Insights

Effective continuous Fraud and/or Money laundering detection – business rules plus anomaly detection: 1+1=3!

Implementing and optimizing business rules in combination with anomaly detection can be challenging, but is unavoidable if you pro-actively want to meet regulatory requirements.

Business rules are predefined rules and thresholds established by organizations to identify specific patterns or behaviors associated with fraud or money laundering activities. These rules are typically based on expert knowledge, regulations, industry best practices, and historical data and are effective for detecting known fraud patterns. They can provide real-time alerts when a match is found.

Anomaly detection techniques are designed to identify unusual or unexpected patterns, behaviors, or outliers in (grouped) data that might indicate fraudulent or suspicious activities. Anomaly detection algorithms analyze data against normal transaction patterns and identify activities that deviate significantly from the norm and detect novel or previously unknown fraud and money laundering attempts that don’t fit predefined rules.

By combining business rules with anomaly detection, organizations can have a more comprehensive approach to fraud and money laundering detection. They can leverage the coverage and accuracy of predefined rules while also capturing previously unknown fraud/ money laundering attempts through anomaly detection. The complementary nature of both techniques helps reduce false positives and false negatives, improving the overall detection accuracy. Examples of successes: use of cryptocurrency, unexpected international money flows.

Implementing and optimizing a combined approach can present several challenges, including challenges with data integration, data quality/variability, real time processing, model calibration and validation, organizational silo’s, privacy/ethical considerations and regulatory Compliance. With regards to the regulatory Compliance, an organization needs to make sure it aligns with various regulatory requirements, such as anti-money laundering laws, Know Your Customer (KYC) regulations, and privacy laws. Making it even more complex.

In simple words: ensuring compliance and keeping up with regulatory changes can be demanding. “If you think that compliance is expensive: try non-compliance”. This famous quote from former US Deputy Attorney General Paul McNulty will perhaps help you decide to take the next step in adding anomaly detection to your business rules!

There are several key metrics and methodologies to measure the success of continuous detection strategies. Five common approaches that will support you to evidence effectiveness:

> Detection Rate
> False Positive Rate
> Response Time
> Cost/ Efficiency
> External Benchmarks.

SYGNO is specialized in automated model generation based on good behavior and can help you to effectively reduce false positives and increase true positives, by a combined approach. We can accomplish an impressive improvement for you within 3 months.
Contact us for more information or a demo via getincontact@sygno.com.

Large language models (LLMs) like ChatGPT are making it easier than ever for criminals around the world to scale and customize their fraud.

To cope with the rise in suspicious transactions that these technologies will create, banks need solutions that can respond faster and smarter.

As traditional fraud and anti-money laundering transaction monitoring systems have improved during the past 10 years, criminals have professionalized their skills to scam people and perpetrate identity fraud. Generative artificial intelligence takes this to the next level.

These language models are already being used to create highly convincing text, from phishing conversations to fake invoices, contracts, and financial statements. Law enforcement agencies forecast a “grim outlook” as criminals exploit LLMs in increasingly sophisticated financial crimes.

“Solutions like ChatGPT have the potential to help fraudsters in mass customizing their communications with victims, making the scale of possible vulnerable individuals substantially larger and more difficult to identify,” says Sjoerd Slot, Sygno CEO. “While such providers will also need to monitor potential misuse of the technology, banks will need to see this as yet another technological fraud advancement. Static monitoring has long gone, change is the norm.”

The mainstreaming of AI is a yet another step in fraudsters advancement

The rapid growth in awareness about LLMs has been unprecedented. A wave of publicity following OpenAI’s public release of ChatGPT in November 2022 saw it gain more than 100 million users in just two months, setting a record for a consumer application. Many others have followed suit, like Google’s Bard and Meta’s LLaMA, leading to widespread use (and mis-use) of the technology.

It may already be too late to put up guardrails. The leak of Meta’s LLaMA models in March 2023 led to the release of compact open-source LLMs that can run on a laptop.

In the age of mass-market AI, traditional transaction monitoring approaches based on complex business rules will fall even further behind, increasing either the workload on compliance teams or the amount of undetected fraud – most probably both.

Instead of looking for ever-evolving suspicious behaviors directly, Sygno’s approach uses automated machine learning to train models to recognize legitimate transaction data. This type of behavioral detection is far more granular and and accurate as it is based on actual client behavior vs extrapolations of criminal activity. This can reduce the number of false positives that need to be reviewed, increase the number of true positives that are detected, and ultimately save time, money, and resources.

Transaction monitoring systems that generate excessive false positives lead to unnecessary invasion of privacy.

Striking a balance between data protection and anti-money laundering can be a challenge. Like Goldilocks, regulators want financial institutions to get it just right. They shouldn’t go on a fishing expedition and pry into customer data too much, but they also shouldn’t do too little and risk missing financial crime.

In the EU, for example, AML rules require financial institutions to implement systems that “enable the detection of unusual or suspicious transactions”, while GDPR requires data controllers to demonstrate a “legitimate interest” for processing personal data. Getting the balance right demands that FIs adopt an efficient approach to transaction monitoring.

Systems that generate excessive false positives are at risk of breaching GDPR if they lead to frequent investigations that require FIs to comb through innocent customers’ data. Hiding behind AML rules may not be a sufficient defense, as financial regulators also take a dim view of transaction monitoring systems that generate excessive false positives. There is a clear need to fight financial crime, but there is always a tension between privacy and AML provisions, as we have seen in debates around public registers of companies’ beneficial owners, sharing information, and so on.

So how should FIs deal with this tension – minimizing privacy impact while also flagging unusual and suspicious transactions?

When done right, anomaly detection algorithms result in fewer false positives and therefore fewer investigations. As a result, FIs can reduce the amount of personal data they process and lower their impact on the privacy of their valued customers. And that means we can spend more time on the risks within our portfolio.

