Gabe Hopkins, Chief Product Officer at Ripjar, on how GenAI can transform compliance

Generative AI (GenAI) has proven to be a transformational technology for many global industries. Particularly those sectors looking to boost their operational efficiency and drive innovation. Furthermore, GenAI has a range of use cases, and many organisations are using it to create new, creative content on demand – such as imagery, music, text, and video. Others are using the new tools at their disposal to perform tasks and process data. This makes previously tedious activities much more manageable, saving considerable time, effort, and finances in the process.

However, compliance as a sector has traditionally shown hesitancy when it comes to implementing new technologies. Taking longer to implement new tools due to natural caution about perceived risks. As a result, many compliance teams will not be using any AI, let alone GenAI. This hesitancy means these teams are missing out on significant benefits. Especially at a time when other less risk-averse industries are experiencing the upside of implementing this technology across their systems.

To avoid falling behind other diverse industries and competitors, it’s time for compliance teams to seriously consider AI. They need to understand the ways the technology – specifically GenAI – can be utilised in safe and tested ways. And without introducing any unnecessary risk. Doing so will revolutionise their internal processes, save work hours and keep budgets down accordingly.

Understanding and overcoming GenAI barriers

GenAI is a new and rapidly developing technology. Therefore, it’s natural compliance teams may have reservations surrounding how it can be applied safely. Particularly, teams tend to worry about sharing data, which may then be used in its training and become embedded into future models. Moreover, it’s also unlikely most organisations would want to share data across the internet. Strict privacy and security measures would first need to be established.

When thinking about the options for running models securely or locally, teams are likely also worried about the costs of GenAI. Much of the public discussion of the topic has focussed on the immense budget required for preparing the foundation models.

Additionally, model governance teams within organisations will worry about the black box nature of AI models. This puts a focus on the possibility for models to embed biases towards specific groups, which can be difficult to identify.

However, the good news is that there are ways to use GenAI to overcome these concerns. This can be done by choosing the right models which provide the necessary security and privacy. Fine-tuning the models within a strong statistical framework can reduce biases.

In doing so, organisations must find the right resources. Data scientists, or qualified vendors, can support them in that work, which may also be challenging.

Overcoming the challenges of compliance with AI

Despite initial hesitancy, analysts and other compliance professionals are positioned to gain massively by implementing GenAI. For example, teams in regulated industries – like banks, fintechs and large organisations – are often met with massive workloads and resource limits. Depending on which industry, teams may be held responsible for identifying a range of risks. These include sanctioned individuals and entities, adapting to new regulatory obligations and managing huge amounts of data – or all three.

The process of reviewing huge quantities of potential matches can be incredibly repetitive and prone to error. If teams make mistakes and miss risks, the potential impact for firms can be significant. Both in terms of financial and reputational consequences.

In addition, false positives – where systems or teams incorrectly flag risks and false negatives – where we miss risks that should be flagged, may come from human error and inaccurate systems. They are hugely exacerbated by challenges such as name matching, risk identification, and quantification.

As a result, organisations within the industry quite often struggle to hire and retain staff. Moreover, this leads to a serious skills shortage amongst compliance professionals. Therefore, despite initial hesitancy, analysts and other compliance professionals stand to gain massively by implementing GenAI without needing to sacrifice accuracy.

Generative AI – welcome support for compliance teams

There are numerous useful ways to implemented GenAI and improve compliance processes. The most obvious is in Suspicious Activity Report (SAR) narrative commentary. Compliance analysts must write a summary of why a specific transaction or set of transactions is deemed suitable in a SAR. Long before the arrival of ChatGPT, forward thinking compliance teams were using technology based on its ancestor technology to semi-automate the writing of narratives. It is a task that newer models excel at, particularly with human oversight.

Producing summarised data can also be useful when tackling tasks such as Politically Exposed Persons (PEP) or Adverse Media screenings. This involves compliance teams performing reviews or research on a client to check for potential negative news and data sources. These screenings allow companies to spot potential risks. It can prevent them from becoming implicated in any negative relationships or reputational damage.

By correctly deploying summary technology, analysts can review match information far more effectively and efficiently. However, like with any technological operation, it is essential to consider which tool is right for which activity. AI is no different. Combining GenAI with other machine learning (ML) and AI techniques can provide a real step change. This means blending both generalised and deductive capabilities from GenAI with highly measurable and comprehensive results available in well-known ML models.

Profiling efficiency with AI

For example, traditional AI can be used to create profiles, differentiating large quantities of organisations and individuals separating out distinct identities. The new approach moves past the historical hit and miss where analysts execute manual searches limiting results by arbitrary numeric limits.

Once these profiles are available, GenAI can help analysts to be even more efficient. The results from the latest innovations already show GenAI-powered virtual analysts can achieve, or even surpass, human accuracy across a range of measures.

Concerns about accuracy will still likely impact the rate of GenAI adoption. However, it is clear that future compliance teams will significantly benefit from these breakthroughs. This will enable significant improvements in speed, effectiveness and the ability to respond to new risks or constraints.

