the event series used in automation, AI relies on a set of dynamic processes that constantly change as new data is incorporated (see Figure 2).
Figure 2: The AI iteration process
New non-standardized data
Enhanced process on the basis of incoming data
Updated outcome
Source: Chartis Research
Given the fundamental differences between these concepts, technology buyers must be
clear on the aims, benefits and requirements of each (see Table 1). Though they may sometimes overlap, automation and AI have different aims, requirements and applications, and FIs must be aware of these before employing either technique.
Working together – assisted automation
The solution is often to apply automation and AI together, to maximize their benefits and ensure the best fit for the task at hand. This is best accomplished by targeting repetitive tasks that require a high degree of accuracy.
Those areas of financial crime compliance that will benefit most from this approach require the review of large volumes of material and the deduction of a pattern of markers that indicate suspicious activity. Negative news screening, for example, is one area where automation and AI can help FIs meet their compliance requirements more efficiently.
2. AI and automation in action
Table 1: Comparison of automation and AI – aims, benefits and requirements
Automation AI
Aim Reduce time spent. Automating tasks in a workflow reduces the length of time the workflow requires.
Improve iterative accuracy. Introducing AI into processes based on training data improves the accuracy of those processes.
Benefits Reduced time.
Reduced FTE numbers.
Improved accuracy.
Interpretation of unstructured data and non-linear patterns.
Requirements Consistent, repeated actions.
Easily classified data.
Rules-based activity.
Constant, good quality input data.
Procedural transparency.
Effective AI training.
Adequate underlying hardware and software.
Source: Chartis Research
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved8 | Beyond Detection
AI now established in payments fraud
AI has been applied relatively recently in Financial Crime Risk Management (FCRM), most successfully in payment fraud systems. FIs and vendors have deployed Machine Learning (ML) to look for suspicious patterns of behavior. By comparing the activity surrounding a transaction request – location and timing, for example – with past events, a transaction can be rapidly accepted or rejected (see Figure 3).
AI works well in this setting because transaction times are quick and transaction volumes are high, supplying a large volume of data to train algorithms. Most importantly, the effect of false negatives is relatively minor, mainly resulting in direct business losses rather than regulatory punishment.
The expansion of AI in FCRM
Although other areas of FCRM have remained more reliant on non-AI rules-based systems, this is changing. This report examines three new areas in which AI is making its presence felt:
• Entity screening and negative news monitoring for Anti-Money Laundering (AML) and Know Your Customer (KYC).
• Transaction monitoring for AML.
• Market abuse detection for trade communications surveillance.
Importantly, AML and trade communications surveillance both differ from payment fraud in three key ways:
3. New territory – the expanding role of automation and AI in FCRM
Figure 3: AI in the fraud management process
1.
2.
User
Input platform (mobile, bank teller, internet,
etc.)
Data management and mapping
Behavioral model
Anomaly detection
Organization
Automated response systemBlock/flag Confirm
Human interaction
Expectedbehavior
ValidateReject
ValidateReject
Un
expected
beh
avior
Escalate
Techniques utilized:1. Segmentation analytics2. Supervised Machine Learning
Source: Chartis Research
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved9 | Beyond Detection
• In AML, transaction volumes are often lower than in payment fraud, making it more difficult for FIs to successfully train their algorithms.
• In trade communications surveillance, the abuse typologies are much more complex than in payment fraud.
• Penalties for regulatory infringement in both AML and trade communications are much greater, as are the reputational risks associated with both.
These differences have, until recently, inhibited the use of automation and especially AI. However, recent technological advances and the underlying maturation of AI solutions mean that they are now capable of overcoming these challenges, bridging into these areas through the means of assisted automation.
In particular, Graphical Processing Units (GPUs) and High-Performance Computing (HPC) have boosted the processing power available to AI algorithms at a time when data volumes have seen massive growth. Though a challenge for staff tasked with data management, this provides a greater flow of information with which to train AI/ML algorithms, making them a more natural choice for buyers. This shift into AI is further supported by its wider adoption in non-financial contexts, as numbers of suitable staff rise. But while the number of available data science and analytics professionals who can staff financial crime compliance departments and develop the required systems has increased, competition for the most competent staff is fierce.
