Traditional transaction monitoring systems use a number of algorithms to assign a risk score to any given transaction. If that risk score exceeds a threshold then the transaction may be blocked and will require further investigation. For example, withdrawing £100 from an ATM is unlikely to trigger an alert for investigation. However, withdrawing £100 at five ATMs during a 24-hour period would likely be flagged for investigation. This traditional method can be effective, but it can create a lot of ‘false-positive alerts’ (alerts which are later deemed to be incorrect flagged). With this model, only the current activities of the customer at a specific point in time are used to analyse behaviour. The traditional rules-based system can’t assess a transaction with the full, historical context of the customer, and it can’t react and adapt to evolving patterns used by money launderers. Wouldn’t it be possible to generate more accurate alerts if we were to take advantage of additional data?
Banks have a huge amount of data at their fingertips: if they can draw inferences from this they will be able to make more accurate and informed transaction monitoring decisions. You wouldn’t buy a house by looking through the letter box; you’d utilise all of the data which you could find: floor plans, surveys, local schools, crime rates, a personal viewing, etc. If banks can harness and connect all the information available to them then they can make better informed decisions, reduce fraudulent transactions and decrease manual investigation overheads.
One compelling solution is to introduce an artificial intelligence (AI) tool to interrogate data stored within a cloud-based infrastructure.
Cloud computing can alleviate the capacity and cost challenges associated with traditional on-premise infrastructure, whilst providing the flexible computing power that allows AI tools to be effective. In this environment, transaction data can be used to provide direct context of the transaction, but additional data within the bank can be analysed alongside this to provide additional context to the activity. By joining the dots between these data points using AI, banks can create a modern transaction monitoring solution.
For example, an individual receiving a large payment once a month doesn’t appear too suspicious. However, if we find that three other individuals, all using the same bank, living at the same address receive the same value of payment on the same day each month, then this starts to look like it requires further investigation. It’s all about relationships between data points. Storing data on the cloud can enable these relationships to be identified and AI can help to unearth additional threats.
Firms looking to take advantage of these technologies could turn to some of the smaller FinTech players in this space, rather than looking to develop a tool from the ground up. Quantexa, as an example, can provide cloud-based solution to ‘connect the dots’ between data points. Their transaction monitoring solution uses billions of data points to enable entity resolution, which creates otherwise unseen relationships between entities to provide a holistic context in which any given transaction or set of transactions can be assessed.
The opportunity is clearly there, but there are challenges to implementation of this modern solution:
- Regulators are still nervous about moving too much data onto the cloud – particularly when it concerns customer or personal information, as transaction data would. This will change as greater adoption occurs, however, within the world of financial crime regulatory approval will be critical.
- There is also a growing nervousness around AI solutions. Outcomes generated via AI tools will need to be explained if scrutinised by regulators or even customers. This may limit the sophistication of algorithms that can be used to support transaction monitoring.
- When aggregating data from a variety of sources, data lineage and data quality are crucial to enable the data to be useful. The source and history of the data needs to be tracked and stored so data quality can be regularly assessed.
Greater adoption of both cloud and AI across the industry will help to allay data security fears and increase regulators’ comfort with the technology. HSBC, for instance, has partnered with Google Cloud on a project focussed on using machine learning to better spot fraudulent transactions. The bank has engaged with regulators at every step of the project and they were supportive of the exploration of new ways to manage financial crime risk.
Transaction monitoring is drastically in need of innovation as the current rules-based system was created within a 1990’s world where fraudulent behaviour was much less advanced. AI and machine learning are the technologies which can provide this advancement, however, any solution will be most effective when paired with well organised data on the cloud. The regulatory hurdles to implementation will decrease overtime, but there is definitely benefit to be gained in being a fast mover in this space. Closely partnering with a firm that specialised in advanced transaction monitoring could prove more cost effective than developing in house and will position the bank at the forefront of fraudulent activity detection.