To Catch a Terrorist – Innovation, AI, and Public/Private Partnerships in the World of BSA/AMLOn the heels of FinCen and Federal Banking Agencies releasing a joint statement “Encouraging Innovative Industry Approaches to AML Compliance,” Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker announced a new collaborative era during the American Bankers Association’s Financial Crimes Conference, and emphasized the need for private/governmental working relationships and partnerships in order to combat new and sophisticated avenues that fund terrorism and facilitate money laundering. The message is simple: As technology-enabled crime proliferates, private entities and governments alike must evolve and innovate to combat this growing threat.

The joint statement and Mandelker’s comments are tailored to build trust with financial institutions by focusing on three core principles – information, innovation, and targeted action, the focus on which, is beneficial to banks and companies who, in good faith, are working to strengthen their BSA/AML processes. The government wants financial institutions to “consider, evaluate, and where appropriate, responsibly implement” new machine learning technology to better detect suspicious activity, and regulatory bodies should, moving forward, support pilot programs for the use of emerging technology in data analytics rather than stifling good faith innovation with sometimes antiquated supervisory criticism.

Per Mandelker, the government is engaging in working groups to facilitate relationships with the industry, and it’s the government’s intent that the exchange of information about suspicious transactions and persons won’t be one-sided. The crux of machine learning and predictive intelligence relies on vast quantities of data—and organizations must be comfortable sharing that data in order to fully utilize the promise of these innovations. As a result, regulatory agencies are committing to sharing information with financial institutions. Of note, examples of the type of information the government believes essential to share with financial institutions are advisories, such as FinCen’s October 11, 2018, publication outlining red-flag activities by Iran used to exploit banking systems. Similarly, in the cryptocurrency regulatory “Wild West,” the government recently demonstrated its commitment to sharing information with private partners on a transaction-specific level by publicly sharing, for the first time, the digital currency addresses of cybercriminal co-conspirators involved in the recent SamSam malware attack that devastated cities, universities, and medical centers.

The government’s efforts to appear more approachable and enter the 21st century are welcomed by the industry as a much-needed update in the BSA/AML field, where compliance personnel find old frameworks increasingly difficult to apply to today’s real-world situations. As financial institutions invest in machine learning, blockchain and even branch into cryptocurrency (or customers who dabble in exchanges), BSA/AML protocols will continue to improve, and encouragement by the government is an overwhelming positive in the fight against terroristic financing.

Companies should consider how their current BSA/AML practices can be enhanced by current innovations and available data. A strong understanding of both the technology and the law will be essential as we move into a new age of data sharing between public enterprise and government regulators.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Lyndsay E. Medlin Lyndsay E. Medlin

Lyndsay Medlin assists clients across industries with a variety of litigation, internal investigation, and compliance needs. Her experience includes assisting clients with drafting and developing policies and best practices to ensure compliance and prevent litigation; investigating and responding to internal whistleblower allegations, federal…

Lyndsay Medlin assists clients across industries with a variety of litigation, internal investigation, and compliance needs. Her experience includes assisting clients with drafting and developing policies and best practices to ensure compliance and prevent litigation; investigating and responding to internal whistleblower allegations, federal civil investigative demands, and state regulatory inquiries for financial services, healthcare, life sciences, and government contractor clients, and working closely with clients across industries to protect their business interests nationwide. With privacy and cybersecurity becoming paramount concerns for businesses, Lyndsay is also skilled at counseling clients regarding the nuances of privacy notices, protection of customer and client personal information, and for covered financial services clients, Bank Secrecy Act/Anti-Money Laundering compliance.

Photo of Erin Jane Illman Erin Jane Illman

Erin Illman is a dynamic problem solver with a strong understanding of U.S. and international private-sector privacy laws and regulations and the legal requirements for the transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions. She regularly…

Erin Illman is a dynamic problem solver with a strong understanding of U.S. and international private-sector privacy laws and regulations and the legal requirements for the transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions. She regularly advises clients on CCPA, GLBA, HIPAA, COPPA, CAN-SPAM, FCRA, security breach notification laws, and other U.S. state and federal privacy and data security requirements, and global data protection laws. In addition to providing proactive privacy and information security compliance and legal advice, Erin manages privacy-related enforcement actions and litigation. Her practice includes representing companies in reactive incident response situations, including insider cybersecurity threats, electronic and physical theft of trade secrets, and investigation, analysis, and notification efforts with respect to security incidents and breaches.