Utilising AI in financial compliance

March 2020  |  COVER STORY  |  RISK MANAGEMENT

Financier Worldwide Magazine

March 2020 Issue

Given the increasing compliance demands on organisations from the public and regulators alike, companies cannot afford to neglect their compliance obligations. The role of compliance is to prevent, detect, respond to and remediate risk and financial institutions (FIs) must use all of the tools at their disposal to achieve it. Implementing an effective compliance framework requires the whole firm to be on board, from the C-suite down.

The compliance function is in a state of flux, however – virtually unrecognisable from a decade ago. The catalyst for much of the change in the financial services industry was the global financial crisis. Resultant pressures on policymakers to prevent future crises precipitated a number of regulatory responses globally.

Financial services has been upended by the push for greater compliance to protect investors and economic systems. In the aftermath of the crisis, it was clear that the financial services industry had failed to adequately manage risks, including certain regulatory obligations. Transformative systemic changes were needed to avoid future crises. As a result, compliance has become a key area of focus. Compliance professionals must navigate these complex and evolving challenges. In turn, this has led to the development and deployment of more sophisticated and robust compliance frameworks and systems.

In the US, for example, compliance professionals have assumed a new level of liability – including via the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, which contributed 2300 pages of provisions alone. The Economic Growth, Regulatory Relief and Consumer Protection Act and the European Union’s General Data Protection Regulation (GDPR) have also raised additional compliance hurdles.

Many compliance departments are being asked to do more with less. According to Accenture’s 2019 Compliance Risk Study, 71 percent of compliance departments at FIs face a cost reduction target, with nearly two-thirds targeting budget reductions of 10 to 20 percent over the next three years.

Shifting priorities

According to the Thomson Reuters Regulatory Intelligence (TRRI) ‘Cost of Compliance 2019’ report, the most commonly cited challenges faced by compliance professionals include: (i) increasing regulatory burden; (ii) financial crime, anti-money laundering and sanctions compliance; (iii) culture and conduct risk; and (iv) the adequacy and availability of skilled resources. As a result, FIs continue to augment their compliance, risk, legal and internal audit teams.

In addition to the day-to-day issues which affect all compliance teams, such as risk of regulatory breaches, information overload and lack of resources, fear of missing important information and managing compliance and its impact on the customer also weigh heavily, according to Refinitiv.

FIs are looking adopt new and revolutionary new technology solutions to complement their existing compliance functions. End-to-end controls capable of mitigating a multitude of financial crime risks can alleviate the pressure. Artificial intelligence (AI), machine learning (ML), natural language processing (NLP), blockchain and intelligent tagging are just a few of the developments becoming increasingly influential – improving compliance productivity without rendering compliance professionals obsolete.

Compliance professionals must keep themselves abreast of the relentless regulatory changes. In advanced economies, regulators are demanding that FIs comply with more sophisticated compliance and governance requirements or face the financial consequences. “The source of these requirements are varied, including more developed community expectations around concepts of fairness and the need to deal with the higher risk of cyber security breaches cyber crime and privacy breaches, that are associated with data sharing and digital financial transactions,” notes Jim Bulling, a partner at K&L Gates.

As new threats and obligations emerge, compliance professionals must update the tools at their disposal. Compliance-focused technology can modernise departments, overhaul the daily lives of employees and even elevate the profile of an organisation. When applied correctly, and embedded within a strong culture of compliance, technology can have a substantial impact. Those compliance functions which utilise structured, rule-based processes can be wholly transformed by technological intervention. FIs must also strengthen their compliance teams by embracing a wider variety of skills. The compliance professionals of tomorrow will be expected to harness the power and productivity of new technology.

AI for FIs

AI is carving out a growing role in the regulatory compliance space. AI and ML applications are able to address common challenges and systematic issues that compliance officers face every day. “Traditional compliance regimes, with their significant reliance on human involvement, have struggled to remain effective in the face of increased compliance and governance requirements,” says Mr Bulling. “AI has been identified by many as offering potential solutions to the increased governance challenges which organisations face from regulators, both domestic and international.”

Appealing aspects of AI include its ability to extract maximum value from data, aid decision making and ease the burdens on compliance professionals. One of its most compelling uses entails automating repetitive tasks, which frees up compliance professionals to refocus their efforts in other areas which may add greater value. As AI evolves it allows FIs to capture, analyse and filter myriad data elements. Three of the most important benefits offered by AI and robotic process automation (RPA) are reducing false positives, reducing costs and reducing human error.

As new threats and obligations emerge, compliance professionals must update the tools at their disposal.

False positives occur with alarming regularity and can be particularly detrimental to FIs. Compliance alert systems based on standard technologies generate thousands of false positives every day, which requires human oversight. This, in turn, increases inefficiency and adds scope for human error. Whether from poor due diligence, outdated technology or ineffective processes, human error costs regulated industries billions every year, and the sheer volume of data to process means there are plenty of chances for it to occur. AI can mitigate human error by highlighting blindspots, reasonable errors and other potential flaws that a compliance professional might miss. It can also identify trends and patterns much better than humans.

At the same time, regulators are turning to AI to boost their monitoring and enforcement activities. “AI is today being adopted across all sectors,” writes Simone Jones, senior R&D manager at the International Compliance Association. “The Serious Fraud Office (SFO) has used AI to automate document analysis, and as part of its case against Rolls-Royce used a ‘robo-lawyer’ to reportedly scan documents for legal professional privilege content which was 2000 times faster than human lawyers. The opportunities presented by AI and machine learning to ‘learn’ or adapt to new inputs, recognise patterns and quickly sift through large amounts of data are deeply attractive to businesses, particularly when looking to improve manual processes.”

