Due diligence - a term bandied about readily with much confidence across many different sectors - broadly accepted as a process that underpins a thorough and confident appraisal of a specific business proposition, perhaps a significant merger, acquisition or other investment. At its most effective, due diligence arms a business with the facts it needs to make confident, astute decisions. At its worst, poor due diligence muddies already murky waters and potentially guides businesses down the wrong path.

To avoid the latter outcome, it’s best to avoid an off the shelf, one-size-fits-all process and instead adopt a bespoke approach that accounts for all inherent risks associated with a particular proposition.

Venture capital (VC) investment in FinTech - a booming industry - is a case in point. VCs have to understand complex business models and cutting-edge technology to pinpoint viable investment opportunities. Armed with millions, or indeed billions - $1.8billion was raised by UK FinTechs in 2017 - and facing fierce competition from other VCs, the panoply of risks presented by startup FinTechs could appear daunting.

VCs will often feel most comfortable assessing the viability of the business model, legal and financial aspects and will engage experts to evaluate the technology. That makes perfect sense. The success of a FinTech largely hinges on a successful combination of those areas and, more often than not, those are the risks most familiar to VCs. However, other stones sometimes remain unturned..

People risk is often overlooked or considered addressed through a simple criminal background check. With the wealth of information sources now available it’s perhaps remiss not to take a closer look at those who you’re investing in. Start-up scams are not uncommon in Silicon Valley; an early 2017 Fortune article explored the sector’s “unethical underside”. Are the founders who they say they are? How accurate are CVs and other stated accomplishments - the CEO of Wkriot pleaded guilty to fraud last month. Have failed attempts to fund other start-ups been disclosed, what about other initiatives that crashed spectacularly? Are other business interests in play that conflict with those of the VC? Many a business leader and politician have fallen foul of skeletons discovered in cupboards they’d long since forgotten about.

How about the culture of the firm? Is there evidence of unethical practices in the founders’ previous businesses? What does social media tell us? The merest hint of unethical behaviour could have a huge impact on culture of the firm, which in turn could lead to corners being cut, regulations not properly adhered to and risk decisions ignored or taken well outside of risk appetite.

Thorough due diligence of a FinTech couldn’t be considered complete without a close look at how its offer might be exposed to financial crime risk. The fledgling nature of the firm will mean a full risk assessment isn’t possible, but early inspection of the proposal will allow for an early judgement to be made on the type of controls and framework needed to deliver a compliant and secure product.

An effective due diligence exercise should alert a VC or other investment firm to concerns in any of these areas. However, if risks go unflagged through neglectful or absent due diligence they hold the potential to manifest further down the line with grave consequences for the VC and other stakeholders.

FINTRAIL would be delighted to discuss structuring a bespoke due diligence process for any aspect of prospective investments. Our team have deep experience in conducting due diligence for global banks, investors and government agencies and have a wealth of cutting edge tools at our disposal.

Dealing with a financial crime crisis - whether that be a backlog of suspicious reporting that has built up, facing de-risking by a partner or finding out that a sanctions process has been working ineffectively - can be an especially stressful time for clients, particularly if the issues could lead to regulatory intervention, potential losses or the restriction of banking or payments facilities.

This is not to mention the obvious and negative impacts that such a crisis can have on customer trust and the potential reputational impact; in many cases, it can be a matter of survival for the business and brand, where trust is hard won but so easily lost.

So, we wanted to share some insight on how our team approaches these tasks to help readers be better prepared and have a head-start if you find yourself in the position of crisis managing a response to financial crime issues.

• Understand the nature of the problem. This sounds like an obvious place to start but it is absolutely critical to everything that follows. If you do not genuinely understand the root cause of the issue your are facing, it makes it very difficult to put in place a response that is effective and proportionate. So for example, if you are dealing with a significant up-tick in fraud or failings in AML or sanctions controls, you need to efficiently and effectively understand the nature of the problem so you can identify the core contributing factors and develop a proportionate response.

• Develop a considered plan of action. Once you have identified the root cause/s of an issue, you need to ensure that you develop a response plan that is action focused and targeted on addressing those specific items as well as factoring in any linked or dependency tasks. For example, it is pointless implementing a new tool or process unless you train those involved in using the tool, otherwise you may just make things worse by increasing operational risk. It is worth bearing in mind that you must be able to demonstrate to your stakeholders that tangible action has been undertaken.  

