Fighting criminal money: if the system is broken, let´s fix it


Almost 20 years ago, I was fortunate enough to chair the FATF (Financial Action Task Force on Money Laundering). It was a hard job, since we were in the middle of the process of blacklisting Non-Cooperative Jurisdictions. But it gave fruits: the combination of peer reviews (the so-called mutual evaluations), the blacklisting process (combined with a fast delisting when enough progress by dubious jurisdictions was achieved), and the framework of suspicious transaction reporting (STR) allowed for a deep change in the effectiveness of the fight against criminal money stemming from illegal activities.

More than 18 years later, I read the newspapers and wonder what went wrong: it is rare the day we do not see a new scandal engulfing the reputation of a major financial institution. For sure, banking culture issues are a crucial and painful part of the failure, as a G30 report reminds us these days. But at the same time, the hefty financial losses of the banks due to sanctions and the most difficult to measure but even more relevant loss of reputation, are far greater than any profits coming from these activities. Banks abide by an expensive compliance system that is ineffective in protecting their reputation. At the same time, Anti Money Laundering (AML) authorities are overburdened by STRs with little informative content. And, finally, developing countries assist to the disappearance of correspondent banking done by international banks due to the legal AML risks it entails.

So, what can be done to suppress the false positives and avoid the massive failures we are witnessing?

Firstly, we need to change the automatic and unilateral systems of AML reporting with a richer exchange of relevant information among banks and among these and AML authorities. This poses challenges for public authorities: in case of failure, the blame will be shared both by the banks and the authorities. But in exchange for this responsibility, AML authorities will increase the success rate in the prevention of these activities. On the side of banks, they may have to pour more smart resources, but at least the system, by being more effective, will protect them more effectively than the current one.

Secondly, we need to consider the use of ML/AI (Machine Learning and Artificial Intelligence) techniques to clean that forest of false positives stemming from STR. Instead of the myriad of reports with very limited informative content, a smart system of STRs using these techniques helps to clean the forest of false positives and target more effectively the relevant, fraudulent transaction. Once again, in exchange of investment in these expensive systems, AML authorities should be comfortable enough so they do not overreact when the smart STR system fails to deliver (which, probably, may occur).

Thirdly, in Europe we should reflect upon the failings of our prevention systems. Improving the compliance culture of banks is a given but let´s face it: we have a single financial market, but a fragmented AML system (a multiplicity of member states AML authorities and no single AML EU body) that is a bonus for money launderers. It´s obvious why criminals use small jurisdictions with poor resources and international transactions: it is optimal to do so! In other words, if Europe does not react and construct a single AML system for our single market, we will continue with the current situation, with the US AML authorities being the de facto EU AML authority.

To sum up, egregious failures in banking culture are, no doubt, one of the elements behind the failures we are witnessing in the EU. The industry needs to think deeply on how to stop these. But, at the same time, we should consider why a system that worked well in the past is not delivering results anymore. The ideas above offer some avenue to sort out the current impasse. These may be wrong, and other, better proposals may exist. But let´s face it: we need more imagination if we want to continue to be as effective as we were in the past. Our beloved AML/KYC system is broken, and we need to fix it.

Spanish version