The Center for Data Innovation spoke with Marius-Cristian Frunza, founder and CEO of Schwartzthal Tech—an AI company focused on financial crime intelligence. Frunza discussed how Schwartzthal Tech helps de-risk business transactions and bring more transparency and effectiveness to the financial services industry.
Kir Nuthi: Why does Schwarzthal Tech use its AI platform to focus on financial cybercrime?
Marius-Cristian Frunza: The financial industry relies on an old and oversold concept: data frame, which came into power 30 years ago with Multiplan (known as Excel). Excel and Excel-based frameworks are still the most popular technologies in compliance and risk management. The quasi-totality of recent RegTech solutions leverages different shapes and forms of this obsolete concept. It is the case of know your client (KYC). KYC, as a concept, is broken. KYC became prominent in the early 2000s due to the Patriot Act. It had the only purpose of checking the identity of the bank’s clients. Today this tool shows its limitations because criminals operate through vast global networks of companies.
There are many similarities between the post-WWI era and the current socio-economic context. Both periods represent a fertile ground for developing anti-social activities: a volatile stock market, hyperinflation, and social turmoil. The next decade will bring a crime spree, and the 2020s will be like the roaring 20s. Therefore, our motivation is to help corporates and institutions fight the massive financial cybercrime that will hit the next decade.
Nuthi: How does your “Know Your Network” technology merge customer screening and transaction monitoring in the same function?
Frunza: The financial services industry has a hierarchical, structured, and siloed culture. Risk management functions across different banks have inherited and reinforced this organizational philosophy. When banks started to be aware of their rampant exposure to financial crime risk, they applied the very same approach as in other areas of risk. Do banks use the proper organizational structure for tackling financial crime? KYC and transaction monitoring (TM) are two critical components most banks use to assess, analyze and measure their exposure to financial crime compliance risk. Nevertheless, despite serving a common goal, KYC and TM are disjointed. In most banks, KYC and TM are harbored in different departments, follow different processes and use different systems, thereby having minimal interactions.
While used mainly during client onboarding, KYC spans the entire client’s life cycle. The knowledge relative to a client crystallizes over time with each new piece of information gleaned from different sources. The client discovery process does not resume checking the ID and the proof of address. It needs information about the client’s transactions, counterparties, and their respective features. KYC and TM follow a siloed approach, which considerably limits the client discovery process and generates unforeseen risks. The wrong way risk is a crucial concern in counterparty risk management. The wrong way risk occurs when a counterparty’s creditworthiness decreases with exposure. When transposed to financial crime, the wrong way risk means that a client deemed low-risk during the initial KYC exhibits high-risk transactions. Such behaviors are difficult to assess in environments where the two functions, KYC and TM, do not interact.
Backtesting the methodologies used for measuring the financial crime risk has been one of the biggest burdens of compliance departments. The main issue is the lack of relevant data required to compare the predicted and observed losses stemming from financial crime risk. Nevertheless, the lack of interaction between datasets related to customers’ screening and transactions’ records hinders the backtesting of such methodologies. In fact, most banks apply models for their compliance risk, which cannot pass through a sound validation process.
Most compliance officers ignore that the initial screening assessment can be used as a benchmark for the transaction monitoring methodology and vice-versa. All things equal, a high-risk customer should exhibit a pattern of risky transactions. In addition, a customer executing high-risk transactions should have been deemed as high-risk through the initial screening process. Transaction monitoring starts with the client’s onboarding. While most institutions are aware of this issue, bridging the gap between KYC and TM raises organizational and technological challenges. The two functions use different systems with different technologies, thereby making their linkage difficult and expensive. Moreover, assessing the initial profile of sophisticated clients requires graph-based approaches (such as Know Your Network). Graph-based technologies can easily monitor money transfer or trading activity and build the bridge between KYC and TM.
Nuthi: What types of data does your Know Your Network technology focus on to assess a user’s risk, and how does this help assess financial crime risk?
