The rewards and risks for MSBs are big. The only way to maintain compliance, manage volume of work at a reasonable cost, and mitigate risks is to have the right culture and an analytics-driven compliance program. The right data analytics program which combines anomaly detection, network linking and predictive analytics can identify many money-laundering scenarios quickly and easily.
3. AGENDA
1. The Money Services Business (MSB) Market
2. Regulatory Environment
3. Common Crimes
4. Fines and Penalties
5. Challenges
6. Building a Successful AML Program
7. The Role of Technology
8. Data Analytics
9. Q&A
4. THE MSB MARKET
Worldwide, 230 million people send $500 billion in
remittances each year, primarily using firms like Western
Union, Moneygram, and RIA, which together control 1.1
million retail locations and account for more than 25% of the
world’s annual remittance volume.
5. EMERGING MARKET
1. Mobile money
2. P2P
3. Bitcoins
4. Social media apps (e.g. Facebook)
5. Others (e.g. Starbucks)
6. REGULATORY ENVIRONMENT
4 Pillars of BSA compliance
1. Compliance Officer
2. Tailored internal policies, procedures and controls
3. Ongoing, relevant training of employees
4. Independent Review for compliance
7. FINES AND PENATIES
Civil money penalty against American
Express Bank International and American
Express Travel Related Services Company
Inc
Civil money penalty against Thomas
Haider, Chief Compliance Officer and
Senior Vice President of Government
Affairs at MoneyGram
Civil money penalty against Ripple Labs
Inc. for acting as an MSB and selling its
virtual currency without registering with
FinCEN
8. COMMON CRIMES
1. Human smuggling
2. Narcotics trafficking
3. Terrorist financing
4. Elder abuse
5. Mail order bride
6. Heavenly offerings
Christopher Westphal, Data Mining for Intelligence, Fraud and Criminal Detection, 2009
14. END-TO-END AUTOMATION
70%-80% of your filing can be done without human
interactions
1. Detect reportable transactions
2. Aggregate the data
3. Complete the reports
4. Validate
5. Submit
6. Confirm
7. Evidence
15. DATA ANALYTICS
1. Getting the data right
2. Analytics
3. From monitoring to insights
4. Realizing the value
18. EXAMPLE
Standardizing
Best of Breed Record
Parsing
Source House Street Suffix City Zip
Code
State Country
234 Leader Ave, Denver, Colorado, 80327,
United States
234 Leader Ave Denver 80327 Colorado United
States
234 Leadr Avenue, Denver 234 Leadr Avenue Denver Colorodo
Leader St., Denver, USA Leader St. Denver USA
Source Number Street Suffix City Zip Code State Country
234 Leader Ave, Denver, Colorado, 80327,
United States
234 Leader Avenue Denver 80327 Colorado USA
234 Leadr Avenue, Denver 234 Leader Avenue Denver 80327 Colorado USA
Leader St., Denver, USA Leader Avenue Denver 80327 Colorado USA
Source Number Street Suffix City Zip Code State Country
234 Leader Avenue, Denver, Colorado, 80327,
USA
234 Leader Avenue Denver 80327 Colorado USA
19. VIRTUAL CUSTOMER ID
1. Fuzzy matching
2. A unique ID
3. This allows us to create a virtual single instance of the
customer
Virtual ID Name Address ID Presented Certainty
100900212 Andrew Simpson 234 TRELAWNEY CIRCLE
CONYERS
GA 30013
DL#0**~*33 100
100900212 Andrew Simpson 234 TRELAWNEY ROAD
CONYERS
GA 30013
95
100900212 A. Simpson DL#0**~*33 90
20. DRIVEN BY RISK ASSESSMENT
1. What to monitor?
2. Frequency?
3. Focus on highest risk
22. STRUCTURING
1. Multiple transactions by a customer across locations to
evade CTR filings
2. Individually below threshold but cumulatively above
Hints
Benefits from refined customer and
household data.
Exclude noise like PO Boxes, blanks,
or invalid addresses.
