Blog article
See all stories »

AML Transaction Monitoring Systems: Increasingly ineffective, but perhaps not outdated

We need to accelerate TMS roadmaps and increase the agility of the big investments we’ve made in these systems


As the backbone of Anti-Money Laundering (AML) deployments for more than 15 years now, Transaction Monitoring Systems (TMS) are heavily relied upon throughout the enterprise. The standard method of detecting illicit activity is by running behavioral and comparative algorithms to identify specific malfeasance or anomalies worthy of further investigation.

When most were designed and deployed, around a decade ago, they were a step in the right direction, adding transparency into the system. But today there are serious problems with the effectiveness of TMS. Problems serious enough that one could argue that they are institutionalizing the very activities they were meant to find and eliminate.

Has the investment in TMS failed? No, far from it. But the return on the investment and the protection they provide is declining with increasing speed.

The logic behind the TMS is the identification of a known or expected behavior – the vernacular often used is a “Scenario”. They come from past activities that have been identified or prosecuted, from specific regulatory comments or observations, or from data science experimentation. For example, Link Analysis – an approach linking seemingly innocuous single activities that when joined together paint an entirely different picture. This all sounds very logical and powerful, and it is, but two problems undermine this value:

The lack of agility, speed and time to value/failure in the TMS

Scenarios take a long time to develop and deploy. The need to align diverse and distributed data sources into a common data format, to enable the algorithms to begin to look for activities, often takes months. We are dealing with incredibly agile adversaries, who can change and refocus their nefarious activities within days. The reality is that the TMS cannot keep up with the pace of change.

One question that firms need to consider when money laundering activity is discovered in the financial system is: How long does it take you to create a report and identify whether you have the same issue in your firm? If it’s more than two weeks, then frankly it’s not worth doing. It is vital that agility, experimentation, even speed to failure in the TMS is increased. Without it, we have a train trying to catch an airplane.

The FIU: Not Seeing the Wood for the Trees

Given the TMS is not looking for a needle in a haystack but rather a needle in a stack of needles, the TMS’ ability to be accurate in its abilities to find laundering or fraud is challenged. Artificial Intelligence offers some hope, but it is certainly not the panacea that many are touting. The reality is that we will face increasing volumes of alerts for the next decade.  

Over 90% of alerts are ignored due to lack of resources, according to PricewaterhouseCoopers. Of the remaining 10%, eight out of 10 are “false positives” which need to be investigated and analyzed by the Fraud Investigation Unit (FIU).

In the current environment, this large volume means there’s plenty of noise for criminals to hide in. This is precisely where investigators need to focus their energies. The fact is, a money launderer can act quickly, evolve rapidly, and work around the current TMS deployments. These criminals have a 98% chance of never being caught.

Far too much time and resources are spent investigating alerts, when the overwhelming majority turn out to be based on false positive data. The cost of a negative result is far too high. Perhaps this explains why money laundering has doubled, growing from $1 trillion to $2 trillion in the last three decades.

Trying to balance risk against the cost of volumes, and the thresholds that can control those volumes is a horrible juggling act and, despite sincere and diligent efforts by everyone involved, it is not working. We are fighting a three-dimensional enemy with a two-dimensional approach.

So, what should we do?

Quickly create relevant scenarios

Dated scenarios aren’t just ineffective, they increase the burden of cost and opacity. Some date back to investigations done in the 1980s. It’s vital that they’re supplemented with scenarios that reflect the realities of today’s increasingly diverse corporate structures, digital business models and multi-border activities and business foci.

Digital retailing, crowd-funding, on-line charities, debit cards, on-line gambling, mobile freemium apps and increasingly complex corporate real estate transactions are all fascinating laundering vehicles that offer entry and exit ramps into the financial system. They are all areas where new detection and analytical scenarios need to focus on – quickly, effectively and without being encumbered by the slow data and system integration challenges of the past.

To support a vibrant, responsive and transparent BSA program, TMS needs to become more agile. Current or new scenarios should be developed, configured, tested, edited, re-tested and moved into analyzing production data in less than two weeks.

This does not replace the TMS. It’s an excellent investment – Oracle Mantas, BAE Detica, Actimize, Fiserv are all more or less the same. Yet the need to change monolithic and cumbersome data models can be a sticking point and you must identify the right data to populate the new model.

Without the ability to rapidly deploy new logic, rules, models, and fresh internal or external data sources, your capacity to push out new scenarios and identify criminal behavior will be limited. It’s important to cut through data integration and mapping challenges and stay focused on developing analytics and rules that are going to get results. But how do you do that?

Instead of implementing the changes in the TMS, there has to be a less disruptive approach. Consider the speed and agility that a new technology layer on top of your existing systems might provide. An “orchestration network” that leverages and supplements past TMS investments and keeps operational disruption to a minimum.

Rapid scenario development that’s robust, fully auditable and controlled through a single interface could make your TMS relevant and effective again. That environment could enable the AML department to test and deploy quickly without TMS or case management system changes.

Creating relevant, modern and agile detection scenarios doesn’t represent a major financial outlay, it’s a way of leveraging current investments more effectively and it can be done for a fraction of the time and effort of replacing the TMS for another TMS, which has more or less the same functionality.

The FIU: Seeing the Wood for the Trees 

The challenge of false positive volumes will remain. We should not delude ourselves that new technologies will be able to deal with these volumes effectively. However, they can improve the productivity of the FIU.

Distributed analytical engines, robotics and AI are all promising approaches to speeding up investigation and interdiction decisions. We are looking at some FIUs increasing investigation productivity by over 70%, and increasing the investigation consistency and auditability. These are exciting steps forward.

Some FIUs are maintaining the institutional knowledge they have built up and instead using the productivity of the investigation to increase alert volumes, going from 95% thresholds in the TMS, to 60%. The result is, of course, higher alert volumes, but with a 70% improvement in the speed of investigation, those volumes can be consistently and effectively handled. And when they do find laundering, in what was previously considered noise, they will change the market overnight.   




Comments: (1)

A Finextra member
A Finextra member 07 December, 2016, 13:39Be the first to give this comment the thumbs up 0 likes

A very thorough analysis of the cureent state of TMS and a unique slant on viewing its limitations while advocating for a new approach to its application for AML.