• Mobilise effectively. This covers not only how you engage the services of and mobilise external parties but also those internal stakeholders or your support network. This is a careful balancing-act against the needs of normal daily business. Depending on the nature of the issue, segregating resources to focus on the crisis can be most effective. Our view of mobilisation is making sure all those involved very clearly understand the issues at hand and are aligned to the common goal of solving the problem, and that those involved have the commensurate level of accountability and authorisation from senior management. This is no time for egoes or political wranglings.

• Ensure transparency. We often get asked ‘what should we say to our bank partner’ or similar. Our advice is always the same and that is you should be transparent. In a crisis scenario, you are aiming to maintain the trust you have built with all your stakeholders and transparency and openness are key values underpinning trust. We can confidently tell you from experience that one of the fastest ways to make a difficult situation even worse is by developing an opaque strategy with your partners - when they find out, trust goes out of the window, making the situation far worse. Instead, communicating the issue, along with regular situation reports and plans for resolution will really help to continue the trust you’ve worked so hard to earn.

• Accurate and effective communication. This needs to focus on the communication intra-team  but also the flow of information to wider internal and external stakeholders. In our view there is a big difference between communicating and communicating effectively. We define effective communication as ensuring the content is received, understood and a behaviour influenced, i.e. action is taken. Accuracy in communication and information is important in a crisis scenario and at times is an area that can suffer from the impact of stress. There are times when a 70% solution on time is going to be better than 90% that is late but accuracy becomes really important when you start to communicate with stakeholders, especially those externally. Accurate and simple communication (underpinned by high quality and accurate information) creates a sense of confidence that the situation is in-hand and under control.

• Continuous Evaluation. Once you have expended effort developing a response to the issue or crisis and have started to execute, it is vital to constantly evaluate progress and impact. Has anything changed? If it has, what are you going to do about it, how and when? The re-evaluation should be ongoing but it is also a critical process once you get to a point you have achieved your objectives and exited the crisis management situation. A wash-up and/or de-brief is a vital activity as it captures lessons learned and facilitates organisational learning.

The FINTRAIL team has developed deep expertise supporting international banks, FinTech, payments and regulated sectors in response to financial crime or regulatory crisis scenarios, drawing on our capabilities across financial intelligence & investigations, compliance advisory, technology, legal and communications. Our multidisciplinary response team can mobilise rapidly in support of a client crisis, providing executive level guidance and peace-of-mind while also delivering operational impact, all backed up by a support network and follow-on technical capacity as required.

If you would like to discuss managing a crisis further, learn more about how FINTRAIL can help your organisation or to discuss any other financial crime topic feel free to get in touch with the team.

FinTechs have been ahead of the curve in understanding certain criminal typologies thanks to the holistic and data centric approach they often take to tackling financial crime. However, there has been little focus on tax fraud as a criminal enterprise and how that may effect the FinTech community.

With the recent release of the Paradise Papers and Panama Papers, tax evasion and tax avoidance are back under public debate as governments and individuals ponder how best to ensure that everyone pays the taxes they owe. The data leaked by the Paradise and Panama Papers put into the spotlight the blurred lines between tax avoidance and tax evasion, which are often facilitated using the same complex mechanisms and can confuse our understanding of what is acceptable tax reduction and what is not. This has put international governments under pressure to address the growing consensus that tax avoidance and the exploitation of tax loopholes has gone too far.

For the FinTech sector, this means that in the near-to-medium future, our understanding of tax fraud and tax evasion could fundamentally shift. To stay ahead of the curve, we therefore have to ask ourselves: how does tax fraud affect FinTechs and what are our responsibilities in combating it?

One of the major confusions around tax fraud, tax evasion and tax avoidance is the definitions used. So, here are some definitions to help us clarify the issue at hand:

Tax Avoidance: tax avoidance is reducing one’s tax burden within the letter of the law (but often not within the spirit of the law). Examples include tax deductions or establishing an offshore company or trust in a tax haven to reduce tax liability.