For FIs, automation can greatly improve efficiency for compliance. By building semantic technology and data point models that can convert regulatory text into NLP systems, for example, FIs can integrate AI and ML into their existing framework and update documents and processes whenever regulatory text is updated.

In the regulatory technology (RegTech) space, companies are developing ever more complex systems and processes to address the evolving risk and compliance requirements facing FIs. RegTech allows organisations to streamline anti-money laundering (AML) processes, for example. It also enables FIs to make better and more informed decisions, and to file more accurate suspicious activity reports when necessary.

RegTech professionals are hopeful that a full automated regulatory handbook can be created over the coming decade. AI-based RegTech remains embryonic, but offers countless opportunities. FIs looking to fully capitalise are already collaborating with third parties to develop new solutions that improve existing systems, reduce costs, increase efficiencies and mitigate risks.

AI issues

While AI has an important role to play, FIs must manage expectations as the technology develops and matures. Significant time and resources are typically required when introducing AI into existing regulatory compliance processes. The infrastructure, systems, data and human capital needed may exceed the capabilities of some FIs, particularly smaller ones.

There are many other challenges which FIs may encounter when considering AI for compliance. “Many organisations express some reluctance to introduce an AI compliance solution because they worry that a better or cheaper product is just around the corner,” says Mr Bulling. “The problem with this approach is that organisations postpone their engagement with AI with the result that the weaknesses with conventional compliance mechanisms continue to compound. There is also a perception that AI solutions could potentially increase the cyber security risks which an organisation is exposed to, as a result of additional instances of outsourcing, offshoring and cloud-based storage. It may be that there are some additional risks which accompany AI solutions, but these need to be measured against the risks involved in staying with more conventional mechanisms.”

That said, over-reliance on technology can create its own issues for FIs, which produce and store a massive volume of data. If this data is not properly mapped and managed it can become messy, complicated and expensive to process. Failure to properly address and proactively manage these issues can be expensive and damaging.

That said, experience on the ground suggests resistance to adopting AI is not uncommon. “Internal stakeholders involved with existing conventional compliance functions within large organisations often play a spoiler role in connection with trials and implementation of potential AI solutions,” notes Mr Bulling. “In many instances, AI is perceived as a threat to the compliance networks within large organisations resulting in resistance to approval of such solutions.”

The proliferation of AI is likely to have implications for compliance professionals. “The question of whether or not robots will replace compliance jobs is far from clear cut,” writes Ms Jones. “Much has been written about the skills and attributes of compliance and AML professionals – increasingly we are seeing the ability to adapt to change a fundamental requirement for the compliance professional of tomorrow. The ongoing professionalisation of compliance will more and more demand a higher skillset. Compliance professionals of today and tomorrow need to be open minded about the use of new technology and the potential for it to benefit both the control framework and the wider business.”

Looking forward

In this way, compliance is moving beyond its traditional role of value protection to become more intrinsic to value creation. While AI and other technology can help FIs avoid costly fines and audits, it can also provide early adopters with a competitive edge.

Yet, despite the great strides made in recent years, AI is still relatively nascent. According to Intertrust, 94 percent of UK-based financial services industry decision makers believe that AI has the greatest potential to revolutionise the sector over the next five years, more so than blockchain and the Internet of Things (IOT), for example. For FIs which must find solutions to increasing risks, there may be real benefits to engaging AI for compliance solutions sooner rather than later. “AI is being deployed by regulators around the world to differing degrees and organisations both large and small in my view will need to embrace the possibilities of AI compliance and governance mechanisms if they are to stay ahead of the regulatory curve and meet the enhanced community expectations of their customers,” says Mr Bulling. “The non-financial risks of not employing AI solutions in a regulatory context will be simply too great to ignore.”

Utilising new technology is a daunting and complex process. But AI is set to tackle many of the challenges facing FIs. It will greatly reduce workloads for certain tasks and dramatically cut costs. Despite fears that machines could replace human jobs, this is unlikely, at least in the short term. With AI performing more rule-based, repetitive tasks, compliance staff can focus on higher quality, intensive projects. Ultimately, AI will allow compliance professionals to be more efficient and effective. It is vital, however, that compliance professionals remain actively engaged and do not become over-reliant on technology.

“The ongoing professionalisation of compliance will more and more demand a higher skillset for compliance professionals,” writes Ms Jones. “Deloitte has stated that compliance modernisation ‘is no longer optional’ but a necessity, addressing opportunities for the chief compliance officer (CCO) presented by modernisation, including new technology, they envision the CCO of the future as a ‘strategic partner in top-level decision making’, helping to shape and prepare for the future.

“As we look forward to the 2020s, we must consider what we need in order to succeed,” adds Ms Jones. “The best way for compliance professionals to confront the challenges the future will present is to become adaptable lifelong learners with a broad depth of understanding. These twin concepts will help the future become something we participate in, rather than something that is imposed upon us.”

Regulatory and industry pressures, emerging technologies and FIs’ own internal challenges are placing greater demands on the compliance function. Modern compliance is about much more than ensuring organisations remain within the law; with the assistance of AI technology, it will help drive value creation. The case for AI in the compliance space continues to strengthen.

© Financier Worldwide

BY

Richard Summerfield

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.