At the same time, fewer false positives also improve our ability to detect financial crime and therefore save resources.

Getting started with detecting anomalies while respecting privacy rules

Get in touch with us to discuss how automated machine learning can help to generate anomaly detection algorithms that are just right.

Understanding how bias can affect model development is important as AI tools are more broadly adopted.

Responsible AI is undoubtedly an important topic. As financial institutions adopt AI and machine learning across their operations, it’s important that these powerful tools are rolled out carefully to prevent biases from affecting model development.

However, some of the concerns around the use of AI reflect an unwarranted fear of the unknown. Bias is a risk in all models. Transaction monitoring is a case in point. Financial institutions that rely on traditional rules-based models often classify entire categories of risk to be too high to manage. This can lead to situations where high-risk sectors or countries are almost fully being excluded.

At Sygno, we believe that our approach has the power to broaden access to finance by enabling FIs to manage risks far more efficiently than is possible using conventional models.

“The main challenge lies in the fact that fraud or money laundering activity only accounts for 0.1% of the data, creating a very unbalanced situation,” says Sjoerd Slot, Sygno’s CEO. “As a consequence of the small number of data points, risk characteristics are typically defined rather rudimentarily and when applied to the larger population result in broad indicators that potentially lead to unethical biases.”

There are two approaches that can help FIs to reduce these biases in their fight against financial crime:

1. Focus on the 99.9% of non-fraudulent behavior, allowing for far more granular indicators.
2. Use explainable models that can be evaluated for the presence of potential biases.

This way AI becomes an enabler to lower bias and unwarranted financial exclusion.

Financial institutions can achieve quick wins in the TM parts of their compliance process – without waiting for larger IT projects to be delivered.

Delaying optimizations to transaction monitoring systems can be a costly mistake. Historically, it may have seemed sensible to time upgrades around other changes in the IT environment, to minimize complexity and avoid wasting investment as systems are changed. This approach is typically known as “getting the house in order before optimizing”. But there are compelling reasons to optimize TM frameworks sooner rather than later – even during such large IT change processes.

Money launderers and other financial criminals don’t wait for IT projects to be finished. They are constantly active and adopting more sophisticated techniques, which means that financial institutions relying on non-optimized systems face an ever-growing risk of regulatory breaches. Getting it wrong, while waiting for IT projects, can have significant financial, legal and reputational consequences.

The good news is that it’s now possible to optimize TM environments and leverage this for both the existing (old) environments, as well as the renewed TM system. With automated machine learning (AutoML), rulesets and detection models can be optimized much faster than most financial institutions might expect. Quick wins can be achieved in just a few weeks and with minimal disruption.

Indeed, AI-optimized AutoML solutions can even be implemented alongside existing TM systems, completely avoiding the need to wait for a major overhaul.

An additional advantage in optimizing the TM environment first or alongside IT changes is that it creates strategic technical and compliance capacity. Immediate compliance and efficiency gains can be achieved by reducing the overhead associated with traditional frameworks, such as handling the high volume of alerts and increasing detection ratios, as well as answering regulatory pressure for sound model risk management practices to be implemented. Such as above and below the line testing (ATL/BTL).

At Sygno, our clients generate their enhanced rulesets and models based on the behavior of their good customers. Our automated model generation solution can significantly optimize your TM environment, reducing the usual time and complexity.

With such solutions, there’s no need to wait a year or even more for the delivery of a large IT project. A “smaller” enhancement can achieve huge gains quickly, saving costs, freeing up resources, and reducing risks. And the optimization can easily be transported to the renewed TM environment or automatically re-generated in the new situation.

Getting started with optimizing your TM

Get in touch to find out how you can stop waiting and start optimizing your TM environment today.

Fintechs with smaller datasets can power-up their compliance processes with AI-driven solutions.

Big financial players have been investing heavily to deploy artificial intelligence (AI) in their anti-money laundering systems. From megabanks to fintech unicorns, compliance departments are increasingly taking advantage of machine learning (ML) and big data to improve their ability to detect financial crime.

Meanwhile, smaller fintechs and financial institutions struggle to implement similar anti-money laundering programs, despite often having a strong AI capability within their core product. This is mostly because AI in the risk and compliance domain requires not just technical expertise, but also significant domain knowledge.

The assumption is that bigger is always better for AI and ML tools – and that’s true in most cases. As the amount of data increases, so does the ability to recognize criminal patterns and develop insights. However, the size of your dataset doesn’t have to be a limiting factor when using AI/ML to optimize compliance processes. Focus on the data that you do have, rather than the data you don’t. Focus on the behavior of your good customers, where you have far more datapoints.

Custom models

Smaller fintechs often rely on off-the-shelf models or rules, that will never produce the best results for everyone. This may seem like the only cost-effective option for these players, but there’s a better way.

Even smaller fintechs can generate custom models on their data. By modeling the behavior of their good customers, automated model generation can help to recognize the relevant patterns even on their smaller datasets where there are fewer anomalies that indicate financial crime.

Size matters

While this kind of approach works well at any scale, it’s particularly effective for smaller teams that don’t have the resources to manage a complex solution.

Improving compliance and transaction monitoring processes at very large financial institutions can be a daunting task that may take years to fully complete, but for smaller players it can be done much more quickly.

In practice, it’s much easier for fintechs and smaller financial institutions to optimize their compliance processes. Smaller datasets, fewer legacy environments, and flatter management hierarchies tend to mean they are much more nimble organizations. And they want to maintain that agility.

Getting started with AI-optimized compliance

At Sygno, we’re building Automated Model Generation for regional and cooperative fintechs and smaller financial institutions, based on the patterns of their good customers. Which luckily is the majority of their data.