Tax Fraud: tax fraud, according to HMRC, is illegally avoiding paying taxes. It is made up of three components—tax evasion, criminal attacks and participation in the hidden economy.

Tax Evasion: tax evasion is one type of tax fraud concerning individuals or businesses who intentionally misreport information to reduce their tax liabilities.

In terms of regulation, tax fraud has never received the attention given to sexier crimes such as money laundering or terrorist financing. However, this is beginning to change. At the end of September 2017, the Criminal Finances Act came into force in the UK, which made companies more liable for failing to prevent tax evasion, including facilitating the evasion of UK taxes by international entities and facilitating the evasion of foreign taxes by UK entities. The best way for FinTech companies to avoid liability is through robust risk management and a strong compliance programme.

Not only are FinTechs more liable for tax fraud than before, but the problem of tax fraud is growing. The current gap between taxes owed and taxes due is £34 billion, half of which is due to tax fraud.

There are several ways that tax fraud can touch the FinTech sector, including:

• Using FinTech products to collect bogus tax refunds or to facilitate tax fraud.

• Using FinTech products to process funds derived from the hidden economy.

• Using FinTech products to mask the origin of funds

So what can FinTechs do to protect themselves and reduce the negative social impact of tax fraud? Here are our recommendations:

1.     File SARs in a timely fashion. A quarter of all HMRC tax investigations are stimulated by SARs, so filing these properly is critical in the fight against tax fraud. You can also contact HMRC direct via the link here.

2.     Ensure robust onboarding and KYC policies to a) decrease the anonymity of the product and b) avoid liability in tax fraud cases.

3.     Impose reasonable transaction limits and limits on the number of accounts held in order to decrease the attractiveness of the product to tax fraudsters. Keep these limits under constant review based on changing typologies.

4.     Monitor relationships in an ongoing fashion and watch out for red flags such as

• Suspiciously large transactions sent for ‘expenses’

• Spending that does not reflect expected income

• Unexplained payments into customer accounts from sources linked to work or employment

• Multiple tax refunds coming into one account

• Multiple transfers to financial institutions in high-risk tax jurisdictions

If you would like to discuss tax fraud further and learn about how FINTRAIL can help identify and combat tax fraud typologies, please do not hesitate to contact us.

The global, connected web of financial criminality is difficult to unpick.  However, investigations over the past few years have shed light on the few, yet critically important bad apples amongst the network of financial institutions that enable this web to go un-checked. While many of these simply may lack the adequate controls to tackle money laundering or terrorist financing, other financial institutions have taken a much more direct role in criminal activity. The use of financial intelligence and investigation techniques present an opportunity for the regulated sectors to disrupt criminality at scale and efficiently. As such we are excited to announce the appointment of Nick Herrod as head of our Financial Intelligence and Investigations practice, who will help us drive solutions for clients that continue to deliver impact.

During a recent event hosted by Thomson Reuters, OCCRP Executive Director Paul Radu was asked how the international community should tackle the global and seemingly untouchable scourge of financial crime. His response was telling — go after the financial institutions, big or small, that facilitate the criminal activity. This is an interesting strategy to take, and targeting the institutions facilitating criminal activity presents an opportunity to disrupt criminality on a wholesale basis. The team at FINTRAIL decided to examine this subject in more detail, yielding some interesting results. Through our research we have found that one of the most significant red flags when it comes to these types of institutions (and counterparty risk) is the influence of high risk individuals/PEPs within the ownership structure. To better understand this, two public case studies are detailed below—the Global Laundromat and the BGFIBank Democratic Republic of Congo (DRC)/Hezbollah connection. It is evident that the links between financial institutions and owners more susceptible to criminal motivations can affect the robustness of an institution’s compliance regime and undermine industry efforts to counter financial crime. Taking an intelligence-led approach and exploiting a range of data sources allows us to highlight additional red flags and begin targeting the key nodes and facilitators of this volume criminal activity.

The Global (Russian) Laundromat: This laundromat, exposed by the OCCRP[1] three years ago, funnelled more than $20.8 billion from Russia into Europe. OCCRP reports show that it involved approximately 500 people, from oligarchs to FSB-affiliated individuals.

