In December 2022, the Wolfsberg Group released its Principles for using Artificial Intelligence and Machine Learning in Financial Crime Compliance. A non-governmental organisation of 23 global banks, the Wolfsberg Group published the Principles as a way to help financial service providers integrate artificial intelligence (AI) and machine learning (ML) into their compliance solutions.
Automated AI/ML tools have significant potential for fighting financial crime, especially in the context of anti-money laundering (AML) and counter-financing of terrorism (CFT), since they enable financial institutions to analyse data and make compliance decisions faster and more accurately. The decision-making power of AI/ML can also help to reduce false positive alerts, increasing the efficiency of the AML/CFT compliance process and allowing firms to better adapt to emerging criminal methodologies and changing regulations.
Given the influence of the Wolfsberg Group on international AML and CFT standards, it is important that financial institutions are familiar with the newly-released Principles, and are able to integrate them within their AI financial crime strategies.
What are the AI and Machine Learning Principles?
In its mission to help global banks tackle financial crime, the Wolfsberg Group has previously stated its support for using AI and ML to “detect, investigate, and manage” risks such as money laundering, terrorism financing, and fraud. With that in mind, one of the group’s current priorities is to help both public and private sector entities take advantage of the opportunities presented by innovations – such as AI and ML – in financial crime and risk management contexts.
The Principles align with the Wolfsberg Group’s objective to see financial service providers leverage technological advances to improve compliance while reducing friction for customers using financial products. However, the Group points out that it is “critical” for firms to “consider data ethics” when using AI/ML technology, and so must also “understand the potential impact” of such technology “to ensure that it results in fair, effective, and explainable outcomes.”
The Wolfsberg Group’s 2022 AI compliance principles comprise the following five elements.
The Principles emphasise the need for financial institutions to be aware of, and guard against, the misuse and misrepresentation of data collected by AI/ML systems. Specifically, the Principles state that AI/ML solutions must be adopted for “the legitimate purpose of financial crime compliance” and not be used for other activities (for example, market research). Key to the successful application of the legitimate purpose principle is the integration of an “assessment of ethical and operational risks” of AI/ML into a compliance solution.
Financial institutions must balance the development and implementation of AI/ML solutions against the risks that they present. Practically, this means that financial institutions should consider the proportionate use of AI/ML technology, using it only where it can effectively detect and prevent financial crime as part of their compliance infrastructure, and where it is cost efficient to do so. The Wolfsberg Group also notes that AI/ML technologies entail a margin of error, and that this should also be included when determining proportionate use.
Design and Technical Expertise
The Principles stress the importance of financial institutions understanding how to use AI/ML technology in order to “avoid ineffective financial crime risk management” and to ensure it is applied ethically. This means that firms must implement AI/ML compliance solutions with clear compliance outcomes in mind, and ensure that personnel responsible for the technology should have suitable skills and expertise, and be able to identify potential data biases. Similarly, senior management personnel should be familiar with the ways that AI and ML are integrated as part of their firm’s compliance solution, and ensure that robust testing and validation programmes are in place to deliver ongoing effectiveness.
Accountability and Oversight
Regardless of whether their AI/ML solutions are developed in-house or outsourced, financial institutions should understand that they bear ultimate regulatory responsibility for their outcomes. Given that compliance failures carry significant financial and criminal penalties in most jurisdictions, it is important that firms train their employees on how to use the technologies properly and think carefully about oversight, especially in contexts where there are data management risks and other ethical concerns. Firms should challenge their AI/ML accountability infrastructure regularly to ensure it remains effective.
Openness and Transparency
The sensitive nature of the data that AI/ML systems process make openness and transparency significant operational priorities. When considering transparency requirements, firms should take care to ensure that they balance the capability of AI/ML systems to detect and prevent financial crime, with the need to protect the privacy rights of their customers and clients (along with other data protection obligations). Examples of transparency in AI/ML contexts include explaining exactly how the technology uses data, how the technology processes inputs, and how it operates in line with a firm’s governance and risk appetite.
How to Comply with the Wolfsberg Group’s AI Principles
Data is critical to AI/ML compliance technology and the Wolfsberg Group acknowledges that AI/ML solutions “require financial institutions to consolidate and process large amounts of data, from multiple sources”. To meet that requirement, firms must put automated global screening solutions in place to manage their data needs, and use those solutions to screen customers on an ongoing basis to ensure they capture the latest risk information.
Integrating cutting-edge machine learning technology, Ripjar’s Labyrinth Screening solution is designed with that need in mind. Labyrinth is capable of searching customer names against thousands of global data sources, including foreign adverse media sources in over 20 languages, and generating results in seconds. In a shifting regulatory landscape, Labyrinth Screening enables firms to blend structured and unstructured data to deliver actionable, real time insight, reduce compliance friction, and respond to compliance alerts as quickly as possible.