How do banks currently use adverse media screening? What value do they feel they get from the current process? And what improvements could they make, in terms of both process and technology, to improve the identification of true risks in their customer and supplier screening processes?
This report follows a recent roundtable discussion with compliance professionals from a range of UK banks and financial institutions. It outlines the ways in which they’re currently using adverse media screening, the challenges they face in the screening process, and the ways in which technology can be used to cut through the noise and uncover true risk levels.
Introduction
How do banks currently use adverse media screening, or the process of searching for negative news about their existing or potential customers or suppliers?
What value do they feel they get from the current process?
And what improvements could be made, in terms of both the process and use of technology, to identify the real risks more accurately?
A recent 1LoD Roundtable discussion with key practitioners revealed important developments.
Adverse Media Screening
All of the participating banks recognised the importance of running adverse media screening checks as part of their compliance and anti-money laundering (AML) procedures. And all of them said that they screened when bringing new clients on board and then as part of their periodic know your customer (KYC) review processes. Adverse media screening allows banks to identify different types of risk which may not be covered by sanctions or traditional watchlists.
Core screening
Banks may use a variety of news and data sources, but the generic process is usually the same in the initial screening. The bank sends a list of client names to a third party analytics vendor (which has been supplied with the bank’s ‘model’ for negative news screening) and receives a list of matches in return.
One bank did the process in reverse: it selected external news sources only for the relevant categories and then ran those against its own client data. As a head of AML and anti-bribery and corruption (ABC) at a European bank said:
“On reflection this probably limits how many lists and how much data you take in, but that’s the approach we take.”
These models and third party solutions look for stories involving individuals or entities that are reliably reported to be associated with a money laundering predicate offence (or other type of specifiable offence) by a law enforcement or regulatory enforcement body. The solutions will return a hit when such a story matches a supplied client or associated party name.
The matching process in the third party system is generally done by technology. Alerts are generated and returned to the bank, to be assessed by human analysts in the operations or compliance teams in order to determine their significance.
Participants also used different levels of adverse media screening on a periodic basis, both as part of the traditional one-/two-/three-/four-year client refresh (depending on the client risk level), but also as a standalone adverse media screening refresh. For example, the full check could include searches related to money laundering predicate offences, energy crime, hate crime, labour rights violations, data privacy breaches, illegal gambling or other offences, while the weekly search could be restricted to money laundering. Another bank restricted ongoing screening to instances of regulatory action.
The more important the review, the larger the number of news sources the banks tend to use in their screening. Initial onboarding included the largest number of different data sources, up to and including a Google search of the entire web. Enhanced due diligence (EDD) escalated the search in the same way. And where clients were deemed to be high risk in later periodic reviews, the same approach was pursued.
Participants used different levels of adverse media screening on a periodic basis, both as part of the traditional one-/two-/three-/four-year client refresh (depending on the client risk level), but also as a standalone adverse media screening refresh.
Coverage vs.. quality
It may seem sensible to include as many sources as possible for important searches, but this can create unnecessary extra work. Simply increasing the volume of news searched, regardless of its relevance or reliability, is most likely to increase the volume of alerts without increasing the number of true positives. The banks know this.
As one head of compliance said:
“The broader the search criteria, obviously, the higher your chances of noise. So, if it’s a low-risk client, we’d stop at vendors who curate good quality but consequently have restricted coverage at that level of quality. If there’s medium risk, we would add on a broader vendor, and if it’s high risk, we’d include Google search strings at the same time. So, it’s a risk-based approach to that manual review. But if we put the equivalent breadth of search into the automated system, then I don’t think we’d manage the alert volumes.”
In other words, in terms of news sources, banks are in a constant trade-off between good quality/low coverage and poor quality/high coverage. They then apply a risk-based approach that relies on the use of scarce, in-house, manual resources to cope with the noise generated by broadening the search criteria.
For now, the noise is winning. The ultimate desired result is true positives which feed into overall client risk assessments. But in practice, these adverse media screening processes generate large numbers of false positives and false negatives.
As one participant said:
“The number of alerts [returned by the third party vendor] is pretty high, especially with all the news sources that have made their way into World-Check and LexisNexis and other sources over the years. But the output of true hits that would cause any kind of sanction on the client or an exit are pretty low.”
A better way?
There are many reasons for the current noise levels: accurate name-matching is incredibly difficult; defining search parameters and confidence levels is as much an art as a science; and the unreliability of so many of the news sources means that banks are seeking matches in a tainted database.
There are also specific technical reasons why searches are ineffective. As one head of compliance explained:
“One challenge is around names and where they feature in an article. If the name doesn’t feature in the first X paragraphs, the system does not generate an alert. So you lose a lot of true hits.”
How can the process be improved? The obvious answer might be to improve the search models crafted by the banks and the flexibility of vendors’ parameter sets. The problem with this approach is that it is still a keyword search of a huge mass of unstructured data. As one participant said:
“Applying keyword searching across general news will always be horrifically noisy.”
Another way to achieve this would be for data aggregators to do a better job of refining datasets to match banks’ needs. As one European head of compliance said:
“There’s a huge amount of noise built into what these data aggregators aggregate. Also, they are sometimes judged simply by how much data they aggregate. The bigger the pool, the better they see it as being. I would much prefer to see a much smaller pool of genuine media that we need to be concerned about.”
Explicitly tying this notion of over-aggregation to the noise problem, one head of AML said:
“I think negative news screening is really important. When you do identify something meaningful, it underscores the importance of having the processes in place. The trade-off, however, is the amount of noise that we get. So, I would very much like to see a slimmed-down, more material, meaningful list of news sources that we should be screening against, thereby increasing the productivity and getting rid of the noise.”
Next generation news & analytics
One answer is to use machine learning. Language-specific models can effectively read each article and identify relevant risks, such as talk of money laundering itself or one of its predicate offences.
Having identified relevant articles, advanced analytics can then be used to extract the essence of the article – or who did what to whom. Again, keyword searches are inefficient in this regard. The output of this stage of automated article review can be further enhanced by:
- Removing duplicate articles from the search
- Threading together reprints of the same article or articles telling the same story with storyline detection
Even with all these steps, the task of reviewing matches is still daunting. Fortunately, machine learning can help. By identifying common factors across groups of articles, it is possible to generate highly accurate entity-specific profiles of individual people and companies from all of the data.
The profiles highlight the most meaningful articles to further simplify the task for compliance analysts. They are particularly powerful when reviewing customers who have common or famous names: because those names occur frequently in the media, effective screening can be rather like trying to find a needle in a haystack.
Overall, this method can reduce the review time by as much as 90%.
Most importantly, by taking an advanced approach to monitoring and screening, compliance teams can review customers – both when bringing them on board, and on a continuing basis – without making compromises.
It is not just down to the vendors though. As one head of AML said:
“We also have to be clearer about what we believe adverse media and material negative news to actually be. Only then can you create a database that contains only the things that are going to help us understand and manage financial crime risk.”