Igor Putin, cousin to current Russian President Vladimir Putin was a manager and executive board member for the Russian Land Bank (RZB), an institution whose accounts reportedly processed more than $9.7 billion, or nearly half of the total funds involved in the laundromat case. Funds were sent from RZB to Moldindconbank in Moldova, where they were then sent to Trasta Komercbanka in Latvia and from there to the rest of Europe. The OCCRP adds that Igor Putin was brought into RZB initially by Alexander Grigoriev, who allegedly has ties to the FSB and whom the Guardian identified as one of the main ringleaders of the Laundromat. Grigoriev headed the RZB during the laundromat’s operation until the time of his arrest. Putin and Grigoriev were also connected through other companies where Putin was a board member and Grigoriev a shareholder. Putin left the RZB board in 2014 contending he left after becoming aware of ‘the real situation.’[2]

BGFIBank DRC and Hezbollah: According to a recent Sentry report[3], BGFIBank DRC, run by the brother and sister of the president of the DRC, Joseph Kabila, reportedly allowed transactions from companies connected to a known financial contributor to Hezbollah: Kasim Tajideen. Tajideen, and his brothers Ali and Husayn, were subject to US sanctions, as were entities under their control. Despite this, and despite warnings from BGFIBank DRC employees, the financial ties between the bank and the sanctioned parties reportedly remained intact. Subsidiaries of Ovlas Trading, owned by Kassim Tajideen, would make transfers through BGFIBank DRC to subsidiaries of Congo Futur, managed by Kassim’s non-sanctioned brother, Ahmed Tajideen. Both Ovlas Trading and Congo Futur are under US sanctions, though Ahmed is not. Despite employee awareness of the risks involved, transactions from the sanctioned entities were allowed to continue, and BGFIBank DRC even went as far as to request the US Treasury unblock a transaction involving one of Tajideen’s companies and another bank. BGFIBank DRC had previously been alleged of diverting millions of dollars in public funds, further calling in to question the AML/CTF regime of BGFIBank DRC and the role the bank’s leadership played in the activity.

These two sample cases demonstrate how financial institution ownership from individuals more susceptible to criminal motivations can encourage complicity or active participation in criminal networks facilitating financial crime. In both, banks with ties to PEPs and high-risk individuals allowed significant cash flows to be laundered and used for criminal purposes. Though only two cases are discussed here, the findings still show how the use of financial crime intelligence and investigations can be utilised to go beyond the basic information generated by many static compliance controls, help better the understanding of evolving typologies and surface new opportunities to counter the capricious threat of financial crime.

At FINTRAIL we have seen an unprecedented level of interest in the financial intelligence and investigation capabilities we offer to our financial service clients, from start-ups to established firms. As such, Nick’s arrival to lead FINTRAIL’s Financial Intelligence and Investigations practice could not be more timely. Nick brings an exceptional pedigree to the experienced team at FINTRAIL after completing a range of public and private sector roles, culminating in his position as the Head of Global Intelligence Team within HSBC’s Financial Intelligence Unit where he was responsible for overseeing a significant portfolio of investigations that focused predominately on large, multi-jurisdictional networks facilitating illicit financial activity. Nick will continue to build on FINTRAIL’s strategy in this area, understanding the needs of our clients of all sizes and ensuring that we are delivering a suite of capabilities and solutions to help our clients mitigate the negative impacts of financial crime.

[1] https://www.occrp.org/en/laundromat/the-russian-laundromat-exposed/

[2] https://www.occrp.org/en/laundromat/the-russian-banks-and-putins-cousin/

[3] https://cdn.thesentry.org/wp-content/uploads/2016/09/TerroristsTreasury_TheSentry_October2017_final.pdf

Human trafficking has sadly become a widespread and global issue; from the woman forced into prostitution and kept locked up in a house, to the man working on a construction site, stripped of his documents and any salary taken from him. Every 30 seconds, the criminal industry of human trafficking makes more than $30,000; bringing in approximately $32 billion a year.

