Why Thinking Like the Criminal is the Best Way to Design Effective Technology

While society becomes increasingly digital, criminals are developing innovative ways to take advantage of new technologies in order to launder money

Global money laundering transactions are currently estimated to represent as much as 5% of GDP, or US$3 trillion, funding crimes such as terrorism, corruption, tax evasion and drug and human trafficking.

Technology is becoming smarter and by having access to these smarter tools, criminals are often one step ahead. The growth of social media, peer-to-peer platforms and online banks is likely to continue to impact hugely on the convenience and ease of transactions between individuals, while simultaneously providing new opportunities for fraudsters. Currently, around 1.2 billion transactions are carried out daily at high-speed, making it incredibly difficult for fraud investigators and compliance officers to identify those that are illicit.

With the issue of cybersecurity becoming increasingly prevalent in recent times— the Equifax data breach, for example, affected approximately 700,000 people in the UK— organisations have had to develop their security strategies. Businesses are employing hackers known as ‘white-hat hackers’, paid to attempt to compromise network infrastructure and report weaknesses to the organisation. In these instances, adopting the mindset and tactics of the criminals is enabling companies to design more effective defensive measures and create better strategies to protect themselves against future attacks. This tactic of better understanding the way criminals think is one that should be emulated by the financial industry to more effectively combat financial crime.

The current state of play

In the UK, the financial industry collectively employs 11,500 full-time equivalent staff in financial crime roles, spending around £650 million annually in dedicated staff time to combat fraud, laundering and other financial crimes. Despite this, only 0.2% of the US$4 trillion of illicit funds in circulation stands a chance of ever being fully recovered by the authorities.

Current defences against white-collar crime have predominantly consisted of reactive compliance technology. Incumbent Transaction Monitoring Systems (TMS’s) are designed to detect basic rules and situations which are comprehensively known by the criminals. Groups carrying out financial crime utilise highly sophisticated tactics and complex networks of corporate and relationship structures, and easily avoid detection by these relatively simple compliance systems. Moreover, because financial institutions are increasingly penalised for failing to detect financial crime, TMS’s are set up to find as many instances of crime as possible, leading to high false positive rates, often above 99%. This frequently results in a backlog of alerts, causing investigations to be delegated to process-driven investigators.

The criminal methodology

The role of a compliance officer needs to alter in order for the fight against money laundering to be successful. Currently, this role is built around making sure an organisation is compliant with anti-money laundering measures, and allows banks to view anti-money laundering (AML) strategies as simply a box-ticking exercise.

The most successful money launderers have expert knowledge about the financial institutions in which they operate, and consequently are able to make use of the most effective measures, as well as possessing the ability to develop infinite new ways to transfer funds illicitly. Weaknesses they are likely to exploit include poor moral philosophies within companies, sub-standard internal controls or technology such as weaker AML systems, and inadequate levels of supervision or training.

Strategies for change

Banks need to take a new approach to tackling financial crime whilst overcoming compliance challenges. As criminals get smarter, banks need to stop applying basic rule-based approaches to their detection and start monitoring criminal activity as a network. Banks should combine both internal and external data to gain comprehensive context around businesses, individuals and transactions, and the connections between them. These measures must be AI and machine learning enabled to thoroughly understand data around the criminals and identify links.

Only by acknowledging the tactics and measures utilised by criminals, thereby comprehending the mindset of the fraudster, can banks begin to take steps towards making real change and gain a greater understanding of context within their data.

About the Author

Jamie Hutton is Chief Technology Officer at Quantexa. Powered by cutting-edge AI technology, Quantexa is the underlying fabric that connects and analyses your data to solve real-world problems.