It’s been a couple of months since our last AML Bridge project update, and we’ve been busy. I thought it’s about time I wrote an update on what we’ve been up to, and explained a bit more about the technological side of what we’re building.
Salv’s project team meetings with the banks’ stakeholders and compliance specialists are ongoing and we’re making good progress with the AML Bridge pilot:
- The platform for the AML Bridge has been built by Salv’s engineers and it’s up and running.
- Participating banks are doing final IT security reviews of the platform and their legal teams and Data Protection Officers are working through the project contracts.
- Salv’s been in touch with the project’s advisory bodies (DPI, FIU, EFSA) who’ve all confirmed that the project is moving in the right direction and will fill a much-needed vacuum.
In our last project update I wrote about our plan to tackle bank-to-bank communications. AML Bridge will provide a quick, safe, and auditable way to exchange information between financial companies.
The information exchanged through AML Bridge can be one-to-one or one-to-many. An example of one-to-one communication is when Bank A needs to confirm sender details with Money Service Business B that sends out payments from an account in Bank A. One-to-many communication occurs when Bank A needs to inform Banks B, C, and D about a fraud case that also involves these financial companies.
Currently banks use a handful of tools that aren’t really cutting it in communicating with each other. AML Bridge can make this communication much better, and in the long run, drastically reduce the time it takes to gather information from other banks on the network. But I’m getting ahead of myself now. First…
What, technically speaking, is AML Bridge?
AML Bridge is a web application that Salv hosts and maintains. It enables the sending and receiving of instant information requests between banks. This is just the beginning, though. There will be more features to cover many other use-cases as well.
How is communication kept safe and secure?
All message content exchanged via the application is encrypted. Message encryption and decryption occur in cooperation between the AML Bridge backend and the financial companies using the application. The AML Bridge backend stores the encrypted requests, provides access to them, and also runs the key repository service, while the keys for decryption are generated on the banks’ side. When the bank that receives the request for information logs in to AML Bridge then encrypted requests are fetched from AML Bridge backend and decrypted in the user’s browser.
How can AML Bridge be accessed?
Users are registered on AML Bridge using their email addresses. During the registration process users must set up two factor authentication (2FA). AML Bridge is also accessible only from whitelisted IPs. These are communicated from participating banks to Salv.
What does information exchange look like?
Instead of writing another paragraph, I’ll show you instead. The images below are an example of how one-to-one information exchange using AML Bridge looks like.
What kind of stats can be pulled from AML Bridge?
AML Bridge will give the participating banks a clear and concise overview of their participation within the communications network. In addition to the amount of requests sent and received over a shorter and longer period, AML Bridge gives users an overview of the frequency of information requests made by counterparts, how many requests were sent/received from each category (eg sanctions checks, fraud/AML investigations) and an overview of the status of the requests (resolved, pending, declined).
How can AML Bridge drastically improve the time spent on operational processes?
There is a very special aspect of AML Bridge that I’ve saved for last - a lot of the processes involved can be automated in the future. This means that AML Bridge can remove a lot of the tedious manual work that takes up the time of banks’ operational teams - in fact up to 50% of operational work and cost could be reduced.
A couple of examples of what the future will look like:
- Now: Bank A can’t complete a transfer because it needs more information from its MSB customer.
Future: The information has already been fetched using AML Bridge, and the transfer is on its way. No delays for the customer, no operational work for the bank.
- Now: Bank A needs to inform Banks B, C, D that a fraudster with an account in Bank A has received money from those banks. A fraud agent needs to inform the other banks through slow or unsafe means.
Future: The information has already been sent to the other banks by AML Bridge. No manual agent time required.
We’re extremely grateful that we have the opportunity to develop AML Bridge with the four largest banks in Estonia. Every step of the way, we’ve truly felt that this is a platform that will make a difference in the fight against financial crime. The encouragement we’ve received from the Data Protection Inspectorate, the Financial Intelligence Unit, and the Financial Supervision and Resolution Authority has also been invaluable.
There’s so much more that lies in store, and we’re really excited about the next steps in the AML Bridge project. We’ll be revealing more in upcoming project updates, so make sure you sign up for the project newsletter.
Want to keep up to date with how the AML Bridge pilot is progressing? Leave your e-mail address below and we’ll make sure to keep you updated.