Blog article
See all stories »

Could Regulators perform AML in a Blockchain World?


Before you say "that is a crazy idea", stop and think. It sounded crazy to me as well but after some thinking I have concluded that it has merits. Here's why. 

First, let's check the state of technology advancements. Real time networks provide central banks the ability to settle mass market retail transactions in real time (not just the old RTGS high value payments which are typically lower in volume). In fact, in the NPP scheme, the Australian Central Bank is planning to provide just that - real time settlement of every transaction so there is no counterparty risk. This means that scalable technologies for real time intervention by central agencies when needed exist.

As part of the technology, consider blockchain - it provides a unique capability for miners to intervene, examine/ verify transactions through some protocol and then agree on valid transactions through some consensus mechanism. This again shows that blockchain can be used to examine, review, and approve transactions in (near) real time.

Second, let's look at the business costs of compliance. In general, banks spend billions of dollars on compliance (although exact number is hard to get). JP Morgan alone claims 43,000 of its ~230,000 employees are dedicated to compliance. Citigroup claims 23,000 compliance officers. For 2017 alone, AML budgets in banks are set to grow by $8 Billion, a CAGR of 9% (Source: WealthInsight). With increasing terrorism and financial authorities catching only 1% of the $1 - 2 Trillion money laundered globally, you wonder why is no one thinking of a better way to do AML and transaction screening? It is mostly risk avoidance - if the banks are doing it already why should anyone else touch it. However this poses a major burden for banks and some lateral thinking is required.

Here's the crazy idea - in a world leveraging blockchains and real time networks for payments, why can't regulators themselves perform AML? Banks could still onboard customers and perform KYC checks. But when transactions are generated, the appropriate regulator (may be OFAC for USA) could perform all sanction screening, BSA/ AML checks on behalf of botht the ODFI and RDFI acting as a miner in the blockchain network. If central bank of Australia can settle all transactions in real time under NPP, I am sure any regulator could mine, verify, and clear payment transactions for AML in blockchain networks.

Impact? Huge cost savings as well as reduction in complexity for banks and other financial institutions. At the very least, cost of domestic AML checks for a transaction should come down by 50% as there is one regulator checking for both ODFI and RDFI. In the case of cross border payments, even though 2 regulators are performing AML at originating and receiving countries, when a central agency can perform AML on behalf of all banks in that country can lead to tremendous cost savings. Another top challenge for banks is finding good compliance talent. Instead of all banks, if only few regulatory agencies have to find that talent, it should be definitely easier to handle.

So what's the next step? Banks should lobby Governments and regulators on the idea. That's the hard part where it can get stuck. I can think of a lot of parties who would prefer status quo in spite of the complexity and increase in compliance costs. But technology is all about disruption, isn't it? It could happen one day, you never know....

“Only one who attempts the absurd is capable of achieving the impossible.” - Miguel de Unamuno, 1905 (incorrectly attributed to Albert Einstein by some)


Comments: (5)

A Finextra member
A Finextra member 17 January, 2017, 10:44Be the first to give this comment the thumbs up 0 likes


Not crazy at all. I am aware that from a regulatory viewpoint, several central banks are exploring the potential of a “regulator app” to allow any regulator instant access to any data within the financial chain. Having the “regulated” firms use a permissioned blockchain could ensure that all players capture data correctly once within their firms and remove the need for a “centralised” data store that constantly need upgrading and monitoring with the risk that a single cyber attack could capture all relevant market or individual data in one go.

Apart from the obvious benefits, I believe that a regulator, by “mining” data as and when needed, has the potential to reduce millions of pounds in man years (one bank estimates that the spend 1000 of man years every month collating reporting data) out of the cost of reporting whilst maintain immediate oversight and supervision.


A Finextra member
A Finextra member 17 January, 2017, 16:35Be the first to give this comment the thumbs up 0 likes

Thanks Michael for your comments. While mining transactions and avoiding the need for regulatory reporting is a valid use case that saves costs for banks, I am also interested to see regulators actually perform AML. Within each jurisdiction, that can also save costs significantly for all banks and more importantly, also help regulators catch suspicious transactions much faster and precisely leveraging the latest intel

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 17 January, 2017, 19:41Be the first to give this comment the thumbs up 0 likes

I've read about a shared service setup for sanctions screening so that each and every bank doesn't need to do it. So centralization of sanctions screening is not a crazy idea per se. But I don't see any financial regulator taking responsibility for actually running this shared service. It's not a matter of technology - regulators love to be judges and are unlikely to do anything that might put them on the witness stand. I say this based on the history of how regulators charged with the responsibility of credit rating securities got rid of the monkey on their shoulders by outsourcing the task - and the responsibility - to CRAs.

A Finextra member
A Finextra member 18 January, 2017, 18:40Be the first to give this comment the thumbs up 0 likes

I agree with your views Kedar. Biggest reluctance from regulators is that it is easier to be the judge rather than take responsibility for preventing fraud. However, when it comes to matters such as liquidity, such issues of judgement don't exist and so they take on the responsibility to settle transactions.

Any impact in this area will require maturing of technology but also intense lobbying from banks.

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 18 January, 2017, 19:15Be the first to give this comment the thumbs up 0 likes

@HariSubramanian: Your statement "However, when it comes to matters such as liquidity, such issues of judgement don't exist and so they take on the responsibility to settle transactions." sort of proves my point because regulators take on responsibility to settle transactions ONLY if they run the AML shared service, not if the banks do it as at present!

Now hiring