In the world of financial crime, human trafficking is a predicate offence (the criminal activity and the proceeds money laundering), the revenues of which may touch financial services as the profits are laundered. Financial services may also be used to facilitate these offences, providing the ability to pay subsistence for accommodation, book flights for a trafficked person and other activities traffickers rely on. As the awareness of human trafficking increases and pressure is applied to the criminals that make huge sums from the exploitation of others, the criminals may be forced to look at alternative financial arrangements or exploit new technologies to their advantage.

There are numerous behavioural patterns characterising the organised crime groups involved. Having analysed the most often occurring subtleties, it is evident that tools such as the Internet and other communication devices are utilised expansively. The most intimidating organised crime groups are mainly those capable of governing the entire course of trafficking, from the recruitment of victims to the reinvestment of the criminal proceeds.

Through our industry engagement, FINTRAIL has seen an increase in FinTechs’ awareness of the fight against human trafficking and subsequently, human trafficking was the subject of the October 2017 FinTech Financial Crime Exchange (FFE). Members presented case studies and industry experts provided insights on the changing nature of the threat and industry initiatives to tackle the problem. Many of the FFE members were able to give examples of cases where they had detected indicators of financial crime involving human trafficking or exploitation, demonstrating this is not only an issue that impacts large financial institutions but may also directly impact the FinTech industry. In fact, some of the features common to modern FinTech such as non-face-to-face onboarding and ease of account management/overview may make it potentially attractive to those involved in trafficking and exploitation. As a result, FinTechs are conducting enhanced Know Your Customer (KYC) checks and are scrutinizing onboarding documentation in an attempt to combat human trafficking.

The FFE session identified specific typologies that may be relevant in a FinTech environment and what mitigations and actions industry may be able to apply. Some basic example indicators or red flags are detailed below:

- Customers taking selfies or completing onboarding checks, appear to be under control of someone else. This may appear as someone in close proximity as the images are being taken or controlling what is done or said.

- A customer may not be in possession of their own legal documents and may add unreasonable delay while they get them from someone else.

- Recurring payments being made from one account to multiple accounts for wages at unreasonably low amounts.

- Multiple point-of-sale transactions at car rental agencies, airline ticket purchases and train ticket purchases with no subsequent spend in that destination.

- High expenditure payments at fast food outlets, supermarket outlets, clothing stores, drug stores etc.

The FFE and its members will continue to focus on human trafficking and its negative impact on society and implications for financial services. In addition, FINTRAIL will track the evolution of financial crime typologies associated with human trafficking in order to identify any shift by those criminals to target financial services as a tool to further their illicit and damaging behaviours.

If you would like to discuss human trafficking further, learn more about the FFE and how FINTRAIL can help your organisation identify and combat human trafficking get in touch.

On 17 October 2017 Thomson Reuters held the first in a series of events on Financial Crime. This event explored the recent investigations conducted by the team at the Organised Crime & Corruption Reporting Project (OCCRP) into the global laundromats. The brave and fascinating work by the team at OCCRP exposed the complex and globally connected money laundering networks that via a web of hundreds of companies and associated financial institutions have laundered over $20 billion.

Although the laundromats are money laundering on a huge and global scale, and it may seem like a problem only big financial institutions may have to deal with, OCCRP Executive Director Paul Radu stated that every laundromat case he’s worked on has involved myriad UK companies. This means the issue is right here on our UK doorstep.

Although money laundering through complex laundromats can seem like a victimless crime, they are in fact part of networks taking huge sums via corruption of national pensions, financing groups involved in serious organised crime like human trafficking, funding terrorist organisations, and destroying lives.

So what does this mean for the FinTech community? There is real excitement about the commercial opportunities for challengers in the business and commercial customer segments and this is very much true, but this segment also brings with it a very different set of financial crime risks that really need to be understood and factored in to an effective and proportionate financial crime risk management framework. When you consider the factors that may impact on financial crime risk, the customer type (i.e. complex corporate ownerships), geographies (i.e dealing with suppliers/customers across a range of geographies), product type (i.e. high value transactions or products) and channel (i.e. often in a FinTech this is non face-to-face), can all have a material impact on the potential risks a FinTech targeting this segment may face.