1 A metric used to measure differences between sequences (such as similar words).
Exploiting these trends, we see FIs expanding their use of automation and AI in FCRM. The next section examines three key areas of development where these technologies are being used in more sophisticated applications, and what this means for institutions’ FIUs.
Automation and AI – entity screening
One area that clearly illustrates the different applications of automation and AI is entity screening (see Figure 4), which comprises three main elements:
• Screening against sanctions lists.
• Screening against internal ‘blacklists’ and ‘whitelists’.
• Screening for negative news.
The first two areas are analytically straightforward, typically using ‘fuzzy matching’ algorithms such as the Levenshtein distance1. Name matching will not benefit from radically advanced analytical approaches – indeed, regulators may be suspicious of a name-matching engine that strays outside established bounds.
In addition, failing to execute these components of entity screening correctly carries severe consequences for FIs – if a sanctioned or blacklisted entity slips through the net, fines and business losses may result. Fines for these compliance failures are already high – over a
Figure 4: Components of the entity screening process
Screen against internal blacklists/
whitelists
Screen against sanctions database
Screen for negative news
media
Enter entity name
Confirm whether to proceed with interaction with entity
1. 2. 3.
Techniques utilized: 1. Fuzzy matching2. Fuzzy matching3. Sentiment analytics/
Natural Language Processing
Source: Chartis Research
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved10 | Beyond Detection
billion dollars in at least one recent example – and are likely to be higher if staff cannot explain how a new name-screening algorithm failed to catch an entity. This underscores the importance of explainable algorithms, whether they employ artificial intelligence or not.
Notably, however, although the first two components of name screening are resistant to AI, they are good candidates for automation, following a simple set of rules-based steps with easily classified data and outcomes.
Negative news monitoring offers a more appealing target for the use of AI. Firstly, patterns of suspicious activity are not as clear as matches made using the Levenshtein algorithm, and will likely be buried under masses of extraneous information that may not appear relevant to a human investigator. Facing this challenge, firms are now increasingly using AI techniques (such as Natural Language Processing [NLP] and sentiment analysis) to determine whether counterparties have engaged in criminal activity that has been reported in news or other public data sets.
Furthermore, regulators, cognizant of the volume of data FIs must process, are more open to approaches that use untested analytical techniques as long as they have some indication of how the tools work. As a result, FIs are more comfortable deploying AI in news screening than in other parts of entity screening.
Automation and AI – transaction monitoring for AML
When determining whether a transaction represents an attempt to launder money, FIs must first consider two factors:
• Who is the person transacting?
• How does their activity (time of transaction, for example) compare with past behavior?
To do this, FIs must set detection thresholds. This is at least a partially normative process that presents two potential pitfalls:
• If thresholds are set too high, FIs run the risk that suspicious behavior will slip through the net.
• If thresholds are set too low, FIs face a wave of false positives.
Many large FIs opt for lower thresholds, requiring FTEs to labor through large numbers of flagged transactions that prove legitimate upon investigation. This is inefficient, and presents a good use case for AI techniques, which provide a useful way to reduce the human workload in transaction monitoring (see Figure 5).
However, they should not be used wholesale to flag suspicious individuals or transactions. Rather,
Figure 5: A Machine Learning algorithm as a decision-maker
Machine Learningalgorithm
Major decision step
Collection of entities, perhaps containing threat actors Flagged entity
‘Safe’ entity
The Machine Learning algorithm is performing the major decision step in the process, in determining which entities are ‘safe’ and which are flagged. This is considered to be risky, as the firm must be very confident in the algorithm and how it is being explained.
