Banks, regulators, and enforcement agencies alike are struggling to keep pace with the rapid evolution of illicit finance.  Criminals are notably adept at circumventing financial and sanctions controls, rendering risk and compliance officers at a disadvantage.  Consequently, criminals will continue to amass large profits from illegal businesses as long as insufficient monitoring continues to exist. 


An important method in which to combat illicit activities and identify perpetrators is to uncover the money trail, a method referred to as “follow-the-money.”  Launderers and financial facilitators use a range of techniques, and investigations can be complicated, requiring a competent compliance team and the leveraging of advanced data science. 


Without a coherent strategy to combat illicit finance, today’s financial institutions are doomed to a "bolt-on vendor" approach, unable to move beyond siloed mitigation. A host of newly-emerging technology firms are bringing forward holistic solutions to derive wisdom from a universe of data, building custom workflows that interact with artificial intelligence (AI) to help battle threats, lower risk, improve performance and streamline operating costs.




  1. What is KYC, AML and Sanctions Compliance?

  2. Curbing Financial Crime

  3. What Makes a Jurisdiction Attractive to Criminals

  4. What are the Personality Traits of Bad Actors?

  5. Banks Still Saddled with Large Compliance Fines

  6. Financial Institutions Looking to Strengthen Compliance Efforts

  7. Using Cutting-edge Artificial Intelligence




The act of monitoring for money laundering, sanctions evasion and the financing of terrorism is a massive compliance burden for banks.  Illicit actors are extremely savvy at adapting to new controls, finding creative ways to sidestep blockages using creative techniques and innovative money-transfer mechanisms, methods such as barter and re-routing transactions through third countries that might serve as a transit point or nexus for activities of concern. In the majority of cases, banks play a crucial, however often unwitting role in facilitating these illegal payments.   


As such, Know-Your-Customer (KYC) is the cornerstone of any effective risk-management platform.  To satisfy KYC requirements, financial institutions must employ appropriate Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) processes to reveal a prospective and ongoing account holders’ profile, highlighting who they are, what they do, connections to various businesses, links to questionable activities, and their risk rating at any stage during the relationship.  By maintaining a robust KYC program, financial institutions early on can identify an entity’s sensitive touch points with activities and countries of concern.


In addition to the CDD and EDD processes, regulators require financial institutions to conduct periodic (monthly, quarterly, annually) ongoing-transaction-monitoring (OTM)  in accordance with the customer’s risk score and the bank’s risk tolerance, to be employed during the customer’s entire life cycle.  As anti-money laundering (AML) regulations seek increased consistency, organizations are wisely taking a holistic approach to the way they manage their risk. 




In addition, financial institutions are continuously looking to ramp up their digital risk intelligence and investigations capability to better protect themselves from financial fraud.  As such, high-value intelligence might include the discovery of compromised debit and credit cards, bank accounts and membership reward points, and most importantly the methods used to acquire this information.  When committing financial crimes, bad actors might look to employ phishing pages, banking trojans, ATM hacking tools, and card skimming tactics to exploit account holders and banks more broadly.


Financial institutions are increasingly looking to augment their effort to combat such risks by outsourcing this function to technology firms specializing in conducting proactive cyber-related investigations.  Such firms mine for illicit or questionable content of interest by leveraging non-traditional datasets, including the surface, dark and deep webs, as well as social media, encrypted communication channels, and peer-to-peer networks to conduct enhanced due diligence, provide in-depth investigations into financial fraud, and track for internal risk.  Such cyber-enabled research and investigations include, but are not limited to, the following:


  • Conduct ongoing monitoring of data to identify cyber exploitation, financial crimes, and the theft as well as leaks of sensitive information.

  • Investigate whether personally identifiable information (PII) such as cell phone numbers, social security numbers and physical addresses have maliciously been exposed on the internet. 

  • Identify whether P2P-related files associated with the financial institution are connected to IP addresses in countries of concern.

  • Determine any trends in references to a financial institution that might suggest an increase or decrease in threat levels, to include a notable presence among social media and messaging application platforms.




The United Nations, and more recently Thomson Reuters, estimate that 2-5 percent of global GDP is laundered on an annual basis, mostly through the formal financial system, representing about $2 trillion on the upper end of the spectrum (United Nations Office on Drugs and Crime.  The following key indicators signal a higher likelihood that money laundering and other financial crimes might be prevalent.


  • An important feature for becoming a center for illicit financial flows is simply being a rich country, so that launderers can co-mingle both honest and illegal funds and therefore avoid detection.

  • Financial facilitators also seek to exploit poorer countries with lax AML laws and a high level of corruption, typically serving as transit countries for illegal proceeds.

