The scope and importance of legal obligations by financial institutions are increasing day by day. Compliance with a large number of regulations in many different fields also creates a pressure factor by the obliged institutions when the reputation risk and the social benefit that will be created by complying with these obligations are taken into account, as well as the fulfillment of legal obligations. One of the important topics among these obligations is the activities carried out to prevent money laundering and financing of terrorism. Among the activities within this scope, the processes carried out for the detection, investigation and reporting of suspicious transactions to the legal authority have an important place.
Suspicious transaction reporting processes also carry some risks in terms of obligors. Late reporting or non-reporting of a suspicious transaction carried out by the obligatory institution to the legal authority may pose the risk of facing serious fines for the institution in question. In addition to the fine, this situation also poses a reputational risk for the organization that faces such a penalty. Today, factors such as the diversity of financial products, increasing cooperation between financial institutions, and the risks posed by technological developments complicate the efforts to prevent the financing of crime revenue and terrorism. Observing these transactions and applying the necessary procedures becomes a challenging task by the obliged parties, who have millions of customers and carry out a large number of national and international transactions every day. Monitoring of this scale can only be achieved with adequate human resources and technology investments. This reveals the necessity of transferring a serious resource to this field by the obligatory institutions in question.
Usage of Technology
Today, many financial institutions use software tools to detect suspicious transactions in order to manage these risks. The warnings generated as a result of the scenarios and risks defined in the software are evaluated by the relevant expert teams, and the suspicious ones are reported to the legal authority. While these studies are being carried out, it is expected that both the detection of suspicious transactions that need to be reported and the intersection of these transactions at the optimum point can be managed in accordance with the workforce and risks, and it is a challenge for financial institutions to catch the stated optimum point. It is important to create a warning that will enable the detection of suspicious transactions but to ensure that the warnings can be carried out with the existing workforce and that the warnings described as false positives are kept at a low level. At this point, it has been observed that artificial intelligence (AI) and machine learning (ML) applications have increased in recent years in order to ensure that the processes for suspicious transaction detection are carried out more effectively. It is aimed to provide benefits within the scope of harmonization activities, especially in terms of detecting suspicious transactions and effective use of the workforce in the millions of transactions carried out by organizations responsible for artificial intelligence and machine learning.
Wolfsberg Group Principles
The Wolfsberg Group, a group of 13 global banks that aims to develop frameworks and guidelines for the management of financial crime risks, particularly in relation to customer recognition, anti-money laundering and terrorism financing policies, published the Wolfsberg Principles for Using Artificial Intelligence and Machine Learning in Financial Crime week. Accordingly, it is stated that the Wolfsberg Group supports the use of artificial intelligence and machine learning in financial institutions' AML programs. It is also emphasized that it is critical to consider data ethics during the execution of these processes. It should be noted that in this way;
- Customer and transaction data related to products and services by financial institutions can be analyzed holistically
- Potential criminal activities will be identified more effectively
- Financial crime control activities will allow more focus on customers and high-risk transactions, and manual reviews
- Transaction delays and unnecessary inquiries can be reduced. is being drawn.
However, it is also emphasized that financial institutions should understand the potential impact of these technologies before using them and ensure that they result in fair, effective and explainable results. The 5 principles published by Wolfsberg Group on data ethics to financial institutions in possible AI and ML applications based on current regulatory, sectoral and academic resources are given below.
1. Legitimate Purpose
Financial institutions' AML programs are committed to helping maintain the integrity of the financial system while achieving legal requirements and fair and effective outcomes. Responsible use of advanced technologies such as AI/ML, and the volume and type of data necessary for them to be effective, require financial institutions to understand and counteract the possibility of data misuse or misrepresentation and any bias that may affect the results of AI/ML implementation. An important consideration for financial institutions implementing AI/ML is how to integrate an assessment of ethical and operational risks into their risk governance approach. In addition, data in AI/ML solutions should not be used outside of the legitimate purpose of financial crime compliance to support other activities without additional review within the scope of financial institutions' data and risk management framework.
2. Proportional Use
Financial institutions must ensure that in the development and use of AI/ML solutions for AML compliance, they balance the benefits of use with the appropriate management of the risks that may arise from these technologies. In addition, the severity of potential financial crime risk must be properly assessed against the margin of error of any AI/ML solution. Financial institutions should implement a program that regularly validates the use and configuration of AI/ML and ensure that data usage is legitimate and proportionate to the intended AML compliance purposes.
3. Design and Technical Expertise
To avoid ineffective financial crime risk management, institutions should carefully control the technology they rely on and understand the implications, limitations, and consequences of its use.
Teams involved in the creation, monitoring, and control of AI/ML should consist of personnel with the appropriate skills and diverse experience needed to identify bias in results. The design of AI/ML systems should be guided by a clear definition of intended results and ensure that results can be adequately explained or proven given the data inputs. Senior stakeholders within the financial institution should have sufficient knowledge and understanding of AI/ML tools and their risks and benefits to make informed decisions about when and how to use such technologies. Financial institutions should include a well-designed program of ongoing testing, validation and restructuring to review AI/ML results based on the intended purpose and these principles.
4. Accountability and Oversight
Financial institutions are responsible for their use of AI/ML, including decisions based on AI/ML analysis, regardless of whether AI/ML systems are in-house or outsourced.
They should train their staff in the appropriate use of these technologies and consider oversight of their design and technical teams by those with specific responsibility for the ethical use of data in AI/ML, which may be through existing risk or data management frameworks, and establish processes to investigate data usage in their organizations.
5. Openness and Transparency
FIs should be open and transparent about their use of AI/ML, consistent with legal and regulatory requirements. However, care must be taken to ensure that this transparency does not facilitate the evasion of the industry's financial crime capacities or inadvertently violate reporting confidentiality requirements and/or other data protection obligations.
Financial institutions should consider engaging with regulators and educating customers on the risks and benefits of using AI/ML to prevent and detect financial crime.
Considering that AI/ML applications are starting to find more use in all areas of life due to technological developments, it can be said that it will gradually become more effective in the execution of compliance processes. Financial institutions will also be able to benefit from published guidelines and good practice examples in their investments and activities in this field. In this sense, the principles published by the Wolfsberg Group are a good guide for financial institutions.