Money laundering is one of the global financial system’s biggest issues. As technology develops, so too do the attempts to defraud institutions.
According to a study by LexisNexis, in 2022, financial institutions globally face compliance costs of an estimated $274 billion. This amount has steadily increased, showing 54% growth in the U.S. between 2019 and 2022.
Still, financial crime is rampant. The same report found that 67% of financial institutions faced financial crimes involving digital payments and over 60% in money laundering. The amount of money laundered globally is estimated to be between 2-5%, the equivalent of between $2 trillion and $5 trillion.
Making up a large portion of the banking compliance framework, financial institutions worldwide are adjusting their systems to target the mounting issue better. However, this can be costly regarding resources and customer retention, with “de-risking” measures potentially closing off financial services to vulnerable consumers.
Like many issues in the financial system, institutions are turning to technology to create more efficient AML solutions. The Bank of International Settlements (BIS) released a report in May 2023, setting out their research in the field.
Approaching AML as a network
The report focuses on Project Aurora– a strategic approach for using innovative technologies to target the AML landscape.
“With Aurora, the BIS re-evaluates the “siloed” approach to AML systems currently used by banks,” said Richard Turrin, Author of “Cashless.” “The problem is that money launders use networks that defy detection. It takes a network, not a siloed bank, to track a network.”
Leveraging financial data to employ machine learning models and AI, Project Aurora proposed a “holistic view of payments” beyond individual institutions and nations. On a national level, BIS found that transaction monitoring, collaborative analysis, and learning (CAL) arrangements could be deployed, allowing monitoring of the payments network as a whole rather than those payments passing through individual banks.
The same approach could be taken by central banks, opening the path to cross-border capabilities. BIS also stated it could be incorporated into the ongoing development of CBDCs, allowing nations to use digital currency to monitor financial crime easily.
Using the network approach, AI and machine learning could be applied to identify suspicious activity. “Unsurprisingly, machine learning beat existing systems when deployed at the single financial institution, national, and cross-border levels,” commented Turrin.
ISO 20022 could enhance capabilities
BIS highlighted that global adoption of the ISO 20022 financial messaging standard could be opportune for deploying such systems.
While ISO 20022 was first developed in 2004, 2022-2024 is a critical period for adoption.
In 2022, SWIFT made the processing of the standard mandatory for certain financial institutions, and many additional euro payment systems also got on board. The UK housing banking systems on CHAPS also started migrating transactions to the ISO 20022 standard. The U.S. is set to follow in 2024.
By 2023, ISO 20022 will account for 80% of high transaction volumes and 87% of high transaction values.
Why is this significant? ISO 20022 allows for a much higher level of transaction data than the previous standard (ISO 15022). More data could drive financial institutions’ ability to target issues and create new products based on data analysis.
In the case of Project Aurora, BIS has stated that the global standardization of transactions in different networks could make it easier to identify suspicious transactions. The bank said in its report, “Money launderers exploit the complexity of the global financial system, information asymmetries due to gaps in regulatory data visibility and the ability to share information and differences in national laws.”
Applying standardization in financial messaging could reduce some of this complexity.
Privacy caught in the crossfire
Worldwide, data protection standards have been implemented to protect consumers’ privacy. Increasing the availability of data and a view into transactions may be beneficial in targeting AML. However, if mishandled, it could compromise the general privacy of consumers (not to mention sparking outrage and fear of a real-life Orwell’s 1984).
One of the challenges BIS identified in implementing Project Aurora to target AML is the privacy concern. “Balancing privacy protection and effective AML/CFT measures is complex, as it involves navigating legal, ethical, and technical considerations to address the objectives of privacy and security.”
To this, the report suggests the implementation of privacy-enhancing technologies (PETs) in conjunction with the network approach to monitoring.
PETs are designed to protect sensitive information, regardless of data transference between institutions. This is done while simultaneously allowing for analytical methods to be applied.
Related:
Currently at the “forefront of innovation,” different PETs can be applied for different outcomes and come with their risks and limitations. Three were tested within the project to find their viability for balancing access to information with data privacy.
Using approaches like data encryption and obfuscation, BIS found that the AI models could be applied to transaction data while maintaining high levels of privacy.
The results of experiments found that detecting money laundering was much more efficient than current approaches with siloed entities. Using the networks while maintaining data privacy yielded a detection rate of between 60%-75%, which differed according to the network type (with varying levels of decentralization). This was a vast improvement on current approaches, which yielded an average of under 25%.
Stepping stones toward reducing money laundering
Although many of the components of Project Aurora are still in the early stages, the report showed optimism in improving AML approaches. The experiments showed the efficiency of AI and network monitoring, improving detection by over 30%.
Legislation around AI is still relatively nascent, with only Europe releasing an AI-specific set of rules. In addition, BIS noted that using networks, as opposed to siloed financial institutions, would require more regulation and legal considerations.
The bank also highlighted the risks of new payment systems such as real-time payments and CBDC. Offering “novel possibilities” for payments, the report warned implementation could result in novel vectors for crime.
Despite this, the results showed a potential light at the end of the money laundering tunnel, which institutions can use for future development.