AML and AI: How AI is Changing the AML Landscape

As financial crime evolves, regulators and financial institutions alike strive to refine their risk-based approach to AML. The vast amounts of data involved in AML compliance, and the increasing complexity of criminal methodologies, mean that financial institutions must constantly find new tools to meet their regulatory obligations. With this in mind, artificial intelligence (AI) technology is becoming critical to the financial compliance landscape. Firms around the world are discovering that AI tools can help them enhance their compliance performance by detecting risks and criminal connections that manual, siloed compliance tools often miss. 

To help your business harness the power of AML AI compliance, we’re taking a look at global regulatory perspectives on its implementation, along with some best practice use cases.  

FATF Recommendations: AML, AI and Machine Learning

The Financial Action Task Force (FATF) focused on AML AI compliance tools in a 2021 publication on the Opportunities and Challenges of New Technologies for AML/CFT. The document defined AI as the use of “advanced computational techniques” to “perform tasks that typically require human intelligence, such as recognizing patterns, making predictions, recommendations, or decisions.”

In the publication, the FATF examined the power of AI to help firms analyze and respond to criminal threats by adding automated speed and accuracy to the compliance process, and helping firms categorize and organize relevant risk data. The FATF highlighted machine learning, a subset of AI, as having significant AML/CFT potential. This is because machine learning can be used to train computer systems to “learn from data” without the need for extensive human intervention. 

The FATF emphasized the power of machine learning systems to detect “anomalies and outliers” and to refine compliance inputs in order to “improve data quality and analysis”. For example, deep learning algorithms within machine learning-enabled compliance tools would be to perform a compliance task repeatedly, learning from the results in order to make accurate decisions about future inputs. Similarly, machine learning systems can use fuzzy logic techniques to reduce false positives during customer name-matching in foreign languages: the systems recognize incomplete or ambiguous (fuzzy) inputs and then make logical decisions about the relevance of those inputs. 

With that potential in mind, the FATF has suggested numerous ways that AI and machine learning tools might be implemented in an AML/CFT solution, and used to facilitate critical compliance tasks such as:

• Customer identification and verification
• Transaction monitoring
• Identification and implementation of regulatory updates
• Automated data reporting

AI and AML: Global Regulatory Perspectives

Global regulators are also exploring the potential of AML AI tools. The following represent some of the key regulatory perspectives from around the world: 

UK – The FCA and AML AI 

The UK’s Financial Conduct Authority (FCA) released a report on the use of AI in financial services in 2022, concluding that regulators and financial institutions should “monitor and support the safe adoption of AI in financial services”. The FCA noted that certain factors, such as the Covid-19 pandemic, had accelerated the use of AI in the UK’s financial services infrastructure, and that firms should consider its AML/CFT impact carefully as a result. When integrating AI systems, the FCA suggested that financial institutions should:

• Consider the impact of new and in-development AI applications, including regular assessments of their compliance performance, clear explanations of their risks, and a sign-off process for their introduction 
• Ensure the benefits of AI applications are commensurate with their complexity and any potential compliance challenges that they may bring 
• Measure the impact of AI applications on consumers and manage any new risks that they generate 

Germany – BaFin and AML AI

Germany’s financial regulator, BaFin, has conducted several consultations with financial services companies in order to examine the AML/CFT impact of AI systems. In its 2019 report, Big Data Meets Artificial Intelligence, BaFin acknowledged that AI could “improve the detection rate of anomalies and patterns, and thus increase the efficiency and effectiveness of compliance processes, such as money laundering detection or fraud prevention”. BaFin also acknowledged that regulators must be able to examine the algorithms of AML AI compliance solutions and potentially introduce minimum supervisory requirements for this purpose. 

BaFin followed up with a 2022 report, Machine Learning in Risk Models, which specifically focused on the AML/CFT applications of machine learning tools. The regulator acknowledged that machine learning was useful in helping financial institutions identify risk but, like AI applications, the “explainability” of machine learning methods within AML/CFT solutions was a crucial consideration. BaFin also stressed that supervisory requirements for machine learning methods “should be harmonized across Europe and uniform across sectors”.

Global AML Regulations

The global AML regulations landscape is diverse, but compliance is essential. Uncover the curated list of AML regulations.

