Use analytical graph databases to streamline anti-money laundering investigations

By Aaron Regis, Senior Solutions Engineer, TigerGraph EMEA.

  • Monday, 23rd May 2022 Posted 2 years ago in by Phil Alsop

Financial institutions have dozens of anti-money laundering (AML) tools, each holding a wealth of data and effective in their own areas, but traditional databases are not efficient or effective enough at joining these disparate datasets together. As a consequence, what is often missing is an overview of the entire process.

Graph databases can be layered on top of existing databases, linking datasets to create an aggregated, top-level overview and reveal previously hidden connections and patterns of activity.

One of the immediate benefits is improved secondary screening of AML alerts and better confidence scoring leading to better use of investigative resources. Beyond that, graph can go on to improve reporting quality and improve the on-boarding of new customers, ultimately leading to a reduced risk of regulatory fines for noncompliance.

Legacy systems

Traditional AML systems are built on relational databases, but relational databases – by which we typically mean databases that are queried using the ubiquitous database language SQL – are actually not very good at analysing relationships between data objects. In-depth fraud analysis often requires following a trail of links between customers, accounts, transactions and financial institutions which will become increasingly more difficult for a SQL database to process as it grows longer.

In an SQL database query, each one of those links generates a large table of results which must be held in memory. With each additional link in the chain, the results table grows and quickly becomes unmanageable.

While SQL databases store data in tables, rows and columns, graph databases are built on a different paradigm. Using mathematical graph theory, they treat each data object as a node and each relationship as a link. Objects are joined to other objects when they are created or updated. Unlike in SQL, relationships in a graph database are explicit and do not have to be constructed at run time. This means that at least half the job of running a query has already been done.

Some graph database query languages also have features which support the aggregation of variables at run time. Aggregation allows queries to be used to perform computations within the query engine, effectively making them standalone programming languages. This means they support iterative graph algorithms, opening up a range of opportunities in deep-link analysis for fraud detection.

Using graph

Despite their many differences, graph and relational databases can make a powerful combination. Data can continue to be held and processed in relational databases for day-to-

day routine activities with the graph database layered on top of them to support and enhance a wide range of AML activities.

Enhance secondary screening of AML alerts

Approximately 95% of AML alerts turn out to be false positives, leading to higher customer transaction friction and increased investigative workload. Banks must hire many analysts, sometimes numbering in the thousands, to investigate these alerts and produce suspicious activity reports (SARs) for the regulators.

While banks may be tempted to reduce the sensitivity of their screening systems to reduce the number of false positives, they have to keep an eye on the regulators which have fined financial institutions heavily for lax reporting.

Graph analytics can cut false positive rates, reducing the incidence of delayed or rejected customer transactions, without sacrificing the quality or quantity of SARs.

The current models, built around the limitations of relational databases, typically use a scoring formula that looks at variables just within the transaction itself. Graph databases add a new dimension by looking at network risk or linkage risk to reveal hidden links between customers, accounts, transactions and other attributes.

Graph is layered on top of the existing solution so it doesn’t replace the existing alert review process but only enhances it, helping analysts to prioritise high-risk transactions more quickly.

Data visualisation to assist investigations and improve SARs

Once the analyst has their case, graph can help speed up the investigation and improve the quality of SARs by providing visualisation tools that reveal hidden linkages and transaction patterns.

Graph translates pages and pages of account statements, KYC and CDD information and the bank’s internal records – often held on multiple systems – into a graphical representation of transaction history. This helps the analyst confirm whether the case warrants an SAR filing and then organise the information for the report.

The graph analytics and visualisation tools don’t replace the analysts’ existing tools but complements them by enabling them to look at the data in a more intuitive manner.

Add insights to customer due diligence (CDD) and know your customer (KYC) analysis

Graph can also help banks improve their KYC and CDD programmes by revealing hidden links and visualising them for the analyst.

Current programmes tend to focus on the characteristics of the customer, for instance, geographical location, occupation, industry, types of products used and account age, but this doesn’t tell the full story.

Like we saw with transaction filtering, a new dimension can be added to KYC and CDD by looking at who the customer is associated with through an examination of their business and social connections. Being able to see that a customer shares a business address with another high-risk individual or is a stakeholder in a business that has been rated as suspicious is a vital insight for an analyst in considering a customer’s risk rating, and seeing all of these ‘at risk’ linkages laid out in graphical form helps the analyst understand the bigger picture.

Conclusion

Analytical graph databases can reveal hidden relationships within complex datasets, making them ideal for anti-money laundering (AML) operations in banks and other financial services companies, ultimately helping to reduce the incidence of fines for noncompliance.

Meanwhile, graph visualisation tools help investigators understand the context of an automated AML alert, leading to faster and more accurate resolutions.

Money launderers move fast, have numerous connections and frequently change techniques and patterns of activity, but an AML detection system using graph analytics and pattern matching can adapt to their rapidly evolving strategies and catch them before they move on.

Additional reading

Make AML Compliance Easier And Smarter With TigerGraph – https://info.tigergraph.com/aml-executive-brief