Anti-money laundering software (AML software) is software used in the finance and legal industries to help companies comply with the legal requirements for financial institutions and other regulated entities to prevent or report money laundering activities. AML software can facilitate faster and more accurate compliance and investigations.[1]
Anti-money laundering guidelines came into prominence globally after the September 11, 2001 attacks and the subsequent enactment of the Patriot Act in the United States and the establishment of the Financial Action Task Force on Money Laundering (FATF). By 2010, many international jurisdictions required financial institutions to monitor, investigate and report suspicious transactions to their respective country's financial intelligence unit.
The UK introduced the Terrorism Act in 2000, subsequently amended by the Anti-terrorism, Crime and Security Act 2001, the Prevention of Terrorism Act 2005, and the Terrorism Act 2006. The Terrorism Act imposed counter-measures for terrorism financing with obligations on banks and financial institutions, including customer due diligence, transaction monitoring and reporting obligations. In 2002, the UK introduced the Proceeds of Crime Act (POCA) as its primary AML regulation. POCA defined the offenses that constitute money laundering and required financial institutions to enact appropriate AML controls to detect money laundering activities. The UK instituted further regulations with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations.[2] The MLR 2017 transposes the obligations set out in the EU's 5th AMLD, tightening controls in the private sector and introducing the requirement for firms to implement a written AML/CFT risk assessment. This has led to the development of an AML industry industry dedicated to providing software for analyzing transactions in an attempt to identify suspcious patterns that qualify for reporting (for example, structuring, which requires a SAR filing). Financial institutions may face penalties for failing to properly file reports, including heavy fines and regulatory restrictions.
The UK's Financial Conduct Authority (FCA), established in 2012, is the UK's main financial services regulator with authority over banks, building societies, credit unions and other regulated sectors. The FCA's purpose is to maintain the safety of the UK's financial system and its financial institutions. Financial institutions in the UK must register with the FCA who oversees compliance with AML regulations. His Majesty's Revenue and Customs (HMRC) issues guidance on anti-money laundering in the UK, sharing money laundering offense investigative responsibilities with the FCA.
Some jurisdictions, such as Singapore, require financial institutions to conduct an independent assessment of technology solutions used in anti-money laundering procedures, if such financial institutions allow for non-face-to-face onboarding of customers.[3]
There are four basic types of software addressing AML business requirements:
These software applications effectively monitor bank customer transactions on a daily basis and, using customer historical information and account profile, provide a "whole picture" to the bank management. Transaction monitoring can include cash deposits and withdrawals, wire transfers and ACH activity. In the bank circles, these applications are known as "AML software".
Each vendor's software works somewhat differently. Some of the modules which should be present in an AML software are:
The definition for Customer Identity Management Systems varies in different regions and jurisdictions. Most vendors include the following features in their solutions:
There are solutions based on artificial intelligence, which are characterized by much better efficiency in detecting money laundering, comparing to rule-based approach. Especially, deep neural networks are able to discover complex interdependencies between various activities performed to launder money.[4] This translates into fewer false alarms and more accurate detection. In the near future, transaction monitoring systems will be based on machine learning rather than on rules and scenarios.[5]