Learn more

France – ACPR and AML AI

France’s  Autorité de Contrôle Prudentiel et de Résolution (ACPR) released a discussion document in 2020 entitled Governance of Artificial Intelligence in Finance. The discussion focused on the “explainability and governance” of AI and machine learning within financial institutions, and identified important factors that should shape their integration, including:

• Business process: Financial institutions should ensure that AI applications fulfill a critical business process or function 
• Human interaction: Both compliance employees and customers should be able to understand and interact with AI applications. Financial institutions should be aware of the potential biases and risks that human intervention with AI applications entails 
• Security: Financial institutions must consider how AI integration exposes them to new types of security risk and cyber-attack 
• Validation: Financial institutions may need to develop new procedures for validating AI applications, and ensure those processes are applied continuously. Similarly, AI applications should be thoroughly and continuously audited – by internal monitors and supervisory authorities 

Singapore – MAS and AML AI

The Monetary Authority of Singapore (MAS) set out its expectations for the integration of AI AML applications in its 2018 publication Principles to Promote Fairness, Ethics, Accountability and Transparency (FEAT) in the Use of Artificial Intelligence and Data Analytics (AIDA) in Singapore”s Financial Sector. Following MAS’ guidance, financial institutions should consider each of the four FEAT principles:

• Fairness: MAS notes that the use of AI applications should not disadvantage any groups or individuals. Firms must put internal governance frameworks in place to assess the justification for “AIDA-driven decisions”
• Ethics: Firms that use AI applications should ensure that they “operate in line with their ethical standards”. Those standards should be applied to AI applications as stringently as any other aspect of the service offering
• Accountability: Firms must demonstrate a clear system of accountability for the AI applications that they implement as part of their AML/CFT infrastructure. Any decisions taken as a result of an AI-based input must be based on an accurate understanding of that data 
• Transparency: Firms must balance the need to be transparent about the functionality of their AI applications with the need to protect AML/CFT effectiveness and to ensure they do not give criminals opportunities to exploit compliance blindspots  

United States – FINCEN and AML AI

Backed by federal regulators, the Financial Crimes Enforcement Network (FINCEN) issued a statement urging “depository institutions to consider, evaluate, and responsibly implement innovative approaches” when using AML AI applications. 

FINCEN recognizes the potential of AI applications to “better manage money laundering and terrorist financing risks while reducing the cost of compliance”. Accordingly, when integrating AI applications, US financial institutions should consider factors such as:

• The possibility that AI applications may enhance existing AML/CFT compliance processes
• The security risks and third-party risk-management issues associated with AI applications
• The compatibility of AI applications with existing AML/CFT compliance obligations 

AI AML Compliance Solutions: Key Considerations

The integration of AI applications within existing AML/CFT infrastructure needs to be assessed comprehensively. Key considerations for compliance teams include: 

AI and Adverse Media Screening

AI systems can significantly enhance adverse media screening processes, enabling financial institutions to make decisions about the results that they generate, and to categorize those results by the information that they contain. 

In particular, AI tools may be able to help financial institutions conduct adverse media screening without an (out-dated) reliance on keywords as part of manual (Google) internet searches. Machine learning algorithms may be able to make decisions about the relevance of news stories automatically, based on established data – adding speed and accuracy, and reducing the potential for false positive alerts. 

AI and Risk-Based AML

The risk-based approach to AML requires financial institutions to conduct individual risk assessments of their customers to determine the level of risk that they represent – and then deploy proportional compliance measures. 

With that in mind, AI and machine learning tools have the potential to enhance risk-based AML programs by assigning priority risk categories to customers during onboarding, and by screening for patterns, connections, and statistical anomalies in transactional activity that could have been missed by conventional monitoring.

Similarly, AI systems offer benefits for risk-based screening processes. Adverse media name searches, for example, may be informed by fuzzy logic in order to reduce false positives and ensure true positives are correctly identified. 

AI and Transaction Monitoring Thresholds

Firms may be able to use AI to intuitively set AML transaction monitoring thresholds based on an analysis of risk data. When a customer approaches or breaches an established threshold, machine learning tools may be able to make a decision about whether to trigger an AML alert based on what is known about the customer’s profile or their financial situation.