So what can FinTechs targeting these new and exciting customer segments do to assist in the fight against these laundromats, comply with applicable regulations and do their bit to reduce money laundering? We have provided a few helpful hints below:

- Ensure you have a financial crime risk assessment that accurately reflects your unique circumstances. All companies and products will have their own unique factors to be considered and may impact on your risk profile. In many cases, it is not only a regulatory requirement to have a risk assessment but it is also a hugely powerful tool to help you define and navigate your compliance and risk frameworks.

- Understand your customers. Just because you are targeting customers who may be registered in the UK or other equally regulated markets, it does not mean they may not get involved in illicit activity. This goes beyond basic identification of your customers to ensure you understand the nature of your customer’s business and how they intend to use your product/s. Without that knowledge, it becomes very difficult to monitor effectively and can/will cause negative customer experience in the long-term.

- Understand the typologies and red flags that you and your team should be looking for. By staying current on evolving typologies allows you to keep pace or even out-pace the criminals and reduces the long term negative impacts criminals may have on your business.

Paul Radu said at the event "it takes a network to fight a network" and although he was referring to an international network of the likes of law enforcement and financial institutions working together to tackle it, the growth of alternative financial services further diversifies the pool. The FinTech FinCrime Exchange (FFE) is one such network, where FinTechs come together to effectively collaborate and combat financial crime such as money laundering.

If you would like to discuss money laundering, or any of the topics raised in this post please don’t hesitate to contact the team at FINTRAIL.

For the last nine months FINTRAIL has been working with the awesome team at the Antwerp World Diamond Centre (AWDC) who represent 1700 Antwerp based diamond traders, to address some of the challenges their members and industry as a whole are having with access to viable bank accounts. The issues they've been having are due to the perceived high financial crime risk within the diamond industry and the associated bank de-risking phenomenon.

The short video below highlights one of the exciting developments coming from our work with AWDC and is a great example of where Financial Technology (FinTech) and Regulatory Technology (RegTech) can combine to offer solutions to some really complex challenges for traditional and non-traditional financial services. Our focus has been on how we can re-affirm trust across all stakeholders and ensure there is a sustainable and commercially viable solution for all parties.

FINTRAIL is very excited to announce the release of a new white paper by the FinTech Financial Crime Exchange (FFE), a FinTech industry forum we co-founded in January with the Centre for Financial Crime and Security Studies (CFCS) at RUSI, a London-based defence and security think tank.

All too often, discussions about FinTech and money laundering risk are greatly oversimplified. Much of the discussion starts from a blanket assumption that new technologies will inevitably make life easier for money launderers, and that FinTech companies are therefore uniformly “high risk.”

One downside to this perception is that FinTechs have been subject to “derisking” – or losing access to vital banking services because the risks associated with FinTechs are perceived as very high.

As this new white paper shows, labelling the entire FinTech sector as “high risk” for money laundering purposes is unhelpful and oversimplifies the true picture.

After all, the FinTech sector is an incredibly diverse one. It features prepaid cards, peer-to-peer lenders, service aggregators, payment service providers, and a host of other products and services with very different features. The way money laundering risks appear from one FinTech to another is as diverse as the sector itself – and the picture is not always one of just “high risks.”

There’s certainly little reason to think that all FinTechs are necessarily higher risk than banks or other types of financial institutions when it comes to money laundering.

For example, while some FinTech products can be used for “money mule” or “smurfing” activity, they’re usually not very useful for high-end money laundering, or the laundering of the proceeds of crimes like major tax evasion or international corruption that feature in scandals such as the Panama Papers or the recent Laundromat cases.

It’s important that this nuance is understood, so that FinTechs aren’t all stigmatised as “high risk” where it isn’t warranted.

As the paper points out, because FinTechs often only see a limited piece of a much larger financial puzzle, establishing an intelligence picture of money laundering activity across the sector can be a huge challenge. Coming to a true understanding of the nature of risks across the sector requires further detailed study - and the FFE intends to do just that through its future meetings and research.

In addition to describing this overarching picture, the paper also provides recommendations for various stakeholders.

·      FinTechs should work to clarify the true picture of money laundering risk they face, and demonstrate that they are building resiliency against those risks.

·      Countries’ financial intelligence units and law enforcement agencies should share information with FinTechs on criminal typologies.

·      Regulators should provide detailed guidance that is relevant to sub-sectors of the FinTech community.

