Author: Joel Lange, EVP & General Manager of Dow Jones Risk & Research
The task of regulatory compliance has become a formidable challenge for global organisations. Ever-growing geopolitical tensions between the U.S. and China are continually changing the embargo landscape as the U.S. tries to gain greater influence over global trade and protect its supply chain. Meanwhile, businesses are continuing to play their part in limiting Russia’s economy and heavy industries. At the same time new technologies, such as virtual assets and cryptocurrencies, are helping those who seek to evade scrutiny, move money seamlessly and quickly around the world.
Compliance teams are on the frontline in the war against money laundering and terrorist financing and are arming themselves with cutting-edge tools to keep up with the pace of change. Implementing AI for compliance does, however, come with a range of challenges. Misinformation and disinformation are being deployed to deliberately hide the truth, ‘hallucinations’ have the potential to lead to incorrect business decisions, and auditability also poses a challenge. Here are some of the steps that firms should take when implementing emerging technologies into their compliance programs if they are to stand up to regulatory scrutiny.
Double down on data quality
Compliance is not the place to cut corners when it comes to data quality. Inaccurate or false information such as incorrect spellings of names, addresses and dates of birth could cause significant legal or ethical implications. Good data management is therefore a prerequisite for leveraging AI technologies successfully for compliance purposes.
One of the most tangible benefits of AI is its ability to achieve more at scale. However, screening names against larger lists can increase the likelihood of false positives that are time-consuming and costly to investigate. High-quality metadata is crucial to combat this issue. Secondary identifiers, including dates and places of birth, gender, original script names, addresses and company identification numbers can help disambiguate and offer confidence in the accuracy of a match.
Harness adverse media for an early-warning advantage
Alongside structured data sets, negative news screening is becoming an important part of the customer due diligence process, empowering compliance teams to spot potential problems as they surface. For example, since Russia’s invasion of Ukraine, multiple entities and individuals initially captured in risk-relevant news ultimately ended up on UK, OFAC and EU sanctions lists.
It is for this reason that industry bodies, such as the Wolfsberg Group, are recommending the use of Natural Language Processing in this capacity. By screening negative news at a global scale, compliance teams can get early warning signals of emerging risks before they materialise. With hundreds of thousands of news articles published in multiple languages and scripts every day, a human simply cannot work fast enough to process this volume of data.
Deploy compliance-ready AI
Misinformation and disinformation borne from Generative AI could pose significant risks to businesses, particularly when a decision has legal effect. Risk managers need “compliance-ready” AI capabilities to screen, monitor and make critical decisions more quickly.
Sophisticated technologies, and high-quality data sets, can help compliance teams go beyond name-matching against lists of sanctioned entities and provide further context to streamline background checks. We are also witnessing Generative AI technologies being used for enhanced due diligence on individuals and entities. With proper guardrails, large language models can extract and summarise vast volumes of information from disparate data sets, into a single, actionable report within minutes rather than days.
We are currently on the cusp of a wave of new regulations promoting responsible AI, which financial firms need to get ahead of. The UK’s response to its consultation lays out a pro-innovation and pro-safety approach, while the EU AI Act charts a path towards the adoption of safe, transparent and traceable AI. That traceability is non-negotiable in a compliance context. AI cannot operate as an opaque black box. All outputs must be fully auditable and sourced to a sentence level to ensure they can be easily reviewed and interrogated if necessary.
Keeping pace with the regtech revolution
AI is playing a pivotal role in countering money laundering and terrorist financing. However, there is a stark difference between the accuracy and provenance of generally available AI applications and purpose-built tools specifically developed for risk management professionals.
Ultimately, AI’s ability to extract value from high-quality structured and unstructured data will be a game changer for global businesses as they look to make faster and more accurate risk management decisions. In this new paradigm of AI-powered screening and monitoring, compliance teams no longer need to choose between speed, quality or coverage in their risk control efforts. Those that lag behind in this regard will find themselves falling short of the standards that regulators have come to expect.
