Anti–money laundering software

Anti-money laundering (AML) software is software used in the finance and legal industries to help companies comply with the legal requirements for financial institutions and other regulated entities to prevent or report money laundering activities. AML software can facilitate faster and more accurate compliance and investigations.

History
Anti-money laundering guidelines came into prominence globally after the September 11, 2001 attacks and the subsequent enactment of the Patriot Act in the United States and the establishment of the Financial Action Task Force on Money Laundering (FATF). By 2010, many international jurisdictions required financial institutions to monitor, investigate and report suspicious transactions to their respective country's financial intelligence unit.

United Kingdom
The UK introduced the Terrorism Act in 2000, subsequently amended by the Anti-terrorism, Crime and Security Act 2001, the Prevention of Terrorism Act 2005, and the Terrorism Act 2006. The Terrorism Act imposed counter-measures for terrorism financing with obligations on banks and financial institutions, including customer due diligence, transaction monitoring and reporting obligations. In 2002, the UK introduced the Proceeds of Crime Act (POCA) as its primary AML regulation. POCA defined the offenses that constitute money laundering and required financial institutions to enact appropriate anti-money laundering controls to detect money laundering activities. The UK instituted further regulations with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations. The MLR 2017 transposes the obligations set out in the EU's 5th AMLD, tightening controls in the private sector and introducing the requirement for firms to implement a written AML/CFT risk assessment. This has led to the development of an AML industry dedicated to providing software for analyzing transactions in an attempt to identify suspicious patterns that qualify for reporting (for example, structuring, which requires a SAR filing). Financial institutions may face penalties for failing to properly file reports, including heavy fines and regulatory restrictions.

The UK's Financial Conduct Authority (FCA), established in 2012, is the UK's main financial services regulator with authority over banks, building societies, credit unions and other regulated sectors. The FCA's purpose is to maintain the safety of the UK's financial system and its financial institutions. Financial institutions in the UK must register with the FCA who oversees compliance with AML regulations. His Majesty's Revenue and Customs (HMRC) issues guidance on anti-money laundering in the UK, sharing money laundering offense investigative responsibilities with the FCA.

International
Some jurisdictions, such as Singapore, require financial institutions to conduct an independent assessment of technology solutions used in anti-money laundering procedures, if such financial institutions allow for non-face-to-face onboarding of customers.

Types
There are four basic types of software addressing AML business requirements:
 * Transaction monitoring systems, which focus on identification of suspicious patterns of transactions which may result in the filing of suspicious activity reports (SARs) or Suspicious Transaction Reports (STRs). Identification of suspicious (as opposed to normal) transactions is part of the KYC requirements.
 * Currency transaction reporting (CTR) systems, which deal with large cash transaction reporting requirements ($10,000 and over in the U.S.)
 * Customer identity management systems which check various negative lists (such as OFAC) and represent an initial and ongoing part of Know your customer (KYC) requirements. Electronic verification can also check against other databases to provide positive confirmation of ID such as (in the UK: electoral roll; the "share" database used by banks and credit agencies; telephone lists; electricity supplier lists; post office delivery database
 * Compliance software to help firms comply with AML regulatory requirements; retain the necessary evidence of compliance; and deliver and record appropriate training of relevant staff. In addition, it should have audit trails of compliance officers activities in particular pertaining to the handling of alerts raised against customer activity.

Transaction monitoring software
These software applications effectively monitor bank customer transactions on a daily basis and, using customer historical information and account profile, provide a "whole picture" to the bank management. Transaction monitoring can include cash deposits and withdrawals, wire transfers and ACH activity.

Each vendor's software work differently. Some of the modules which may be present in an AML software are:
 * Know Your Customer (KYC)
 * Entity Resolution
 * Transaction Monitoring
 * Compliance Reporting
 * Alert based case management
 * Investigation Tools
 * Document management to hold the customer related documentation such as account opening package, customer identification documents, etc...
 * Delivery of AML Training
 * Customer due diligence checks, including electronic verification
 * Automated Standard operating procedures e.g. workflow engine/
 * Dissemination of AML policies and procedures

Customer Identity Management Systems
The definition for Customer Identity Management Systems varies in different regions and jurisdictions. Most vendors include the following features in their solutions:
 * Sanction List Check
 * Politically Exposed Person (PEP) Check
 * Fraud Detection System
 * False Positive Recording
 * Single Scan and Batch Scanning
 * Auditing and Reporting

Machine learning for money laundering detection
There are solutions based on artificial intelligence, which are characterized by much better effectiveness in detecting money laundering, when compared to a rule-based approach. Deep neural networks are able to discover complex interdependencies between various activities performed to launder money. This translates into fewer false alarms and more accurate detection. In the near future, transaction monitoring systems will be based on machine learning rather than on rules and scenarios.