Hitting the Books: How Southeast Asia's largest bank uses AI to fight financial fraud

Machine learning is streamlining traditional, rules-based money laundering investigations.

ROSLAN RAHMAN via Getty Images

Yes, robots are coming to take our jobs. That's a good thing, we should be happy they are because those jobs they're taking kinda suck. Do you really want to go back to the days of manually monitoring, flagging and investigating the world's daily bank transfers in search of financial fraud and money laundering schemes? DBS Bank, Singapore's largest financial institution, certainly doesn't. The company has spent years developing a cutting-edge machine learning system that heavily automates the minutia-stricken process of "transaction surveillance," freeing up human analysts to perform higher level work while operating in delicate balance with the antique financial regulations that bound the industry. It's fascinating stuff. Working with AI by Thomas H. Davenport and Steven M. Miller is filled with similar case studies from myriad tech industries, looking at commonplace human-AI collaboration and providing insight into the potential implications of these interactions.

Working with AI cover
MIT Press

Excerpted from Working with AI: Real Stories of Human-Machine Collaboration by Thomas H. Davenport and Steven M. Miller. Reprinted with permission from The MIT Press. Copyright 2022.

DBS Bank: AI-Driven Transaction Surveillance

Since the passage of the Bank Secrecy Act, also known as the Currency and Foreign Transactions Reporting Act, in the US in 1970, banks around the world have been held accountable by governments for preventing money laundering, suspicious cross-border flows of large amounts of money, and other types of financial crime. DBS Bank, the largest bank in Singapore and in Southeast Asia, has long had a focus on anti-money laundering (AML) and financial crime detection and prevention. According to a DBS executive for compliance, “We want to make sure that we have tight internal controls within the bank so the perpetrators, money launderers, and sanctions evaders do not penetrate into the financial system, either through our bank, through our national system, or internationally.”

The Limitations of Rule-Based Systems for Surveillance Monitoring

As at other large banks, the area of DBS that focuses on these issues, called “transaction surveillance,” has taken advantage of AI for many years to do this type of work. The people in this function evaluate alerts raised by a rule-based system. The rules assess transaction data from many different systems across the bank, including those for consumers, wealth management, institutional banking, and their payments. These transactions all flow through the rule-based system for screening, and the rules flag transactions that match conditions associated with an individual or entity doing suspicious transactions with the bank—those involving a potential money laundering event, or another type of financial fraud. Rule-based systems—in the past known as “expert systems” — are one of the oldest forms of AI, but they are still widely used in banking and insurance, as well as in other industries.

At DBS and most other banks across the world, rule-based financial transaction surveillance systems of this sort generate a large number of alerts every day. The primary shortcoming of rule-based surveillance systems is that most — up to 98 percent — of the alerts generated are false positives. Some aspect of the transaction triggers a rule that leads the transaction to be flagged on the alert list. However, after follow-up investigation by a human analyst, it turns out that the alerted transaction is actually not suspicious.

The transaction surveillance analysts have to follow up on every alert, looking at all the relevant transaction information. They must also consider the profiles of the individuals involved in the transaction, their past financial behaviors, whatever they have declared in “know your customer” and customer due diligence documents, and anything else the bank might know about them. Following up on alerts is a time-intensive process.

If the analyst confirms that a transaction is justifiably suspicious or verified as fraud, the bank has a legal obligation to issue a Suspicious Activity Report (SAR) to the appropriate authorities. This is a high-stakes decision, so it is important for the analyst to get it right: if incorrect, law-abiding bank customers could be incorrectly notified that they are being investigated for financial crimes. On the other side, if a “bad actor” is not detected and reported, it could lead to problems related to money laundering and other financial crimes.

For now at least, rule-based systems can’t be eliminated because the national regulatory authorities in most countries still require them. But DBS executives realized there are many additional sources of internal and external information available to them that, if used correctly, could be applied to automatically evaluate each alert from the rule-based system. This could be done using ML, which can deal with more complex patterns and make more accurate predictions than rule-based systems.

Using the New Generation of AI Capabilities to Enhance Surveillance

A few years ago, DBS started a project to apply the new generation of AI/ML capabilities in combination with the existing rule-based screening system. The combination would enable the bank to prioritize all the alerts generated by the rule-based system according to a numerically calculated probability score indicating the level of suspicion. The ML system was trained to recognize suspicious and fraudulent situations from recent and historical data and outcomes. At the time of our interviews, the new ML-based filtering system had been in use for just over one year. The system reviews all the alerts generated by the rule-based system, assigns each alert a risk score, and categorizes each alert into higher-, medium-, and lower-risk categories. This type of “post-processing” of the rule-based alerts enables the analyst to decipher which ones to prioritize immediately (those in the higher- and medium-risk categories) and which ones can wait (those in the lowest-risk category). An important capability of this ML system is that it has an explainer that shows the analyst the evidence used in making the automated assessment of the probability that the transaction is suspicious. The explanation and guided navigation given by the AI/ML model helps the analyst make the right risk decision.

