Why thinking like a criminal is the only way to build your technology effectively

By Jamie Hutton, Chief Technology Officer at Quantexa
Financial crime is big business. Analysis estimates that there is anywhere between two and four trillion dollars’ worth of illicit funds in circulatio...

Financial crime is big business. Analysis estimates that there is anywhere between two and four trillion dollars’ worth of illicit funds in circulation globally at any time. The scale of the global financial system means that maintaining absolute oversight is a truly herculean task. With approximately 1.2 billion transactions taking place daily, it is incredibly difficult for fraud investigators and compliance officers to determine which of those are legitimate, from those that are associated with nefarious activity. Creating further difficulty is the speed with which transfers are conducted. A normal bank transfer takes place within fragments of a second, making it very easy for criminal activity to go unnoticed.


Reflecting the difficulty in tackling white collar crime, financial institutions have invested significantly in compliance, with anti-money laundering measures alone resulting in a global industry spend of around eight billion dollars in 2017. Much of this spending has led to the rapid deployment of assistive technologies. However, these efforts have been to no avail, with only an estimated 0.2% of the illegitimately derived capital in circulation ever being recovered. Evidently, a new approach is needed.

In the realm of cybersecurity, organisations are increasingly employing hackers to improve their digital security solutions. These individuals are paid to try and compromise network infrastructure, reporting back to the organisations with any vulnerabilities discovered. By adopting the mind frame and tactics of criminals, organisations can design defensive measures with them in mind, proactively defending against future attacks. This tactic should be emulated by financial institutions. They need to understand the mindset of the criminals to make marked improvements in the fight against white collar crime.

The current technological solutions

Despite the gargantuan sums of money now spent on compliance, there is still an overwhelmingly strong argument to suggest that the focus has been on regulatory compliance rather than the prevention of criminal activity. The reactive, sequential way in which compliance technology has been designed and implemented attests to this. Incumbent Transaction Monitoring Systems (TMS’s) are calibrated to detect basic rules and scenarios which are well understood by the criminals. The groups engaging in financial crime at any kind of scale or significance are extremely intelligent, making use of incredibly sophisticated tactics and complex webs of relationship and corporate structures. They will avoid the simple mistakes that the systems are looking for. Furthermore, with the sanctions for missing an instance of financial crime being significant, TMS’s are often set up to cast the net wide, resulting in a vast number of alerts with false positive rates well in excess of 99%. This often causes a large backlog of alerts, leading to investigations being outsourced to armies of process-driven investigators.

Outlook of a fraudster/money launderer

To truly combat money laundering, the role of a compliance officer must change. At present, the role is tooled toward ensuring that an organisation is compliant, with the technology being reflective of this. This results in an approach which is akin to box checking.

For a money launderer, the pressures are entirely different. For them, the price of failure could literally be a life or death matter. Resultingly, their task is one which is never ending, and they are constantly devising new and ingenious ways to transfer the funds. The best money launderers possess significant expertise about the financial system in which they operate, and as such understand the best methods to progress without attracting attention. Some specific vulnerabilities that they may seek to take advantage of include an unsatisfactory moral philosophy in a company, substandard levels of training or supervision, and inadequate internal controls and technology.

Re-tooling technology to help: Joining the dots

To address the more pressing money laundering risks, banks need to take a different approach, one that can interpret and risk assess these complex webs of activity then present them assembled and prioritised for investigation. Money launderers are not transactions; they are individuals. The existing TMS’s are (by their very name) transactional and, therefore, unaware of the true context.

A new approach is required that combines data from both inside and outside the bank to understand the true context surrounding individuals and businesses, as well as the relationships between them. These systems need to be AI and Machine Learning enabled so they can easily spot the complex patterns left by the criminals in the data.

The current system for tackling financial crime is incredibly inefficient, with less than a percent of illicit flows currently in circulation ever being recovered by the authorities. Contributing to this is the pressure placed on the banks, which results in them prioritising compliance over actively stopping financial crime. To truly stem the tide of illegal money, we must see an attitudinal change, one which acknowledges the methods and tactics used by criminals. This will be driven by new technology that can understand the context of all the data in order to think like the criminal.



Featured Articles

Rich investors drawn to digital assets despite crypto crash

The world’s wealthiest people are sold on the concept of digital assets, as a new survey shows they are being used to construct more resilient portfolios

Five minutes with: Katie Nykanen, Group CTO at QA

Katie Nykanen, CTO at QA, on being a role model for girls and young women and her hopes for the future

Big business bets on real-time data and event-streaming tech

By 2025, 90 per cent of the world’s largest companies will use real-time intelligence to improve customer experience and other areas, new research predicts

Mind your language: Is NLP a natural fit for the Metaverse?

AI & Machine Learning

Cyberattacks make a big difference to manufacturing profits

Cloud & Cybersecurity

ICYMI: Space blockchains and 6G predictions for the future

Digital Transformation