1. What does anti-money laundering screening involve?
Anti-money laundering (AML) screening ultimately aims to match names to profiles of sanctioned individuals, PEPs (Politically Exposed People), other watchlists and to people mentioned in relation to general risk in the media. The screening methods differ on a case-by-case basis, depending on the type of business, purpose of screening and the data that is being screened.
Certain businesses, such as banks and other financial institutions are highly regulated and must comply with strict regulatory guidelines relating to customer screening to avoid a range of repercussions. However, other less regulated organisations such as insurance and gambling companies have screening expectations to ensure compliance. Otherwise, these entities risk losing their license to do business.
When setting up AML screening, teams must first decide which lists they screen against. Companies must avoid doing business with sanctioned individuals to stay within the law, however other areas can be more grey. For example, avoiding doing business with individuals or companies connected to the Russian and Belarussian regimes may not be a strict legal requirement, but can be pertinent when firms are thinking about reputational risk.
It is best practice in AML screening to scan for matches against adverse media, which highlights a wide range of the risks at an early stage as allegations and other news appears. The best screening solutions work across multiple languages and scripts, meaning that international mentions can also be accurately flagged.
2. What are the main challenges?
In terms of screening individuals, challenges often arise when a person has a particularly common name, the same name as a celebrity or other famous individual. If an individual is called John Smith or Tom Jones, this can massively complicate finding matches and make it challenging to identify relevant risks. In different languages, a name can be written in different scripts or with transliteration, therefore creating yet another challenge for analysts. Particularly when analysts are manually processing huge amounts of unstructured data, this can often feel insurmountable and exhausting.
Another challenge facing compliance officers is that different jurisdictions have different perspectives on sanctions. And countries such as the US have a particularly stringent approach. Therefore, companies operating internationally must align their policies carefully to ensure they are balancing risk and compliance approaches across jurisdictions.
3. Why is this important to businesses?
Customer screening is essential in regulated industries which must follow certain guidelines in order to operate. Penalties for non-compliance are wide ranging including substantial fines, loss of business licences and even jail time for responsible executives. However, even in industries without stringent regulations, many businesses screen to protect themselves from criminal behaviour as well as the reputational risk associated with having problematic customers.
Beyond being motivated by the threat of regulatory and other consequences, many business leaders are strongly led by ethics. The consequences of poor AML and CFT controls are ultimately some of the most pernicious issues in modern society, including terrorism, drug dealing, modern day slavery, and illegal arms, which cause widespread societal harm to innocent individuals.
4. How does AI impact this process?
The use of AI in compliance activities such as customer screening has been widely discussed and can be controversial. The very latest generative AI models are likely to further complicate the way that compliance officers are thinking about the right role for AI tools.
The task of compliance officers and analysts is often compared to looking for a needle in a haystack. When faced with huge quantities of data, it can be challenging to find all elements of risk. After many years of reluctance to adopt machine learning models and other AI technology, firms are taking advantage of the ability to use analytics to help compliance analysts identify important risks accurately at scale. Rather than replacing the analysts themselves, AI is generally being used to enable analysts to work more efficiently – correctly flagging when important risks need attention.
Successful deployment of AI in customer screening must be explainable so that firms can adequately communicate to regulators the impact of models on overall performance. While Generative AI models or LLMs such as ChatGPT promise to supercharge AI in general, there will be challenges to make sure those models can be explainable.
5. What does effective AI look like in a compliance context?
While AI used in compliance must always be clearly explainable, effective AI solutions will vary between different compliance activities. For instance, in transaction monitoring, it is essential that machine learning models must operate effectively in low-latency and high-volume settings.
When thinking about customer screening, there are several applications, but AI is particularly effective when dealing with large quantities of unstructured data. In one example, a new AI was developed to classify and group adverse media articles, enabling a US investment banking unit to reduce the time required to screen a new customer from 14 minutes to 3 minutes on average.
6. Can companies create their own AI-powered AML screening systems?
If a company has a wealth of in-house experience in machine learning and artificial intelligence, it may be an attractive option to develop specific software to suit individual needs. However, there are a few considerations to take into account. It is important to update models and take advantage of the latest technology innovations. That can quickly become expensive, particularly when taking into account the cost of preparing and maintaining training data. It can often be more cost effective to work with a vendor who will handle ongoing maintenance, can bring best practice experience, and may well have extensive data assets.
Regardless of the system used, it is crucial that good model governance is maintained from the outset, to understand performance and provide transparency. Otherwise, a regulator is likely to question the effectiveness of the system in place and demand further information or investigations.
In an ever-changing threat landscape, AI can give analysts the upper hand they need to efficiently detect bad actors within their organisation and deal with them in the appropriate manner. Without this technology, threat detection may feel like an insurmountable task.
