Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk //

Compliance

2/27/2019
02:30 PM
Eric Winston
Eric Winston
Commentary
50%
50%

Stay Ahead of the Curve by Using AI in Compliance

Although human oversight is required, advanced technologies built on AI will become pivotal in building safer financial markets and a safer world.

A decade since the global financial crisis of 2007–2008, the nature of risk that financial institutions face has remained at levels that continue to concern global financial institutions and financial analysts. Two things are contributing to this situation: the fact that financial firms operate in an increasingly interconnected, digital world where the rules around compliance are constantly being tested by the threat of cyberattacks; and the diverse, sometimes conflicting global data regulations and vulnerabilities associated with the open and collaborative nature of the Internet of Things.

As a result, regulators, compliance officers, and businesses are up against considerable odds to deliver compliance in a climate rife with the near-everyday possibility of cybercrimes, attacks on personal data, and challenges to the foundations of national and international financial stability.

In such an environment, the various constituents are seeking access to a set of clearly stated compliance rules that are as iterative, quick-moving, and responsive to changing circumstances as today's global financial market itself. This is moving several financial sector players to turn their attention to next-generation tech solutions to track, manage, and better prepare their institutions for the kind of unforeseeable and potentially catastrophic risks that today's interconnected and "always-on" world poses.

Built on a backbone of advanced technologies such as artificial intelligence (AI) and machine learning (ML), these solutions, with their unsurpassed capacity to reliably analyze reams of data, offer compliance teams the ability to, in real time, both quickly quarantine suspicious activity and swiftly approve safe financial transactions.

Money-laundering estimates indicate that "dirty money" accounts for 2%–5% of global GDP per annum, or up to $2 trillion of global GDP in current US dollars. 

Researchers at RMIT University in Melbourne, Australia, are reported to be helping the country's financial intelligence agency — the Australian Transaction Reports and Analysis Centre (AUSTRAC) — to find and stop suspicious financial activity, including money laundering, by implementing AI/ML tools.

With black money worth about $4.5 billion said to be circulating in the Australian economy annually, AUSTRAC is reported to have been struggling in recent years to keep up with the sheer volume of transactions it needs to scour. As a result, it partnered with researchers from RMIT to set up an AI-enabled ML system to accurately identify suspicious-looking financial activity across potential nefarious transaction patterns. 

Contrary to previous detection systems, the new AI-driven systems empower the financial intelligence agencies to spot suspicious patterns across millions of transactions even when they are hard to trace back to specific individuals. It does this by feeding the ML system with previously gathered data as well as insights procured from the analysis of money-laundering networks, which helps AUSTRAC substantially reduce the volume of transactions it needs to sift through.

Similarly, HSBC (along with Europe's other large banks) has been moving toward adopting AI-based software to help improve its anti-money-laundering (AML) processes in the wake of heavy fines that several financial institutions have had to pay for failure to; prevent money-laundering activities. For example, HSBC is partnering with a Silicon Valley-based AI startup, Ayasdi, to boost the efficiency of its AML investigations by replacing manual processes with automated ones. In a pilot of the startup's AI technology, HSBC saw a 20% drop in the number of false-positive financial transactions investigations (without reducing the number of cases taken forward for closer study) — a crucial win for the bank as it continues to drive adoption of next-generation technologies to lower risks while also lowering costs. 

As financial compliance requirements grow in complexity in response to the threat of attacks on financial institutions, it is clear that advanced technologies such as AI and ML as well as natural language processing will continue to play a leading role in helping financial organizations better meet their regulatory obligations. With speed and accuracy being essential requirements to both maintain compliance and prevent the possibility of financial fraud/crime, these technologies uniquely qualified to help financial compliance teams fulfill their pressing daily requirements.

Although human oversight is required for the final calls that financial institutions may need to take regarding the blocking or quarantining of suspicious activities, it is clear that advanced technologies built on AI will become pivotal in the endeavor to build safer financial markets and a safer world.

Related Content:

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Eric Winston is the Executive Vice President, General Counsel, and Chief Ethics and Compliance Officer responsible for Mphasis' global legal and compliance function and policies. He has spent nearly 20 years guiding international market-leading public and private equity-owned ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment:   It's a PEN test of our cloud security.
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7245
PUBLISHED: 2020-01-23
Incorrect username validation in the registration processes of CTFd through 2.2.2 allows a remote attacker to take over an arbitrary account after initiating a password reset. This is related to register() and reset_password() in auth.py. To exploit the vulnerability, one must register with a userna...
CVE-2019-14885
PUBLISHED: 2020-01-23
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information...
CVE-2019-17570
PUBLISHED: 2020-01-23
An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue...
CVE-2020-6007
PUBLISHED: 2020-01-23
Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.
CVE-2012-4606
PUBLISHED: 2020-01-23
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.