DBS also developed other new capabilities to support the investigation of alerted transactions, including a Network Link Analytics system for detecting suspicious relationships and transactions across multiple parties. Financial transactions can be represented as a network graph showing the people or accounts involved as nodes in the network and any interactions as the links between the nodes. This network graph of relationships can be used to identify and further assess suspicious patterns of financial inflows and outflows.

In parallel, DBS has also replaced a labor-intensive approach to investigation workflow with a new platform that automates for the analyst much of the support for surveillance-related investigation and case management. Called CRUISE, it integrates the outputs of the rule-based engine, the ML filter model, and the Network Link Analytics system.

Additionally, the CRUISE system provides the analyst with easy and integrated access to the relevant data from across the bank needed to follow up on the transactions the analyst is investigating. Within this CRUISE environment, the bank also captures all the feedback related to the analyst’s work on the case, and this feedback helps to further improve DBS’s systems and processes.

Impact on the Analyst

Of course, these developments make analysts much more efficient in reviewing alerts. A few years ago, it was not uncommon for a DBS transaction surveillance analyst to spend two or more hours looking into an alert. This time included the front-end preparation time to fetch data from multiple systems and to manually collate relevant past transactions, and the actual analysis time to evaluate the evidence, look for patterns, and make the final judgment as to whether or not the alert appeared to be a bona fide suspicious transaction.

After the implementation of multiple tools, including CRUISE, Network Link Analytics, and the ML-based filter model, analysts are able to resolve about one-third more cases in the same amount of time. Also, for the high-risk cases that are identified using these tools, DBS is able to catch the “bad actors” faster than before.

Commenting on how this differs from traditional surveillance approaches, the DBS head of transaction surveillance shared the following:

Today at DBS, our machines are able to gather the necessary support data from various sources across the bank and present it on the screen of our analyst. Now the analyst can easily see the relevant supporting information for each alert and make the right decision without searching through sixty different systems to get the supporting data. The machines now do this for the analyst much faster than a human can. It makes the life of the analysts easier and their decisions a lot sharper.

In the past, due to practical limitations, transaction surveillance analysts were able to collect and use only a small fraction of the data within the bank that was relevant to reviewing the alert. Today at DBS, with our new tools and processes, the analyst is able to make decisions based on instant, automatic access to nearly all the relevant data within the bank about the transaction. They see this data, nicely organized in a condensed manner on their screen, with a risk score and with the help of an explainer that guides them through the evidence that led to the output of the model.

DBS invested in a skill set “uplift” across the staff who were involved in creating and using these new surveillance systems. Among the staff benefiting from the upskilling were the transaction surveillance analysts, who had expertise in detecting financial crimes and were trained in using the new technology platform and in relevant data analytics skills. The teams helped design the new systems, beginning with the front-end work to identify risk typologies. They also provided inputs to identify the data that made most sense to use, and where automated data analytics and ML capabilities could be most helpful to them.

When asked how the systems would affect human transaction analysts in the future, the DBS compliance executive said:

Efficiency is always important, and we must always strive for higher levels of it. We want to handle the transaction-based aspects of our current and future surveillance workload with fewer people, and then reinvest the freed- up capacity into new areas of surveillance and fraud prevention. There will always be unknown and new dimensions of bad financial behavior and bad actors, and we need to invest more time and more people into these types of areas. To the extent that we can, we will do this through reinvesting the efficiency gains we achieve within our more standard transaction surveillance efforts.

The Next Phase of Transaction Surveillance

The bank’s overall aspiration is for transaction surveillance to become more integrated and more proactive. Rather than just relying on alerts generated from the rule-based engine, executives want to make use of multiple levels of integrated risk surveillance to monitor holistically from “transaction to account to customer to network to macro” levels. This combination would help the bank find more bad actors, and to do so more effectively and efficiently. The compliance executive elaborated:

It is important to note that money launderers and sanctions evaders are always finding new ways of doing things. Our people need to work with our technology and data analytics capabilities to stay ahead of these emerging threats. We want to free up the time our people have been spending on the tedious, manual aspects of reviewing alerts, and use that time to keep pace with the emerging threats.

Human analysts will continue to play an important role in AML transaction surveillance, though the way they use their time and their human expertise will continue to evolve.

The compliance executive also shared a perspective on AI: “It’s really augmented intelligence, rather than automated AI in risk surveillance. We do not think we can remove human judgment from the final decisions because there will always be a subjective element to evaluations of what is and is not suspicious in the context of money laundering and other financial crimes. We cannot eliminate this subjective element, but we can minimize the manual work that the human analyst does as part of reviewing and evaluating the alerts.”

Lessons We Learned from This Case

  • An automated system that generates large numbers of alerts most of which turn out to be false positives does not save human labor.

  • Multiple types of AI technology (in this case, rules, ML, and Network Link Analytics) can be combined to improve the capabilities of the system.

  • Companies may not reduce the number of people doing a job even when the AI system substantially improves the efficiency of doing it. Rather, employees can use the freed-up time to work on new and higher-valued tasks in their jobs.

  • Because there will always be subjective elements in the evaluation of complex business transactions, human judgment may not be eliminated from the evaluation process.

This article contains affiliate links; if you click such a link and make a purchase, we may earn a commission.