Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk //

Compliance

2/27/2019
02:30 PM
Eric Winston
Eric Winston
Commentary
50%
50%

Stay Ahead of the Curve by Using AI in Compliance

Although human oversight is required, advanced technologies built on AI will become pivotal in building safer financial markets and a safer world.

A decade since the global financial crisis of 2007–2008, the nature of risk that financial institutions face has remained at levels that continue to concern global financial institutions and financial analysts. Two things are contributing to this situation: the fact that financial firms operate in an increasingly interconnected, digital world where the rules around compliance are constantly being tested by the threat of cyberattacks; and the diverse, sometimes conflicting global data regulations and vulnerabilities associated with the open and collaborative nature of the Internet of Things.

As a result, regulators, compliance officers, and businesses are up against considerable odds to deliver compliance in a climate rife with the near-everyday possibility of cybercrimes, attacks on personal data, and challenges to the foundations of national and international financial stability.

In such an environment, the various constituents are seeking access to a set of clearly stated compliance rules that are as iterative, quick-moving, and responsive to changing circumstances as today's global financial market itself. This is moving several financial sector players to turn their attention to next-generation tech solutions to track, manage, and better prepare their institutions for the kind of unforeseeable and potentially catastrophic risks that today's interconnected and "always-on" world poses.

Built on a backbone of advanced technologies such as artificial intelligence (AI) and machine learning (ML), these solutions, with their unsurpassed capacity to reliably analyze reams of data, offer compliance teams the ability to, in real time, both quickly quarantine suspicious activity and swiftly approve safe financial transactions.

Money-laundering estimates indicate that "dirty money" accounts for 2%–5% of global GDP per annum, or up to $2 trillion of global GDP in current US dollars. 

Researchers at RMIT University in Melbourne, Australia, are reported to be helping the country's financial intelligence agency — the Australian Transaction Reports and Analysis Centre (AUSTRAC) — to find and stop suspicious financial activity, including money laundering, by implementing AI/ML tools.

With black money worth about $4.5 billion said to be circulating in the Australian economy annually, AUSTRAC is reported to have been struggling in recent years to keep up with the sheer volume of transactions it needs to scour. As a result, it partnered with researchers from RMIT to set up an AI-enabled ML system to accurately identify suspicious-looking financial activity across potential nefarious transaction patterns. 

Contrary to previous detection systems, the new AI-driven systems empower the financial intelligence agencies to spot suspicious patterns across millions of transactions even when they are hard to trace back to specific individuals. It does this by feeding the ML system with previously gathered data as well as insights procured from the analysis of money-laundering networks, which helps AUSTRAC substantially reduce the volume of transactions it needs to sift through.

Similarly, HSBC (along with Europe's other large banks) has been moving toward adopting AI-based software to help improve its anti-money-laundering (AML) processes in the wake of heavy fines that several financial institutions have had to pay for failure to; prevent money-laundering activities. For example, HSBC is partnering with a Silicon Valley-based AI startup, Ayasdi, to boost the efficiency of its AML investigations by replacing manual processes with automated ones. In a pilot of the startup's AI technology, HSBC saw a 20% drop in the number of false-positive financial transactions investigations (without reducing the number of cases taken forward for closer study) — a crucial win for the bank as it continues to drive adoption of next-generation technologies to lower risks while also lowering costs. 

As financial compliance requirements grow in complexity in response to the threat of attacks on financial institutions, it is clear that advanced technologies such as AI and ML as well as natural language processing will continue to play a leading role in helping financial organizations better meet their regulatory obligations. With speed and accuracy being essential requirements to both maintain compliance and prevent the possibility of financial fraud/crime, these technologies uniquely qualified to help financial compliance teams fulfill their pressing daily requirements.

Although human oversight is required for the final calls that financial institutions may need to take regarding the blocking or quarantining of suspicious activities, it is clear that advanced technologies built on AI will become pivotal in the endeavor to build safer financial markets and a safer world.

Related Content:

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Eric Winston is the Executive Vice President, General Counsel, and Chief Ethics and Compliance Officer responsible for Mphasis' global legal and compliance function and policies. He has spent nearly 20 years guiding international market-leading public and private equity-owned ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Windows 10 Migration: Getting It Right
Kevin Alexandra, Principal Solutions Engineer at BeyondTrust,  5/15/2019
Artist Uses Malware in Installation
Dark Reading Staff 5/17/2019
Baltimore Ransomware Attack Takes Strange Twist
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12198
PUBLISHED: 2019-05-20
In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header.
CVE-2019-12185
PUBLISHED: 2019-05-20
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web r...
CVE-2019-12184
PUBLISHED: 2019-05-19
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136.
CVE-2019-12173
PUBLISHED: 2019-05-18
MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.
CVE-2019-12172
PUBLISHED: 2019-05-17
Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.