The Pervasiveness of Financial Crime
Client: Cloudera. Published on September 12, 2019 on Medium
Money laundering crime permeates all levels of the financial services industry because criminal networks are:
Creative
Connected
Collaborative
Ready to exploit any opportunity inside or around the edges of your business operations.
Financial Crime is both pervasive and rapidly-evolving. Surges in human trafficking, synthetic identity fraud and crime at the edge of the banking network require new approaches to financial crime which work beyond the neat boundary lines of business functions. This story is the first of three about moving towards the next generation of financial crimes platform.
This story describes the challenges we face when combating financial crime with a focus on money laundering. Subsequent stories will describe how the financial services industry has changed its approach and how we can execute proactive solutions by moving towards the next generation financial crimes platform.
The Disadvantages of Well Structured Environments
Money laundering crime permeates all levels of the financial services industry because criminal networks are creative, connected, collaborative, and ready to exploit any opportunity inside or around the edges of your business operations. [1] They are opportunistic and do not organize their work within neat boundary lines of business functions or crime typologies.
In contrast, we in the financial services industry work best in structured environments that have clear boundaries of business functions, methods, and technologies. It helps us to focus on the job at hand and to fully leverage our subject matter expertise. Such well-structured environments make for productive working environments.
With regard to financial crime, the financial services industry has, by design, developed silos of delineated, specialized functions such as cyber security, anti-money laundering, fraud prevention, and internal surveillance. Each may succeed in isolation, but as a whole, we put ourselves at a significant disadvantage. The forgotten space in-between silos provides criminals with a blank canvas to work from and represents intelligence gaps that inhibit our ability to disrupt crime at its origin.
Money Laundering Crimes In Context
Although money laundering is a crime, it is not a root or predicate crime. Money laundering is a mechanism to “cash-out” of underlying crimes like cyber-crime, fraud, human trafficking, and drug smuggling[2]. It is also a mechanism by which to finance other crimes like terrorism, bribery, and corruption. Money laundering and terrorist financing are so closely related that the acronyms are often joined together as in “AML/CFT” (Anti Money Laundering/Combating the Financing of Terrorism).
Enforcement actions related to AML have been on the rise. Since 2009, regulators have levied approximately USD32 billion in AML-related fines globally[1]. That sounds like a lot but that number only covers the incidents that have been uncovered and the penalties are usually against lax processes and procedures, not root or predicate crimes.
Money laundering investigation should be seen in the context of the awful things that happen to people and not in the abstract of global banks being fined billions of dollars for infractions that took place years or even a decade earlier.
Think of it this way: human trafficking finances terrorism through money laundering and those links in a crime chain affect individual men, women, and children.[3]
To put the money in perspective, human trafficking for sexual exploitation and forced labor (modern slavery) is one of the most profitable crime typologies out there. The International Labor Organisation has estimated that forced labor, which is only one of three types of human trafficking, has generated USD150.2 billion in illicit proceeds per year[2]. For context, compare that number to aforementioned USD32 billion in fines over ten years.
Victims Fund Crime
The diagram below is based on a real human trafficking use case described in a recent report by the Financial Action Task Force (FATF) entitled, “Financial Flows from Human Trafficking”[3]. It illustrates a crime that spans across multiple lines of business (retail banking, commercial banking, and investment banking) and a variety of crime types (human trafficking, identity theft, fraud, and money laundering). This example also demonstrates how victims of human trafficking can be forced to provide the money that is ultimately laundered for greater proceeds.
Source: Cloudera
This story is summarized as follows:
There are three “gangmasters” to this scheme, Mr. A, Mr. B, and Mr. C.
Mr. A “recruits” individuals from India and Bangladesh to work for a logistics firm in Italy. They agree that Mr. A will cover travel and arrangements and will be reimbursed by the individuals after they start their jobs.
Mr. A escorts the victims to open up bank accounts at a retail branch.
The victims work for the logistics firm and get normal direct deposit payments.
The victims have to pay Mr. A. for the “services” he provided to them.
Mr. B is given the victims’ ATM cards and makes withdrawals that he then gives to Mr. C for a money-laundering scam.
Mr. C opens up fake companies under the victims’ names.
The fake companies have commercial bank accounts that can then take out loans, invoice and pay each other for services, and make investments with investment banks (in this case the commercial and investment banks are the money laundering victims).
The gangsters made USD2.5 million within two and a half years.
The illicit activity was uncovered by local law enforcement when they investigated an informal strike by immigrant workers at the logistics firm after it was reported in the local news media. The victims were not only victimized but they were also forced to fund the money laundering scam. In the end, they saved themselves through protest.