Frunza: Data acquisition plan is the key to our success. The bigger and more comprehensive our data repository, the more effective our solution is. We plan to go beyond the scope of gleaning data about companies and key individuals and enrich it with social network data like Linkedin, activist groups, and high net worth individuals, but also with data about assets: ships, cargo, real estate, crypto wallets, etc. In every financial crime case, there is never one person or one firm but an organized network of companies and individuals. KYC today is not efficient. It generates a high number of “false positives” and “false negatives” and cannot assess criminal networks. It will always fail, for example, to show that a previous director is disqualified from another jurisdiction or an investor is related to a sanctioned individual.
Know Your Network (KYN) leaps ahead of KYC and introduces a dynamic, multi-dimensional, and forward-looking concept. KYN is also an Artificial Intelligence encompassing cutting-edge algorithms that enable users to uncover connections they are not even looking for with suspicious or criminal networks, to perform in-depth assessments, and to better qualify and score risks better.
In practice, there are three stages. First, data about individuals, assets, and companies from different jurisdictions are aggregated in a standardized graph-based format. Second, KYN links and explores hidden connections. Last, KYN proposes a rating assessing a counterparty’s exposure to financial crime risk based on the underlying network.
Nuthi: What are some primary concerns you and your team have encountered regarding using AI and machine learning for financial crime fighting?
Frunza: AI is rapidly reshaping all sectors of the financial services industry. Leading financial institutions prioritized adopting AI-powered KYC/AML solutions as part of their process automation roadmap. However, while AI-driven software can accelerate the onboarding of new clients and monitor existing ones, it is also subject to algorithm biases. What are the hidden dangers of unqualified AI biases? Can criminals exploit such biases and outwit banks’ surveillance? Similar to human intelligence, AI learns to make decisions following a training process based on training data. If the training data is biased in any way, shape, or form, the resultant algorithm will mimic those biases. For example, during the onboarding process, many banks are training their operations to decline applications of the cryptocurrency business. In addition, the same AI-based solutions are also declining any company that seems related to or has a brand similar to crypto firms. Moreover, if the training algorithms are not fit for the target data, then they could lead to biased outcomes. Thus, using models could help mitigate risk but can also generate new risks.
Model risk is the potential for adverse consequences from decisions based on incorrect or misused model outputs and reports. Model risk can lead to financial loss, poor business and strategic decision-making, or damage a financial organization’s reputation. Concerning AI biases, model risk occurs primarily for two reasons: an AI model may have fundamental errors and produce inaccurate outputs because the training data is inappropriate, or an AI model may be used incorrectly or inappropriately, or there may be a misunderstanding about its limitations and assumptions.
In the case of KYC/AML solutions, AI biases concern the following. First, if training data have biases or are very different from the application dataset, the AI will have intrinsic biases. Humans have prejudices from their past experiences, and AI has biases stemming from the learning process. Second, overfitting occurs when a statistical model fits precisely against its training data. An AI built with an overfitted model could show serious limitations when applied to data that is different from the training data. The third is mimicking human cognitive biases. One of the primary roles of AI is to replace human actions. Thus, when AI replicates human cognitive processes, it also inherits the underlying cognitive biases. Finally is usage. If an AI solution is used in an area unsuitable for its purpose, it could carry biases.
AI-driven KYC/AML solutions aim to reduce the number of false positives and negatives. AI biases may solve this issue in some areas but can generate wrong classifications in others. For example, before the digitalization of the financial services industry, when client-banker contact was in person, criminals made a science from exploiting human cognitive biases. If AI biases become persistent in the KYC/AML frameworks, they could easily be used by criminals who want to trick the bank.
Nuthi: Now that Schwarzthal is beginning to file for IP and create its own AI engine, what’s the next phase of development for the company?
Frunza: Schwarzthal Tech is in the process of fundraising to expand its operations further. With our bespoke network-based technology, we aim to revolutionize how compliance works and risk management. The next step is integrating Asian languages into our AI engine to ingest data from Asian entities. Moreover, we aim to use our Know Your Network framework to develop a global financial crime rating. Financial crime ratings are much needed to de-risk business transactions and bring more transparency and effectiveness.