Using AML Software in KYC and Due Diligence Procedures

International anti-money laundering legislation (FATF-FAFT, AMLD) requires professionals and companies to comply with anti-money laundering obligations by virtue of mitigating international money laundering (AML) and terrorist financing (CFT) risks. However, current AML regulations do not specify precisely which instruments or limits are to be checked against but rather assign general principles of responsibility and good management in the performance of AML functions. Specific normative references are instead attributed to the SAR's reporting phases, the registration of personal and fiscal data, and the storage of all these data and documents in specific physical and telematic archives. 


With a period of digital acceleration also AML functions have evolved, with the sole reason and purpose of helping MLRO and MLCO managers to fulfill AML regulatory obligations. With the technological evolution of Fintech, Big data, and financial crimes, at the same time, AML procedures, for some sectors, have also undergone procedural evolutions in order to make reporting on financial crimes easier and more immediate, while keeping the principles of Due Diligence intact. Also important has been introducing new services such as iCloud, AI (Artificial Intelligence), and Machine Learning into the market in this sector.  


In the last six months, the market sector of AML Software services has had strong growth in demand and supply. This is due to the fear by the subjects obliged to the AML regulations of not complying with the parameters imposed by the supervisory authorities, with the subsequent issuance to companies (banks, trusts, insurance companies, money transfer, exchange, etc. ...) and intermediaries of fines and penalties. 


Type of software in AML discipline

  • Cross-analysis of data for SAR's internal reporting
  • Cross analysis of data for external SAR's reporting
  • Submission and exchange of AML data between MLROs and state supervisory authorities such as FIUs or Central Banks. (Government Licence Software)
  • DataBase of individuals, entities, associations, organizations and states at risk of AML/CFT (Blacklist)
  • Database of entities subject to tax sanctions
  • Registration and storage of AML data (Archivio Unico Anti-riciclaggio)
  • Monitoring and transfer of any financial transaction
  • Data interconnection between payment software systems and operating systems (Android, IOS) for remote customer due diligence and digital identity verification.


These services are recognized and appreciated by supervisors, who consider them as valuable and very useful tools. However, it is necessary to mention that particular regulatory conditions must be respected for their use, such as protecting personal privacy data and the correct respect of AML steps and procedures (e.g., communication procedures, reporting, the confidentiality of the reporter and the reporter).


Furthermore, it must be said that using these software packages (except for a few) is not mandatory by law. It means that any company or individual entrusted with the execution of AML procedures but who does not own one of these software packages must still ensure compliance with and proper execution of AML procedures. The use of AML software also depends very much on the type of obligated party, a credit institution rather than a notary public, what AML/CFT risks it may find in its client portfolio, type of clientele, and economic relationships.


Risks In Using AML Software

Software systems, in general, are tools programmed in a computerized way to execute specific commands that a programmer previously gives. They are therefore useful when a device, or several devices, has to perform several actions simultaneously. They have repeatedly proved to be efficient, but in some cases, if programming anomalies have been committed, natural disasters have occurred. For example, let's think about some events concerning news in the aviation sector, in 2018 and 2019 with the two 737 Max planes and the other, more fortunate case in 2009 with the ditching of the plane in the Hudson River recounted in the famous Sully film.


In both examples, the co-pilots rely on onboard hardware and software systems to steer the aircraft in automatic and manual guidance modes, constantly monitoring speed and altitude.  Knowing the outcome of the facts, in the first case (of the two aircraft), the co-pilots are misled by a misreading of the parameters due to a malfunction of some sensors. Unfortunately, they will not have time to regain altitude, crashing; the second case of the ditching in the river occurs thanks to the captain's lucidity and experience in assessing and acting promptly to find a solution.


These two examples, I believe, best represent the use of AML software to identify possible anomaly indicators and suspicious transaction reports related to AML/CFT risks. This suggests that we should not rely solely on the data produced by computer analysis but go further. Assuming the operator knows his customer well when using AML software to process a SAR for due diligence purposes, the software only needs to confirm his suspicions (negative or positive). AML and Due Diligence verifications should not be based on the work of a machine working in the operator's place but should support and simplify his research to make SARs more timely.


The Central Economic Anomalies

  • Links in the economic operation 
  • Situations of inconsistency between the holder of the transaction and the nature of the transaction


However perfect and complex, a computer machine cannot predict all moves unless it has been previously programmed to detect those specific moves as well. One cannot program something that one does not know. Criminal organizations continually strive to conceal the objective (what, when, how) and subjective (the author or holder) data of the economic transaction or transfer to make it more difficult for the financial police authorities to detect anomalies or suspicions. The only means an AML operator has is his professional knowledge and experience. It is the only solution that can truly help anticipate, as far as he can, the adversary's moves (criminal). This quality is acquired with time, with continual professional training towards new financial criminal dynamics, understanding the modus operandi of the illicit funds, the methodologies of how money laundering takes place, also in the presence of new financial instruments of this new digital era (unfortunately, little is known of the activity of Cyberlaundering).   


Written by Dimitri Barberini 


Previous Post
European Banking System
Next Post
Anti Money Laundering Analysts and Their Roles