·      International organisations like the Financial Action Task Force can help build an understanding of the picture globally. 

To find out more about the FFE, contact rebecca.marriott@fintrail.co.uk 

It seems that everyone is talking about Artificial Intelligence (AI) at the moment: whether it’s Elon Musk and Mark Zuckerberg disagreeing publicly on the doomsday type scenarios that AI might bring [1], or banks predicting AI to be the primary way in which they interact with customers in the future [2], there’s wide-ranging interest in what AI can do for society as a whole, companies and individuals. But, to be clear, and before going further, what exactly is the difference between Machine Learning and AI, or is there indeed a difference?  The clearest explanation we’ve seen goes something like this:

·      Artificial Intelligence – this is the high level concept that machines can do something in a way that we, as humans, would consider “smart”

·      Machine Learning - is a current application of AI based around the idea that we should really just be able to give machines access to data and let them learn for themselves [3]. (Thanks Forbes!)

Similarly, in the financial crime space, numerous articles exist about how AI and Machine Learning can help to combat illegal activity in banking and beyond [4].

At FINTRAIL, we believe that AI and Machine Learning have huge potential to deliver great results in the financial crime space.  Whether it’s AI helping investigators to detect previously unknown connections between entities and typologies, or Machine Learning helping refine transaction-monitoring rules by different customer sets and behaviour, the benefits for companies and their customers are huge. Imagine for a moment that your bank could tell whether purchases made at a high-end online retailer at midnight just after you received a bonus cheque were genuine or fraudulent, based on your previous behaviour in a similar scenario.  Great, right?  No annoying text messages, or blocked transactions if it were genuine, and peace of mind that that kind of transaction would be blocked if it were fraudulent, and you didn’t actually have a compulsive online shopping habit (ahem).

But, as with anything new and relatively untested, there are pitfalls.  One of the key ones is making sure that any Machine Learning models start off with relevant data, such that they can begin the learning process appropriately, and you don’t program in algorithmic bias.  Typically – and let’s take the case of a Machine Learning engine for transaction monitoring -  this is relatively easy to build: you have a known scenario, which is fed into the engine for it to learn and refine over time as the transactional data is processed and fed into it.  However, this can be tricky in financial crime situations, as ideally you don’t want any money laundering or bribery (for example) to go through your system before you work out what the scenario or relevant data for the Machine Learning engine is. 

So, how do we address this?  Well, something we are passionate about at FINTRAIL is making sure that firms have a thorough risk assessment; truly understanding your business model and the ways in which criminals might seek to exploit it will help to build the best scenarios for any future financial crime Machine Learning engine. These can then be used to create the baseline relevant data that goes into the Machine Learning engine, such that it can start to learn behaviours. Examples here might include understanding your typical customer profile, such that you can build a Machine Learning model to automatically categorise them by risk profile, or Machine Learning models that take into account transactional behaviour and a range identifying particulars to reduce sanction re-screening hits.

Another tactic we’ve seen is to combine more traditional models with Machine Learning.  Again, in the transaction monitoring space, combining a rules-based approach with Machine Learning is a great way of teaching the engine to learn, and giving good baseline scenarios that it can work from.

So, all in all, we’re on Mark Zuckerberg’s side of this particular argument – we think AI has great potential, but that it, and Machine Learning in particular, needs strong data to support it, and as with humans, the right conditions to succeed.

[1] http://fortune.com/2017/07/26/mark-zuckerberg-argues-against-elon-musks-view-of-artificial-intelligence-again/

[2] http://uk.reuters.com/article/us-banks-ai-accenture-idUKKBN16Z1AH

[3] https://www.forbes.com/sites/bernardmarr/2016/12/06/what-is-the-difference-between-artificial-intelligence-and-machine-learning/#6ac626162742

[4] https://www.finextra.com/blogposting/14225/artificial-intelligence-the-next-step-in-financial-crime-compliance-evolution

Image Courtesy: Saad Faruque, Flickr (Creative Commons)

FINTRAIL has recently launched its Financial Crime Intelligence and Investigations practice, something we’re really excited and passionate about.  We believe that intelligence and investigation form critical and complementary parts of any robust financial crime risk management program. Before we explain why that is, we’ll kick off with a couple of definitions:

Intelligence: This is information about an event that you receive in advance of it happening.  Examples from history include the intelligence gathering (on both sides) about troop movements in the Second World War.  Examples in financial crime include receiving information from an issuing bank about an account that is purportedly connected to fraudulent transactions in another account.