Ripjar is a global company of talented technologists, data scientists and analysts designing products that will change the way criminal activities are detected and prevented. Our founders are experienced technologists & leaders from the heart of the UK security and intelligence community all previously working at the British Government Communications Headquarters (GCHQ). We understand how to build products that scale, work seamlessly with the user and enhance analysis through machine learning and artificial intelligence. We believe that through this augmented analysis we can protect global companies and governments from the ever-present threat of money laundering, fraud, cyber-crime and terrorism.

  • Artificial Intelligence in FinTech
  • Cybersecurity in FinTech

Henry Balani, Global Head of Industry & Regulatory Affairs at Encompass Corporation, on meeting the demand for improved risk management, operational efficiency, and customer service with pKYC

The traditional banking and finance industry is evolving. Processes are experiencing a digital transformation as a result of perpetual Know Your Customer (pKYC). The pKYC approach enables modern banks to continuously update and verify customer information in real time. Banks are moving away from the reliance on periodic reviews. This change is driven by technological advancements. And the increasing demand for dynamic and responsive regulatory compliance mechanisms.

Perpetual KYC

Conventional KYC processes commonly involve periodic reviews of customer information at fixed intervals. These reviews are typically conducted every one, three, or five years. While these reviews are thorough and comprehensive, they are also static. This can result in outdated information, potentially overlooking changes in customer risk profiles or new compliance requirements.

On the other hand, perpetual KYC is dynamic and event driven. Through its continuous and automated approach, pKYC enables financial institutions to address risks and compliance needs in real-time. These risks can be determined by continuously monitoring customer activities. Furthermore, automatically updating profiles in response to specific triggers, including changes in personal information, significant transactions, or alterations in beneficial ownership.

Gaining a competitive advantage with pKYC

By leveraging pKYC, banks, and other regulated financial institutions can take advantage of a range of benefits. These are crucial in the modern digital era to gain a competitive edge. Through continuous monitoring, pKYC enables financial institutions to identify and address potential risks promptly. This real-time approach helps mitigate risks associated with financial crimes. Moreover, it ensures compliance with the latest regulatory standards.

pKYC will lead to operational efficiency and cost reduction. By automating many of the manual processes involved in KYC, pKYC significantly reduces the time and resources needed for compliance. This allows financial institutions to focus their efforts on high-risk cases, rather than conducting blanket reviews for all customers, resulting in substantial cost savings.

This process also enables many banks to improve their customer service and management. It also enhances the customer’s experience. With pKYC, customers are not subjected to frequent, intrusive reviews if their profiles remain stable. This results in a smoother and more positive customer experience, potentially increasing overall customer satisfaction and loyalty. Additionally, automated systems minimise human error and ensure consistency in applying KYC policies. This enhances overall regulatory compliance and reduces the risk of non-compliance penalties.

Perpetual KYC implementation: Challenges and considerations

Implementing a pKYC operating model is not straightforward. It requires the right blend of infrastructure and operating process. Every firm’s pKYC journey and ecosystem will be unique and cut across people, processes and technologies.

Data is central to the success of pKYC as reviews based on event changes (aka event driven triggers) will not be effective if client information is outdated, missing or incorrect. Without consistent access to relevant and accurate client information, pKYC is impossible. Corporate Digital Identity (CDI) is fast emerging as a foundation for ensuring valid customer information is collected for successful pKYC operations.

Being able to leverage this data requires an ecosystem of technology, which may be developed in house, utilising third-party RegTech providers, or a combination of both. This technology should drive how data is stored, structured and accessed so that pKYC triggers can be comprehensively managed. Customer lifecycle management systems (CLMs) are particularly relevant to pKYC as they connect all components along the workflow processes.

Importantly, overarching executive sponsorship is needed to ensure a successful outcome in transformation initiatives. Recognising the structural and cross departmental challenge, influential sponsors will align the multiple stakeholders involved in driving this change and will champion a firm’s pKYC strategy and approach to regulators and other key stakeholders.

Ultimately, pKYC must be future-proof and scalable, ready to adapt in line with business strategy and regulation to keep firms competitive.

The future of pKYC

The adoption of pKYC is growing, driven by regulatory pressures and the increasing complexity of financial crimes. Financial institutions are recognising the benefits of a proactive, real-time approach to compliance and risk management. The move towards pKYC is seen as a necessary evolution to stay ahead in a highly regulated and competitive financial environment.

As the technological landscape continues to evolve, integrating advanced technologies such as blockchain and further developments in AI and ML will likely enhance pKYC systems’ capabilities. Ensuring higher levels of compliance and risk mitigation, these technologies are able to provide more robust and secure mechanisms for customer verification and monitoring.

Blockchain technology can be utilised to further improve the initial customer authentication and validation process. As a result, we can expect improvements and advancements in the quality of customer data collected during initial customer onboarding processes. Financial institutions can then leverage AI-enhanced tools that can identify and collect the necessary attributes during document processing stages. This ensures that pKYC will utilise relevant, accurate, and up-to-date data. Perpetual KYC represents a significant departure from traditional, periodic KYC, as it offers a wide range of benefits in real-time risk management, operational efficiency, and customer experience. Although the implementation of pKYC poses certain challenges, it also provides numerous advantages, making it an increasingly attractive solution for financial institutions aiming to enhance their compliance and risk management frameworks and maintain a competitive edge in a rapidly evolving regulator landscape.

  • Cybersecurity in FinTech