  • Bad actors may also look to jurisdictions that include higher proceeds derived from crime, cash-based economies, extensive financial expertise, a large flow of trade to help conceal illegal activities, the existence of a large gaming industry, sharing a physical and cultural proximity with a “high-crime” country, a large shadow economy, sizable resources such as energy that may attract foreign direct investment from both legal and illegal funds, and a high volume of remittances.


Larger volumes of financial transactions, particularly in the formal banking system, indeed imply larger risks of laundering and sanctions evasion.  To circumvent controls, proliferators, for example, have long used the international financial system to purchase and sell illegal or dual-use goods, with most proliferators often using trade-finance methods used in legitimate commerce such as letters of credit.  In such cases, individuals may mask transactions by employing cover names or falsifying documentation.  The term proliferation finance is used to describe financial tools and tactics that individuals and companies employ to transport goods in support of sensitive nuclear, missile, chemical and biological programs.  A typical proliferation network consists of an importer, exporter, banks and often intermediary entities.


Turning to offshore, trillions of dollars are held in offshore accounts--the large majority a result of legal activity--and many offshore banks (not all) will continue to do what they judge to be in their best interest, i.e. protecting the privacy of clients and offering safe havens for the funds of almost anyone, including those derived from illegal proceeds.


Moreover, emerging money-laundering tactics such as the use of blockchain-based digital currencies are further complicating the compliance process.  In this digital realm, the same crimes are still taking place, i.e. spear-phishing, sidestepping regulations, drug sales, human trafficking, and small-scale money laundering, and sanctioned countries cut from SWIFT could begin to rely more heavily on virtual currencies to facilitate their more sensitive activities.  Virtual currencies render illicit transactions hard-to-track, allowing individuals to circumvent the traditional transaction settlement system.  Fortunately, unbeknownst to criminals, bitcoin and many other cryptocurrencies are becoming more and more traceable by law enforcement, helping to alleviate some of these concerns, and new “good practice” AML standards for digital assets and distributed ledger technologies are being formed.




There is no single defining characteristic for an illicit actor, other than individuals in the upper echelons of a criminal network typically are motivated by power and money, whereas those in the lower ranks are primarily motivated by money alone.  The factors that drive illicit behavior are more influential, i.e a product of culture, economics and politics, rather than based on a specific personality type.  For example, illegal activities might be more prevalent within developing countries, where honest profit is more difficult to achieve due to corruption, class, and a lack of opportunities.  In such cases, it is easy to transfer back and forth between licit and illicit activities, where the lines are blurred and law enforcement is weak.  Illicit actor characteristics might also differ based on the activity, for example the profile of a money launderer is typically different than a lower-level operator smuggling narcotics.


Illicit actors might also engage in criminal behavior due to social connections, a skillset learned while in prison and/or the individual’s professional background.  For example, criminals engaged in the illegal trade of exotic animals typically have a wildlife background.  Money launderers regularly have an in-depth understanding of financial systems and decide to use their expertise to generate a higher level of income at significantly greater risk.  Blue-collar criminals such as Mara Salvatrucha gang members, more commonly known as MS-13, might become heavily influenced and learn their trade while in prison.


Another question is to what degree the implementation of sanctions might produce illicit actors.  In many cases, under sanctions, previously licit activities become illegal at the stroke of a pen.  As such, legal activities become illicit without any change to the business or individual.  Such individuals probably do not consider their activities wrong or immoral.  As a consequence, individuals previously involved in shipping legitimate goods will find themselves falsifying documents and circumventing international laws, as providing food and shelter for one’s family becomes paramount.  




Penalties against banks, even for small violations, have spiked in recent years as financial regulators extend their reach.  During the past decade, the headcount for compliance officers across the globe has grown significantly following massive penalties charged against banks for connections to corruption, money laundering and sanctions busting.  Banks are faced with an overwhelming volume of transactions, and a financial institution that fails to install an effective KYC/AML program exposes the bank and broader financial system to questionable activities. Banks around the globe have committed to an uptick in spending to improve KYC/AML controls in the wave of alleged compliance lapses that since 2008 have rocked a number of banks.  The following highlights some staggering compliance-related figures and penalties:


  • Since 2008, regulators have fined financial firms more than $28 billion for AML and sanctions violations.

  • Mega banks have been hit with massive fines in the hundreds of millions and even billions of dollars for sanctions and AML violations, and in turn have significantly ramped up compliance personnel and budget.

  • As of late-2018, a major international bank employed tens of thousands of compliance, risk and other control-related officers, representing about 15 percent of its workforce.

  • Nordic banks, for example, have committed to an uptick in spending to bolster AML controls, fueling a significant rise in operating costs.