Make the time period for review a
variable (i.e.: don’t just use a day).
24. SMURFING
1. Multiple transactions by multiple customers across
locations to evade CTR filings
2. Individually below threshold but cumulatively above
3. May be to the same recipient
Hints
Isolate all the suspected smurfs, and
then examine receivers for trends.
Correlate the receiver with
information from your network
analysis.
25. FLIPPING
1. Receives a transaction and quickly resends or vice-versa
2. May keep a small portion (“fee”)
Hints
Make the timeline for the flip a variable and do “what-if” to see what works best.
Make a distinction between a fee taken or not. Then examine other inbounds that are not
flipped.
26. MULES
1. Sending from and receiving at the same location
Hints
Suggest you limit this to same location or city so as to not mix with
flipping.
Make a distinction between a fee taken or not. Then examine other
inbounds.
27. NETWORKS
1. Layering evidenced by a
collection of smurfing,
flipping, mules, etc.
2. Correlation between
senders and receivers
Hint
There are some good tools available to
do this. However you can achieve
something success with just summaries.
28. MULTIPLE CUSTOMER – SAME
ADDRESS
Hints
Benefits from refined data.
Exclude noise like P.O. Boxes, blanks or invalid addresses.
Prioritize by number of customers or amounts sent or frequency.
29. SINGLE CUSTOMER – MULTIPLE
ADDRESS
Hints
Benefits from refined data.
Reduce false positives by using more than just name (e.g.: ID).
Prioritize by number of addresses or amounts sent or frequency.
30. INHERENTLY RISKY
1. Identifying transactions to and from “high” risk countries.
2. Refer to Financial Action Task Force (FATF) website –
fatf.org
31. ELDER ABUSE
1. Treat transfers from elderly customers as higher risk
2. Also correlate to high risk payout locations/recipients
3. HQ Compliance should detect any structuring
Hints
Make the age variable by sex.
Flag known recipients and trigger a red flag
on future transfers.
32. NGOS/CHARITIES/RELIGIOUS
1. Use keywords to detect
2. Treat as higher risk transactions
3. May be used for tax evasion and money laundering
Hints
Adjust thresholds for detection based on
existing cases.
Add new keywords over time.
33. COLLUSION DETECTION
Trending by locations and employee:
1. Falsified addresses (“ANYWHERE STREET”)
2. Invalid or duplicated IDs
3. Invalid or duplicated SSN
34. INSIGHTS
1.What locations am I having a challenge with?
2.What is the most frequent anomaly detected?
3.What controls are failing?
35. ROOT CAUSE AND ACTION
Why did we allow the structuring?
• Was not aware of the requirements
• Not structuring (false positive)
• Scared of customer
What actions were taken?
• Filed a SAR
• Requested additional details
• Rejected transfer
38. ANOMALY DETECTION
1.Anomaly detected based on Customer’s historical
behavior
2.Peer anomaly based on behavior that is significantly
different from customers in the same segment/cluster
3.Primarily focused on these attributes:
• Frequency
• Value
• Source and destinations
• Time and day
• Segmentation (e.g. location)
39. NETWORK LINKING
1. Anomaly detected based on
Customer’s historical behavior
2. Peer anomaly based on behavior
that is significantly different
from customers in the same
segment/cluster
3. Primarily focused on these
attributes:
• Frequency
• Value
• Source and destinations
• Time and day
• Segmentation (e.g. location)
40. PREDICTIVE ANALYTICS
1. Using known cases to identify the procurement pattern
that normally results in fraud
2. Using machine learning to train models and predict
outcomes
42. KEY TAKE-AWAYS
• The rewards and risks for MSBs are big
• The only way to maintain compliance, manage volume of work at
a reasonable cost, and mitigate risks is to have the right culture
and an analytics-driven compliance program
• The right data analytics program which combines anomaly
detection, network linking and predictive analytics can identify
many money-laundering scenarios quickly and easily
• Identify root causes that can lead to potential cost-saving
opportunities in your processes
• Start taking Cross Jurisdictional Reporting Requirements into
account