Selecting an AI/ML FinCrime solution: five guidelines to consider

Launching any complex technology-driven initiative without defining clear, tangible goals is a great way to guarantee a subpar result. Yet this is something we see distressingly often on FinCrime-focused AI/ML projects. To begin, many enterprises don’t have a detailed quantitative understanding of their true cost to generate and clear a surveillance/monitoring-related alert. They lack essential details about the average length of time to complete an alert or case investigation, the cost (in both personnel and technology), indirect expenses, and downstream impacts of their efforts. Since these new solutions are routinely deployed for efficiency and cost savings purposes, it’s hard to measure future effectiveness when there’s an incomplete perspective of where things already stand.

Once you’ve gotten a handle on the present situation, you’ll need to articulate your true requirements, including defining exactly what you mean by AI/ML. As an example, are you seeking improved and automated decision-making by investigators? Are you looking for upgraded data and information integration across your financial crime technology ecosystem? Are you seeking to replace your current transaction monitoring software with a predictive model to lower false positives or to completely change the way you perform surveillance? 

There are big differences among the various approaches available to you, so the answer to these questions will impact everything that comes afterward. This is also the time to explicitly state success criteria. However, it’s crucial that you set realistic goals: For instance, while a 90% reduction in false positives might be technically feasible, it may not be practically attainable because of your risk tolerance, testing and validation requirements, and so on.

Even the best-prepared organizations can fall into the trap of not paying enough attention to additional key considerations, such as:

• How will the new AI/ML solution operate? Will it be expected to a) directly make decisions, b) only provide recommendations or suggestions, or c) simply improve information curation and data preparation?
• Who’s going to consume its output? For example, will it function behind the scenes, or will it interact with individual analysts and investigators?
• Will it need feedback to improve? How will this information be gathered and ingested?
• Will additional user training be required?
• How much supplementary governance will need to be put into place specific to the AI/ML capabilities?

These questions must be addressed before it’s prudent to go any further in the selection process.

By this point, hopefully you’ve enunciated your aims for the new AI/ML FinCrime project, so it’s now time to examine candidates from the large pool of potential solutions. There’s no sidestepping this due diligence: There are huge differences among vendor offerings, and you’ll need to understand these variances up front. Don’t be shy about demanding to speak with existing customers, because this is a significant part of conducting a realistic appraisal.

Many “products” that claim to be tailored for specific FinCrime challenges are either in a raw initial state or merely a framework that serves as a starting point on a long journey. We’ve observed that a substantial number of these solutions are not “productized”; rather, they require extensive customization, configuration and modeling using client data before they’re ready for rollout. This may be less of a concern at small financial institutions considering relatively simple use cases. On the other hand, complex FinCrime challenges at large, diverse organizations with varied customers, geographies and products commonly necessitate extensive painstaking modifications.

Thoughtfully evaluating the product’s features and functionality can give you a good idea of what benefits and challenges may exist. You’ll want to understand if the product you’re considering is more of a data science tool bench/framework than a truly configurable application. Does it already come with a series of application programming interfaces (APIs) and ready-made connections to established third-party applications such as case management and data sources, or do you have to build these APIs and other data connections as a part of the implementation process? You’ll also want to examine if it includes common FinCrime capabilities regarding:

• Entity resolution/link analysis
• External data connectivity and enrichment
• Model transparency and AI comprehensibility
• Ongoing model management, learning and improvement

Evaluators should also be cognizant of their own organization’s capabilities relative to the requirements of a potential solution. Occasionally, we see FinCrime data science teams within financial institutions set overly ambitious objectives regarding their new AI/ML solution along with how quickly they can bring it to market. This may make them overconfident in their organization’s prowess for gathering the required data, storing it effectively, and efficiently deploying and configuring the solution. They may also underestimate the level of effort associated with ongoing operations and maintenance. Unfortunately, there are plenty of examples of initiatives that have stalled or otherwise failed to achieve the promised ROI.

Once you’ve winnowed the field of candidate solutions, you’ll want to spend time getting to know the vendors.

Even the most technically impressive AI/ML FinCrime solution will fail if its provider can’t deliver all the necessary elements to drive a winning experience. You should begin this phase of your evaluation by validating the truthfulness of the selected provider’s claims. It’s quite common for vendors to assert that their products are fully baked and in production when this really isn’t so. This is especially pronounced in the AI/ML space where so many solutions are only frameworks that must be bolstered by extensive development and configuration. You’ll want to understand the supplier’s customer base and where the solution has been previously deployed. Specifically, you should determine how well those engagements match your existing requirements while attempting to figure out who’s been successful and how. It’s also helpful at this time to determine if the vendor has a user group community specific to your use cases and an ecosystem of third-party providers that can help you implement, configure or support your deployment.