  • And to save the most astonishing for last, a French bank in 2015 faced a still record fine of $8.9 billion for sanctions violations for dealings with Cuba, Iran, and Sudan.


As a result of these financial burdens, many banks are rethinking their compliance posture, evaluating how to improve efficiency while lowering costs, with many institutions leaning towards deploying innovative approaches such as “outsourcing” their compliance functions.  




Identifying suspicious behavior among a large volume of account holders and massive quantities of information, often using manual processes, is a daunting task.  Many financial institutions, even banks that are several years into their compliance-boosting efforts and have thrown thousands of people and countless dollars at the problem, are now looking to increase efficiency and lower costs, in part by deploying automation and cutting-edge data science.  In late-2018, American regulators urged banks to use “innovative approaches” such as artificial intelligence to strengthen AML controls. Most banks are just at the start of this journey, and the way forward will be challenging.  For example:


  • For many banks, data is still captured via structured and unstructured vehicles, to include email, paper documents, transaction data, and so on, typically siloed within a bank’s back- and middle-office functions.

  • The act of relying primarily on a large staff to manually identify and examine suspicious activity is costly, prone to errors, requires extensive training and continual monitoring of regulations, and in some cases is unsustainable, regardless of how skilled the pool of officers may be.

  • False positives prevent compliance officers from committing time to investigating genuine suspicious activity.

  • When standard searches result in significant volumes of data, it can be difficult to ascertain right away what is relevant to a financial institution.

  • The sheer volume of customers and transactions complicates the compliance effort, enabling launderers to hide among the terabytes of data, ensuring that some bad behavior remains undetected.




In a KYC/AML best-practice environment, global standards are harmonized; the formatting of data is made uniform; tedious processes are automated; banks share risk-related information, both internally and amongst each other, so that decision-making is not made in silos; and the ability to detect illicit behavior is accelerated exponentially by leveraging cutting-edge technologies, namely the most advanced artificial intelligence.  Many regions have already taken initial steps to pivot in this direction.  Most banks are already using some form of software to screen prospective clients and transactions against various watchlists.  Emerging advanced technologies, however, can achieve much more.  A more robust monitoring program that includes machine learning, and even its more cutting-edge subfield organic learning, enables the enrichment of data capture on a completely new scale.  For example:


  • With superior data science, the machine can leverage historical knowledge and automatically adjust thresholds to reduce a bank’s false positives;

  • By electronically crawling a bank’s transaction data and publicly available information, such platforms can help identify illicit activities and draw associations that almost certainly would have dodged a compliance department’s manual effort; and

  • AI-based solutions harness insights from multiple sources of data; both structured and unstructured, transaction data, email and the internet, to include both the surface and dark webs; helping to strengthen monitoring and reduce costs, in part by automating many of the more mundane functions that banking officers typically perform on a manual basis.


These tools are meant to augment a bank’s KYC and AML program, in part by revealing pieces of information that you may not have realized were important to you, i.e. identifying both the known and the unknowns, drilling down into content as necessary and following that trail of breadcrumbs to an answer that ultimately provides you with actionable insight.  Highly advanced tools also require less data and time to “train” the computer, which is accomplished simply by using a technique called “supervised learning,” feeding the machine case data that had previously been categorized as “valid” money-laundering and sanctions-evasion transactions and also identifying those cases that had been triggered but ultimately deemed false.


  • More specifically, the most advanced data science can understand context, style, sarcasm and intent within the data and can make intuitive leaps, much like a person.

  • It can detect sentiment, syntax and dialects, and in today’s modern era of communication, can understand the use of special characters, emojis and slang to discern the full meaning of a message.

  • Within a bank’s back office, for example, advanced platforms will greatly enhance link analysis, identifying the hard-to-see patterns in data, uncovering suspicious networks and drawing nuanced connections to illicit behavior, despite the use of broken language or conflicted messaging.

  • Such advanced analysis could be extremely helpful in complying with the US and EU’s beneficial ownership provisions by easing a compliance officer’s ability to highlight more complex relationships. 


By adopting AI-enabled tools, banks can reap invaluable benefits such as minimizing the risk of large regulatory fines, on-boarding clients more quickly and effectively, improving in-depth investigations and significantly reducing compliance-related costs for the institution, all of which better defend a bank when regulators inevitably find the needle buried deep within the haystack that previously went undetected.  Moreover, with the help of AI-enabled monitoring, human analysis can better assess the financial hubs being exploited and methods in which financial crimes are being perpetrated, all while reducing false positives and decreasing the risk of a compliance failure.  


Read our White Paper entitled Banking Sector: Curbing Illicit Finance with Artificial Intelligence (November 2019)