AML compliance 6 min read

5 ways to beat financial criminals at their own game

And avoid being the next AML scandal

Taavi Tamkivi
Taavi Tamkivi
Crime Fighter & Professional Optimist

5-ways-to-beat-criminals.jpg If you’ve ever worked in AML or Compliance you’ve probably at some point have felt an utter feeling of powerlessness. You use all of your expertise, put in tons of extra hours and still financial crime is flowing through. You know what you detect (but too late to stop it; the money’s already moved) but are scared to even think of what you didn’t detect. There are tens of thousands of payments flowing through your bank everyday. Are you really making a difference? Will you ever be able to keep up or get ahead?

Well, you’re not alone in thinking this. Over the years I’ve worked in crime fighting I’ve felt it many times over. The exhaustion, the helplessness. But as a born optimist and professional crime-fighter I consider myself to be, I have never completely lost hope. On the contrary over the years it has actually given me an even bigger drive to find better and smarter ways to fight the bad guys.

Most financial crime is professionally orchestrated. There are teams, organisations, goals, strategies, employees and contractors. Their job is financial crime, and given the enormous sums that move, they’re actually pretty good at it! I’ve learned loads from those financial criminals I’ve been working to stop for well over a decade – let me share my knowledge with you.

5 ways to beat financial criminals

There’s lots that AML and compliance teams can do to level the playing field and beat financial criminals at their own game. Here’s a short list:

  1. Leverage the latest technology
  2. Constantly test and iterate
  3. Prioritise speed
  4. Band together the industry knowledge
  5. Stay laser focused on your end goal

Leverage the latest technology

Financial criminals today use the latest technology. They are the first adopters. They were one of the first to adapt to online banking. The dark web is full of them. And when bitcoin launched, they were there immediately. Financial criminals chose it because — until recently — it was far less regulated and easier to operate on than other platforms.

leverage-the-latest-technology.png In compliance, on the other hand, it’s normal for people to trust in their tried and true technologies. It’s been running for years in our business or all the other banks seem to be using it, so it must be good, right? Maybe, but why have we seen all of the AML scandals recently? What role has the technology played in letting this happen?

Banking is undergoing an incredible transformation. The products, customers and KYC are totally different. Financial criminals are different too; far more organised and adaptive. Not to mention regulations, which are being added faster than banks can implement them.

So, to beat financial criminals going forward, we need to leverage the latest technology that makes change easy - because there’s going to be a lot of it.

Constantly test and iterate

Let’s imagine there was a criminal who wanted to diversify his business portfolio. He wanted to steal gold from an African country. He’d never done that before, so he decided on a method and tested it. Sure, the guys died in the process, but he’d paid them well for it. So he tried another way. And another. And another. Until they finally got through. He kept testing and iterating until he found a way that worked.

In AML and Compliance more generally, how much are we testing? Do we make improvements to our scenarios once a week or more like once a year? When a talented AML specialist excitedly discovers the hints of a new criminal pattern, how fast do you confirm it and automate it? Or have they mostly given up on trying to find the new patterns and have resigned themselves to ticking boxes. And on the flip side — how many poorly performing rules — the ones that are only throwing up roadblocks for your genuinely good customers — have been removed?

constantly-test-and-iterate.jpg If we contrast how financial criminals operate and how compliance teams (often) operate, there’s no doubt who comes out on top. Because I have always been a numbers guy, I’ve always been obsessed about the formula and the end results. Which meant I was hyper focused on testing to see which of my data models worked to catch the most crime. Funny enough, that’s also how financial criminals operate. They try 10 things to find out what works. We have to be the same. We have to try something, see if it works, and then adjust from there.

Prioritise speed

Onboarding and transactions are moving at lightning speed. Digital onboarding, faster payments initiatives and an incredible number of other developments have all contributed. This rapid development is incredible for trustworthy customers and financial criminals alike.

Financial criminals know that if they can find a way to get things done fast, there’s way less time for them to be stuck in a system that might find them.

Banks and even some fintechs often don’t prioritise speed. They prioritise process and thoroughness. Given the regulatory complexity, that’s not a terrible approach. But it won’t help you win the battle with financial criminals who have no regulators to answer to.

AML, compliance and wider organisation need to get far faster at adapting as organisations. Are the AML systems ready from day one when the bank or fintech launches a new product, a new market or a new customer segment? Can the AML team take all of its learnings and implement new rules, scenarios and dashboards themselves? Or are there layers of bureaucracy and such long delays that becomes pointless by the time it’s done.

prioritise-speed.jpg

Band together the industry knowledge

You’ve probably heard the phrase “if you scratch my back, i’ll scratch yours.” Financial criminals are super smart. There’s a reason that criminal patterns spread. One criminal finds a hole and he tells his friend who also jumps in and exploits that hole. Financial criminals know that, to get ahead, they have to help each other.

During this very hour there will probably be at least 10 banks investigating the same shell company. 10 separate investigations on the same possibly shady business. This is so strange in this day of common knowledge sharing like wikipedia. Why would we do the same job over and over again if others are doing it, too? In fact, data privacy laws today even say that, with the right technical and process implementation, we could share a whole lot more data between financial institutions to help stop crime. But we don’t.

Salv’s AML Bridge connects banks and fintechs in a fully compliant encrypted environment, allowing them to exchange information on suspicious activities and stop financial criminals in their tracks. Read the key findings from AML Bridge Estonia pilot here.

Stay laser focused on your end goal

What does a criminal want to do? Launder their money. That’s their primary, secondary, and tertiary goal. Well, that and not get caught.

But what is an AML or compliance team’s goal these days? I’ve talked to many of them, and it’s hard to get a clear answer. They have so many priorities. Regulations, team, costs, audits, reports, communications, processes, technology, change management. The list is endless. Where in the list of priorities is, you know, stopping as much financial crime as possible?

stay-focused-on-end-goal-5d4c1b.jpg Many institutions, unfortunately, haven’t put enough focus on crime fighting. 2021 was a record year for both AML fines and AML scandals. Every one of the institutions fined was compliant with the regulations. Just being compliant isn’t nearly enough to keep a bank safe from scandal. They actually need to combat crime. As simple and obvious as that sounds, we know how incredibly hard it is to do.

Hope for the future

Shifting the balance in institutions — to use the latest technology, prioritise speed and stay focused on crime — won’t be easy. It may look impossible.

The recent uptick in AML scandals has highlighted just how important this problem is. All financial institutions, regulators, and media are all actively working as hard as they can to find solutions. Finally, the opinions of talented AML teams, who’ve been saying the same things I’ve said above for years, are being seriously considered. And there’s tons of new technology emerging, from Salv and others, that can give financial institutions of all sizes a shot like never before.

As you can see, beating financial criminals is not all hopeless, and there are many things we can do to stay ahead of them. But you don’t have to rely on your in-house capabilities at all times. If you don’t want to waste your time and resources on building your AML and compliance systems from scratch, Salv can help. Book a demo a demo to discuss more with our team.

×
ISO/IEC 27001 logo
Aicpa logo
GDPR compliant logo
OWASP logo

We build security to our products and organisation from the start. We use security best practices (incl. ISO 27001, CIS etc.) to ensure that our security management system meets the highest standards.

Salv has an ISO/IEC 27001: 2022 certificate, as well as ISAE 3000 compliant SOC 2 Type 2 report.