Source: Chartis Research
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved11 | Beyond Detection
FIs should employ AI-powered segmentation analytics and graph analytics to establish groups of individuals who behave in a similar way. Using known datasets of suspicious transactions, FIs can then train ML models and more finely tune transaction thresholds. The groups produced by segmentation can then be fed into risk scoring analytics tailored to each group (see Figure 6).
This two-stage approach is preferred because AI techniques often resist explanation. A middle ground that regulators are likely to be more satisfied with lies in AI segmentation followed by rules-based risk scoring with thresholds tuned to each group.
Automation techniques are also useful in broader AML. In particular, FIs can use Robotic Process Automation (RPA) to automate repetitive, time-consuming tasks such as SARs filing. Specific techniques include screen-scraping and predictive text analytics in order to fill fields and find information automatically, instead of requiring investigators to search and input data manually (see Figure 7).
Automation and AI – communications monitoring for trade surveillance
Communications surveillance for market abuse detection has traditionally proven highly resistant to automation and AI. This is due to
the complexity of the typologies that constitute market abuse, which takes many forms and can involve perpetrators employing elaborate countermeasures to hide their tracks. Such countermeasures are all the more effective because communications surveillance requires the processing of unstructured data, which offers a myriad of methods to disguise abuse. Most
Figure 7: AML transaction monitoring process
Transaction logged
Alert received
Investigator
Match against
behaviorprofiles
Match against
scenarios
Non-suspicious
file
File Suspicious
Activity Report
Suspicious
Non-suspicious
1. 2.
3.
File false positive report
Non-suspicious
4.
Suspicious
Techniques utilized: 1. Segmentation analysis2. Threshold analysis3. RPA/NLP4. RPA/NLP
Source: Chartis Research
Figure 6: A Machine Learning algorithm as an input
Input Data (e.g. accounts, client behavior, histories, etc.)
Output Data (segmented
and organized)
Machine Learning Engine
Decision Engine
Results (e.g. credit scores,
SARs, etc.)
A note on generated outputs…
Outputs may include the following types:
• Client segments (segmented by an optimal property set)
• Client behavioral parameters• Client or device reputation
Note: these generated outputs will now be the input into the rules-based/conventional statistical model-based decision engine.
Source: Chartis Research
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved12 | Beyond Detection
importantly, training AI systems effectively is difficult when cases of true market abuse are so rare.
However, recent advances mean that AI has become more attractive as a tool for FIs to tune detection thresholds and reduce false positives. Trade surveillance systems can use speech engines (many of which are based on neural nets) as well as NLP to better detect signals of market abuse in traders’ communications. AI can also be used to generate behavior-based trader models – combinations of trade data with electronic and voice communications records that help FIs track emerging patterns of behavior to predict latent risks (see Figure 8).
Figure 8: Trade communications surveillance process
Audio recording
Digital communications
Audio track and metadata extraction
Audio data store
Queries and alerts
1. 2.
3.
Techniques utilized: 1. Speech engines2. Sentiment analytics/NLP3. Sentiment analytics/NLP
Source: Chartis Research
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved13 | Beyond Detection
These areas make attractive targets for automation and AI, but deploying these technologies properly and deriving their benefits, particularly within an FIU, carries several practical challenges. The key issue FIs must confront in deploying automation is a tendency to target overly ambitious goals. Numerous RPA projects have failed because the processes FIs chose to modify have been insufficiently understood, leading to a mismatch between institutions’ expectations and the capabilities of automated systems.
In contrast, AI implementations face fewer challenges around their efficacy and more around the explication they provide. FI boards fear regulators and compliance teams fear the board, making sign-off for opaque analytical tools difficult to obtain.
To surmount this hurdle, FIs should consider three core recommendations:
• They must properly examine and explain where, why, and how they will deploy AI. In turn, systems designers must ensure that these tools have sufficient explication – around how they improve upon existing systems and how analytics arrive at their outputs. Historical data sets that demonstrate how ML models have been trained, for example, are vital in addressing these points.
