A New Trend in Regtech is a Gift to Money Laundering Criminals

(Note: this article originally appeared on American Banker.)

Financial crime thrives in darkness. Criminals looking to launder money or otherwise fund illicit activity take every opportunity to hide or move money in such a way as to make tracking a flow of funds impossible. And with an endless number of accounts, banks and payment rails for bad actors to choose from, anti-money-laundering specialists and other financial crime investigators are at a strategic disadvantage when attempting to map this criminal activity.

In order to level the playing field, financial institutions need to be able to empower their AML teams with the ability to share information about suspicious activity happening at their organizations. On paper, this tool already exists: the 314(b) clause of the Patriot Act allows for participating financial institutions to share information with one another. But the method of exchange — which is done on a case-by-case basis and doesn't allow for the identification of larger organized crime patterns — doesn't allow for either institution to benefit from the last decade's breakthroughs in data-sharing and information analysis.

Recently, there has been industry buzz about a few regtech companies who were busy creating "information-sharing consortia," a type of coalition whose members agree to share data for the purpose of fighting financial crime. But while the spirit and line of thinking is good, the creation of these consortia carries a significant flaw: the data is managed by the regtech company sponsoring the consortia, and is only available to the vendor and participating customers.

What's wrong with this? Without interoperability standards allowing our industry to enable safe and secure information sharing regardless of the platform, we risk creating new silos that criminals can evade just as easily as they exploit the ones that exist today. If our true motivation is to make life difficult for the bad guys, we need to collaborate as openly as possible without restrictions, and we need to share much more information — without membership requirements beyond our shared goal of exposing bad actors.

What would an industry-based information-sharing program look like? It could come together in many ways, but here are some preliminary thoughts.

Fundamentally, we need to be able to share signals, behavioral data and connections at the network level. Imagine what could be done if your investigations team could share knowledge with the rest of the industry. It would suddenly make it much more difficult for even the most elusive bad actors to hide.

Additionally, another major concern for such a program is customer privacy. No information-sharing group can afford to compromise on this point. And if we are going to share more information, we are going to need more ways to protect its confidentiality. Thankfully, forward-thinking regulators like the Financial Conduct Authority in the U.K. have already realized the need for more technologically advanced privacy standards and have started running tech sprints exploring privacy-enhancing technologies to allow for cross-industry learning without moving personally identifiable information. (The Financial Crimes Enforcement Network has also encouraged this approach.)

Lastly, it's important to note that the full value of cross-industry collaboration cannot be realized without the participation and inclusion of policymakers, regulators and law enforcement. These groups not only help manage the global fight against financial crime, but they are also, in many cases, the recipients and ultimate beneficiaries of the AML work done at financial institutions. Plus, giving regulators a role in determining appropriate privacy expectations and safeguards would help in the fast and efficient development of new information-sharing tools.

The Anti-Money Laundering Act of 2020 enhanced the focus on information sharing and collaboration. As Fincen moves toward implementing AML provisions, such as the directive to form the Office of Domestic Liaison to help advance public-private partnerships, it could benefit significantly from creating a space for the vendor ecosystem to participate and share ideas.

Silos have always been a problem; as we map out the next fifty years of AML, we should do everything possible to avoid creating a new generation of artificial proprietary barriers to collaboration. This is an engineering problem. The technology exists. And by viewing the fight as a truly collaborative effort, we can remove silos — and all the criminal hiding places in between them.