Intelligence Gaps
Viewed in isolation, each activity within the line of business silo looks OK. The victims who opened the bank accounts were legally there. They had work visas and had a job that was paying prevailing wages. From the commercial banks' point of view, these names had a credit history with the retail bank and the illicit transactions moved on from there. Had the retail bank flagged other types of signals such as physical behaviors or suspicious usage of the ATM cards, the chain of events might have been broken and the duration of abuse shortened.
The diagram below illustrates the challenges of uncovering crimes like these within a siloed environment described at the beginning of this story. Each bank line of business is separated from each other. Furthermore, internally, the teams that combat financial crime, work in isolation based on their expertise.
Source: Cloudera
Ultimately, in the use case described above, it was local media and law enforcement that disrupted the crime but for the “what-if” purposes of this story, I’ve color-coded the diagram (in orange) to indicate where flags could have been raised by the financial crime teams. However, even if the flags were raised, the intelligence gaps in-between the silos would probably have hidden any link to the larger crime story.
In contrast, the diagram below represents the same lines of business but showing a holistic approach to data sharing and collaboration along with a proposed scenario listed below.
Source: Cloudera
Local law enforcement and the Retail Branch consult each other. They are both aware of reports or indication of cheap labor or unfair business practices in the area.
Branch notes that a number of customers (victims) read their address from a form and use an interpreter at account opening and for conducting transactions.
Retail Bank Fraud Team notes that a collection of ATM cards are used at the same location and time. Video also shows that customers (victims) are always accompanied by someone else.
Commercial Banking AML team sees that commercial accounts are being opened in the same name as the customers flagged above.
Investment Banking AML team sees the same red flags as above.
A holistic and collaborative process enables them to stitch together the bigger crime story.
Integrating Indicators
From a data platform point of view, consider all the indicators we are trying to join together and the types and sources of related data.
Transactional Data: The ATM in this story but also consider contactless payments and wearable devices at the edges of the banking network.
Behavioral Data (1): This relates to Know Your Customer (KYC) that is a structured account of the identity and documented relationships.
Behavioral Data (2): This relates to physical behavior and is customer-facing. This could be captured through personal interaction but also through video, voice, and keyboard actions.
Location: This relates to being aware of what is going on in the local community and consulting with local law enforcement. This type of data is unstructured and could be conversational or published enforcement alerts on the web or PDF documents.
Risk aggregates: This relates to global indicators like high-risk countries, sanctions, politically exposed persons, and the like. If, for example, Asia is a source of human trafficking, the KYC in point 2 above may have flagged that.
To leverage all the indicators above, a holistic enterprise-wide KYC approach is needed that would integrate various types of data (i.e.: structured/unstructured, streaming/batch/historic), apply sophisticated analytic processes (i.e.: machine learning), and share the results across parties that need to know (i.e.: collaborate in a private and secure way).
Two Paths Toward a Solution
Our industry is actively working to solve the challenges described above. This is happening via two paths, which I will explain in the next two stories of this three-part series.
The next story will describe the path toward industry-wide collaboration. In it, I will describe the importance of the public-private partnership approach and some of the initiatives that regulators and enforcement agencies are spearheading to encourage industry-wide innovation. This approach will require your organization to collaborate externally and utilize shared inputs.
The third story of this series will describe the path towards execution. In it, I will use Cloudera as an example to describe the Next Generation Financial Crimes Platform. As a preview, here are some of the capabilities that will be described.
Hybrid architecture (on-prem & cloud) with support for multi-cloud environments.
Unification of best of breed vendor solutions for cybersecurity, fraud, anti-money laundering, and surveillance.
Integration with cutting edge FinTech firms that provide unique crime detection and prevention capabilities.
Real-time streaming, embedded analytics, alerts and dynamic transaction scoring.
Holistic enterprise view of all customer and financial crime-related data, systems, models, and processes.
Industrialization of ML & AI to support dynamic model updating and monitoring.
Common data & analytics platform that supports shared analytics and collaboration across specialized financial crime units.
Open source advances to ensure adoption of the latest technologies and algos.
If you are interested in learning more, watch the webcast: Fighting Financial Crime Using Data and Analytics.
Learn more about Cloudera in Financial Services
[1] https://www.visualcapitalist.com/why-anti-money-laundering-should-be-a-top-priority-for-financial-institutions/
[2] http://www.fatf-gafi.org/media/fatf/content/images/Human-Trafficking-2018.pdf
[3] https://www.fatf-gafi.org/media/fatf/content/images/Human-Trafficking-2018.pdf