The vendor’s vision and product roadmap should also go under the microscope at this point. For example, if you buy a basic AI/ML framework, you’re not getting the benefit of targeted FinCrime-oriented intellectual property that’s been proved in production. Instead, it will be up to you and your colleagues to customize the solution to meet your precise needs. Also, given the clearly increasing interest among regulators to use new technology in the fight against FinCrime, you’ll want to ascertain if the provider has regulatory credentials and adoption that could assist in streamlining your own regulatory communication.

Support is another key consideration at this point. For example, will assistance be available globally, and will you be receiving it from the vendor itself or third parties? Naturally, you also need to confirm supplier viability, including its funding and team size. Large global banking clients are generally good at evaluating early stage startups, but smaller institutions may not have internal teams that can accurately assess vendor maturity and understand how the solution operates.

With the product and vendor identified, your next task is to justify the upcoming expenditure by creating a robust, accurate representation to quantify the anticipated outcome. Generally, in surveillance/monitoring functions, enterprises bring on AI/ML FinCrime solutions to enhance detection capabilities or reduce false positives (and thereby costs). Ideally, you’ll assign a value to these factors as you construct your cost/benefit model. Unfortunately, coming up with these numbers is much more difficult if you can’t even estimate your current circumstances.

In our experience, the most perceptive clients recognize that the ROI for these types of systems represents a trade-off between risk and efficiency. They seek to quantify and define these boundaries, always being cognizant of what they’re paying for. They’re aware of whether they’re buying a true product with fully developed models that the vendor will maintain, or just a framework that will require heavy development by the customer. They’re also attuned to any costs of the implementation/integration itself or for incremental hardware, software or data provider outlays.

Many vendors are still in the process of transitioning to value-based pricing models and away from more traditional user-based or annual plans, which may not necessarily translate to greater efficiencies and cost savings. As a prospective customer, it’s up to you to determine if the price warrants the purchase. For example, assume it currently costs $10 to clear an anti-money laundering (AML) alert and the new AI system is going to prevent 1,000 false positives a month. This produces a $10,000 monthly benefit, which is great — unless you’re spending $100,000 per month for the technology.

Additionally, don’t lose sight of the fact that expenses are not just about licenses: These systems generally demand significant processing infrastructure that can cost as much — if not more — than the software price. You’ll also incur expenses for your data science teams to train and maintain the AI/ML models.

Congratulations — you’ve established your objectives, chosen a product, verified the vendor and done the math to validate your decisions. There’s just one more thing to do before you cross the finish line: You need to ensure that the rollout and subsequent maintenance phases are well thought out and capable of sustaining you in the long run.

Don’t overlook the reality that to produce useful outputs, AI/ML FinCrime solutions must often consume large amounts of historical data. This obliges gathering information and ensuring that it’s relevant and in the proper format. There can be some serious hidden expenses and latencies during this portion of the deployment, resulting in significant negative impacts on “time to value.” For example, although an institution may have a demonstrable history of alert or case investigations, the resulting feedback data may not contain enough details to truly inform a new AI/ML solution: It’s common for these types of products to require a much greater level of specifics for optimal configuration. In the case of resolved alerts, “Who was the suspect?,” “What additional red flags were found during the investigative process?” and “Was the monitoring system alert ultimately a leading cause of suspicion?” are just a few instances of these data requirements.

Once the deployment is done, you’ll need to consider ongoing model maintenance. Does it require retraining by people or is it self-improving? In either case, does the vendor have the necessary experience to provide recommendations for sustainability, and is the technology transparent enough to be understood both by your organization and regulators?

Finally, it’s likely that you’ll need to work with the supplier’s ecosystem. Ideally, this means ensuring that you have access to:

• Systems integrators and consultants for the short term
• A deep pool of developers to bring on staff for the longer term
• Training
• Support groups
• An engaged user community

Conclusion

To begin, take the time to truly understand what you seek to gain from this initiative, rather than just charging ahead. With those preconditions satisfied, evaluate the product — and its vendor — very carefully to see how closely it fits your needs. Then, leverage the research you’ve just concluded by formulating a realistic financial model that will substantiate the proposed expenditures. Finally, recognize that this is an initiative meant to sustain your organization for the long haul, so think carefully about how it will be maintained and evolve once the initial deployment is complete.