Managing financial crime risk in the age of open banking: 5 tips for compliance teams

According to Juniper Research, the combined value of open banking payment transactions is expected to reach $330 billion by 2027. As financial systems become more interconnected, businesses are experiencing a range of benefits, from lower transaction costs and accelerated data flow to the opportunity to penetrate new markets. However, a Veriff report found that fraud incidents in financial services increased by 21% between 2024 and 2025 and are likely to rise again, posing a major risk to the ecosystem.

Against this backdrop, what effective risk management strategies can compliance leaders implement when working with interconnected financial systems to ensure they don’t become a blocker for innovation? A webinar in ComplyAdvantage’s State of Compliance series addressed this challenge, featuring experts from our Regulatory Affairs team, LFP Risk Solutions, RedCompass Labs, and Kroll.

This article considers some of the key insights shared in the session, exploring practical approaches to balancing innovation with robust risk management:

1. Prioritize real-time transaction monitoring.
2. Choose the right technology providers.
3. Leverage AI and machine learning.
4. Commit to continuous improvement.
5. Access data privacy and regulatory compliance.

1. Prioritize real-time transaction monitoring

The transition to open banking has introduced an environment where transactions occur at unprecedented speeds, making real-time transaction monitoring a critical component of financial crime prevention.

“Disruption in financial crime is in part a function of disruption of the financial system. We have to keep our eye on that moving target.”

– Andrew Davies, Global Head of FCC Strategy at ComplyAdvantage

Traditional post-transaction analysis methods are no longer sufficient. Instead, financial institutions (FIs) must invest in systems that can analyze transactions as they happen, enabling immediate detection and response. Key strategies for enhancing real-time monitoring include:

• Behavioral profiling: By analyzing transaction patterns and spending habits, firms can develop a comprehensive profile of typical customer behavior. This allows them to spot anomalies that may signal fraud or other financial crime.
• System integration: Integrating various financial systems, such as crime detection tools and accounting ledgers, enables data cross-referencing, providing a holistic view that enhances the accuracy and effectiveness of monitoring efforts.
• Dynamic risk assessment: Regularly reviewing and updating risk profiles is essential to adapt to changes in customer behavior and emerging threats.

2. Choose the right technology providers

The right technology can significantly enhance an FI’s ability to detect and mitigate financial crime, while the wrong choice can leave it vulnerable to emerging threats.

“What is it we actually detect and stop? 1% of financial crime. As we’re fusing together instant payments and the money moves and disappears ever faster… we’ve got to fight back.”

– Jonathan Bell, President and Head of Client Relationships at RedCompass Labs.

With the proliferation of sophisticated fraud techniques such as synthetic identity fraud,  which the FBI highlights as a top threat, it is imperative to partner with providers that offer advanced detection capabilities.

FIs should seek out technology solutions that can identify such modern threats and are adaptable to their specific needs. This includes customization options that align with unique risk profiles, business models, and regulatory requirements. Agile and flexible technology is crucial as it allows for tailored approaches to financial crime prevention.

You don’t want to rely on a one-size-fits-all approach. Think about your specific risk profiles, your business models, and regulatory requirements. How can that technology be customized to fit what you need and what you’re looking for?

– Luisa Franco, Founder & CEO at LFP Risk Solutions

Scalability is another critical factor. As FIs grow, the technology they rely on must scale to handle the volume and complexity of transactions. Continuous monitoring and real-time reporting capabilities are also essential, enabling firms to quickly identify suspicious activities and comply with evolving regulatory expectations.

Managing financial crime risk in a world of open banking

Explore how firms can unlock open banking’s promise of transparency and innovation while implementing stringent and effective risk management processes.

Watch on-demand

3. Leverage AI and machine learning

Artificial intelligence (AI) and machine learning (ML) have become indispensable tools in the fight against financial crime, offering capabilities that surpass traditional methods. In the open banking environment, where vast data is generated every second, these technologies can analyze information at a scale and speed beyond human capacity.

There’s a real potential for banks to have access to vast amounts of additional customer and transaction data. To capitalize on more effective ways to identify risk and criminal behavior, they’re going to need to bring machine learning and artificial intelligence to the table in a meaningful way.

– Mike Bowman, Managing Director, Forensic Investigations & Intelligence at Kroll

To effectively leverage AI and ML, institutions should focus on:

• Advanced pattern recognition: Analyzing large datasets to identify patterns and anomalies indicating fraudulent activity, even when traditional methods fall short.
• Explainable models: Using adaptive ML models that improve over time, ensuring detection systems remain effective as financial crime tactics evolve.
• Efficiency vs. effectiveness: Automating multiple aspects of financial crime detection, such as flagging suspicious transactions and generating reports, thereby increasing efficiency and reducing the likelihood of human analyst burnout.

“Don’t assume that deploying more AI and machine learning into your transaction monitoring strategy will result in the bank having fewer alerts to manage… this is an effectiveness play more than it’s an efficiency play.”

– Mike Bowman, Managing Director, Forensic Investigations & Intelligence at Kroll

4. Commit to continuous improvement

As financial services become more interconnected through open banking, the need for holistic frameworks that integrate advanced technology with robust organizational practices has never been greater.

A key component is the commitment to continuous improvement. Criminals change their tactics rapidly; for instance, cyber-attacks now generate revenues for organized crime in excess of $1 trillion. Firms must regularly review and refine their risk management practices to remain effective, ensuring they are equipped to handle current and emerging financial crime threats.

We need to be mindful of crime types such as APP fraud, pig butchering, and emerging forms of drug trafficking. Although there are similarities, there are also differences in the patterns of these crimes. Therefore, it’s important to use the models carefully, validate and correct them as needed, and be prepared to respond as we receive alerts about these crimes.

– Jonathan Bell, President & Head of Client Relationships at RedCompass Labs

Collaboration and information sharing are also critical elements of a successful risk management strategy. By working together, FIs, regulators, and technology providers can share insights into emerging threats and best practices, creating a more unified and effective front against financial crime.

5. Address data privacy and regulatory compliance

Managing data privacy and ensuring regulatory compliance is critical in the open banking environment, where data is shared across multiple platforms and institutions. As FIs collect and process vast amounts of customer data, they must implement robust measures to protect this information from breaches and misuse.

You want your business to be synonymous with security and integrity. One of the things with open banking is that it’s very easy, and you can be very nimble in changing the app you’re using. Therefore, security, making sure you’re protected against fraud, and making sure you’re not working for an organization where products are being used for money laundering or some other predicate crime, helps differentiate your offering.

– Andrew Davies, Global Head of Regulatory Affairs at ComplyAdvantage

To address data privacy and regulatory compliance effectively, institutions should:

• Implement stringent data protection measures to protect customer information when it is shared across various platforms, preventing breaches and misuse.
• Regularly review and update practices to comply with new regulatory requirements on open banking and financial crime prevention. 
• Work with other institutions, regulators, and technology providers to share insights and strategies, improving the collective ability to manage risks and protect consumers.

“Keep it simple stupid… we try to overdo it sometimes and we tend to ignore the basics. Implementing robust access controls and strengthening API security are essential measures that cannot be ignored.”

– Luisa Franco, Founder and CEO of LFP Risks