Investigation: This is the process that takes place after an event occurs, and usually tries to figure out what went wrong or what is going on once a credible threat has been identified.  So, following a terrorist attack, for instance, the police will launch an investigation to try to understand as much about the attacker’s background as possible, and exactly what happened to support any formal judicial or enquiry process.

Although we’ve separated out the two concepts theoretically, they are intrinsically linked with each feeding the other.  To use another example, a firm might look at new typologies that criminals are developing to commit fraud, and proactively add new rulesets to transaction monitoring to detect similar behaviour before the fraud takes place. This process will flag a number of customers, some of whose accounts will need to be closed or who may be vulnerable.  It might also flag other accounts with suspicious behaviour, but which appear to display a different typology.  These accounts can be individually investigated, but if there are enough of theme, there may be sufficient information to identify a new typology (intelligence), and therefore a new set of rules stemming from the new activity observed - it’s a cyclical process!

So, what is FINTRAIL doing in this space?  Well, we’re bringing together the leading technology and new data, along with our expertise (if you look at our Team page, you’ll see we’ve all been doing this kind of work for years!) to provide intelligence and investigations expertise as an outsourced service. In start-ups, this can help keep small financial crime teams lean while still having access to the best capabilities in this area and removing the more complex work around intelligence and investigations from the fast-paced environment of a start-up. And for more established firms, this provides access to the latest technology, and can help with resourcing challenges on a long or short-term basis. We hone in on customer protection and solid recommendations for system, rule or other structural improvements on the basis of our findings; and this is why intelligence and investigations are such a crucial part of any financial crime risk management framework, as it actively helps to inform and improve existing systems and processes, keeping them up-to-date, proactive and targeted at the most serious threats.

The team at FINTRAIL is really excited to have worked with UK FinTech Financial Crime Exchange (FFE) members to produce this White Paper. An extract and the full paper are below.

Financial technology companies (fintechs) leverage online and mobile applications to offer new financial services with efficient and cost-effective customer experience. However, the non-face-to-face (non-f2f) nature of fintech businesses poses risks that fraudsters or other criminals may seek to exploit these remote platforms and related products.

Robust customer due diligence (CDD) is one element of an overall risk management architecture that can mitigate these threats. Fintechs are uniquely suited to harness and develop innovative CDD approaches, owing to their dynamic business models and comfort in using technological solutions. This white paper describes examples of best practice in CDD among members of the FinTech Financial Crime Exchange (FFE), offering practical insight for fintech companies and other stakeholders – such as banks and regulators – seeking to better understand the industry. It provides examples of how fintechs are utilising innovative CDD approaches to manage risks while also enabling a high-quality customer experience. For example:

• Fintechs are leveraging numerous data points and employing innovative analytical approaches to enable a dynamic and holistic view of customer risk.

• This includes the use of facial recognition techniques, interactive user interfaces, innovative document scanning and analysis, Internet Protocol (IP) geolocation, predictive analytics and machine learning.

• These solutions can enable fintechs to employ a genuinely risk-based approach to CDD as their customer base and service offerings evolve. 

This paper also assesses areas where fintechs can benefit from further development and exploration. For example:

• Fintechs should carefully consider the appropriate balance of in-house and third party solutions for their business model.

• Fintechs must be prepared to conduct thorough and formal assurance testing of both in-house and third-party solutions and outsourced services.

• As they scale, it is important that fintechs have in place adequate governance arrangements to manage risks that come with changes to their CDD systems and controls.

FinTech is a term that has entered the collective public consciousness in recent years. There is an increasing awareness of the disruption and exciting opportunities FinTech is bringing to financial services and consumers alike. This article looks at the benefits of FinTech, some of the challenges, and examines how the world of financial crime compliance and FinTech complement each other.

Originally published in the March-May 2017 ACAMS Today magazine, a publication of ACAMS © 2017.