• All FIs should sound out their relevant regulators before, during and after deployment of applications that use AI in a significant way. While regulators generally are increasingly comfortable with the use of AI tools at the pre-processing level, they remain wary of its use for decision-making purposes. We therefore also recommend that FIs show strong commitment to validation and benchmarking of any statistical tools across all processes, regardless of whether they leverage AI-based tools or more conventional statistical methods.
• FIs will derive the greatest benefits from assisted automation that combines judicious deployment of AI with realistic use of automation. For example, FIs must comply with strict regulatory requirements and, for the foreseeable future, these will mandate that a human oversees automated and AI-powered tools. Institutions must therefore maintain clear lines that demarcate responsibility for processes such as onboarding and sanctions screening.
Moving forward
Using the approaches laid out above, FIs can combine automation and AI to reduce the ‘busywork’ FTEs must shoulder within an FIU, thereby increasing the firm’s efficiency. This requires that FIs clearly understand where automation and AI – and which specific techniques – can benefit their financial crime compliance departments.
FIs leading the pack must be able to validate, benchmark, and demonstrate the efficacy of new systems to regulators and stakeholders. In return they can reap rewards by improving accuracy and reducing manual workloads.
4. Making it work
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved14 | Beyond Detection
For risk technology buyers
If you are purchasing risk management software, Chartis’s vendor selection service is designed to help you find the most appropriate risk technology solution for your needs.
We monitor the market to identify the strengths and weaknesses of the different risk technology solutions, and track the post-sales performance of companies selling and implementing these systems. Our market intelligence includes key decision criteria such as TCO (total cost of ownership) comparisons and customer satisfaction ratings.
Our research and advisory services cover a range of risk and compliance management topics such as credit risk, market risk, operational risk, GRC, financial crime, liquidity risk, asset and liability management, collateral management, regulatory compliance, risk data aggregation, risk analytics and risk BI.
Our vendor selection services include:
• Buy vs. build decision support
• Business and functional requirements gathering
• Identification of suitable risk and compliance implementation partners
• Review of vendor proposals
• Assessment of vendor presentations and demonstrations
• Definition and execution of Proof-of-Concept (PoC) projects
• Due diligence activities.
For risk technology vendors
Strategy
Chartis can provide specific strategy advice for risk technology vendors and innovators, with a special focus on growth strategy, product direction, go-to-market plans, and more. Some of our specific offerings include:
• Market analysis, including market segmentation, market demands, buyer needs, and competitive forces
• Strategy sessions focused on aligning product and company direction based upon analyst data, research, and market intelligence
• Advice on go-to-market positioning, messaging, and lead generation
• Advice on pricing strategy, alliance strategy, and licensing/pricing models
Thought leadership
Risk technology vendors can also engage Chartis to provide thought leadership on industry trends in the form of in-person speeches and webinars, as well as custom research and thought-leadership reports. Target audiences and objectives range from internal teams to customer and user conferences. Some recent examples include:
• Participation on a ‘Panel of Experts’ at a global user conference for a leading Global ERM (Enterprise Risk Management) software vendor
• Custom research and thought-leadership paper on Basel 3 and implications for risk technology.
• Webinar on Financial Crime Risk Management
• Internal education of sales team on key regulatory and business trends and engaging C-level decision makers
5. How to use research and services from Chartis
In addition to our flagship industry reports, Chartis offers customized information and consulting services. Our in-depth knowledge of the risk technology market and best practice allows us to provide high-quality and cost-effective advice to our clients. If you found this report informative and useful, you may be interested in the following services from Chartis.
© Copyright Infopro Digital Services Limited 2019. All Rights Reserved15 | Beyond Detection
Three essential steps to a better FIU
Financial Crime Risk Management Systems: Enterprise Fraud; Market Update 2018
Financial Crime Risk Management Systems: Know Your Customer; Market Update 2018
Financial Crime Risk Management Systems: Market Update 2017
Spotlight: Artificial Intelligence in finance – a primer
Spotlight on Cryptocurrencies
For all these reports, see www.chartis-research.com
6. Further reading