AML Models: Best Practices for Development and Validation

May 19, 2022

Money laundering remains an ongoing concern for countries and companies worldwide. 

According to data from the United Nations, between $800 billion and $2 trillion is laundered every year as criminals look to “wash” ill-gotten gains by moving them away from the point of the crime and then layering them within other transactions to appear legitimate.

To combat this concern, businesses that conduct financial transactions — including banks, Fintech firms, cryptocurrency trading companies, and casinos — must develop anti-money laundering (AML) practices that satisfy compliance obligations under the Bank Secrecy Act (BSA).

Failure to comply with these regulations can lead to audits, investigative action, fines, and even suspension of business operations. What’s more, lacking AML frameworks can put companies at risk of being used for money laundering efforts, putting them at risk of legal challenges and significant reputation damage.

So how do companies get from AML expectations to effective compliance? It starts with an AML model, which is a process that helps businesses ensure that current practices align with existing regulations. 

In this piece, we’ve created a step-by-step guide to help your company build, test, and validate your AML model.

Let’s get started.

Download AML Compliance Checklist

What is an AML Model?

An AML model is a set of processes that work together to help identify potential money laundering operations and reduce overall risk.

In practice, this means an AML model isn’t a single software or hardware tool but rather a combination of processes and procedures that include software solutions, human expertise, and emerging technologies such as artificial intelligence (AI) and machine learning (ML) to detect the telltale signs of money laundering before fraudulent transactions can be completed.

Historically, these models have relied on qualitative human measurements — the ability of experts to recognize specific actions as part of more significant money laundering operations. As criminals have become more sophisticated, however, their methods have evolved to include digital tools and techniques designed to obfuscate actions and make it challenging for AML teams to detect potential problems. 

Today, AML models combine qualitative and quantitative metrics to provide a complete picture of the risk and compliance landscape. For example, a purpose-built AI tool might scan transactions for common signs of fraudulent behavior, then notify AML staff of the findings. From here, AML teams analyze both the data itself and the market at large to assess their overall level of risk and determine effective action. 

To fully protect yourself from any threats, you'll want to mesh your fraud and AML efforts, ensuring both teams are working together closely. For best results, it's important to promote a collaborative risk culture where product and risk teams feel confident and comfortable working together.

How to Develop an Effective AML Model: 8 Steps to Success

When it comes to building an AML risk assessment model, there’s no “one size fits all” approach — the type, volume, and location of transactions conducted by your organization will inform the best fit model for your business.

There are, however, eight common steps to success that can help any business looking to develop and deploy an effective AML model.

Set Specific Goals

Before starting any AML model development, it’s good to set specific goals. This is critical given the scope of money laundering efforts — attempting to catch every action from every customer will result in models that are simply ineffective across the board.

This means it’s a good idea to determine your priorities in practice. What are you looking to accomplish with your model? For example, is the goal to reduce the volume of transactions from a specific area or ensure an in-depth analysis of transactions over a specific monetary threshold?

By establishing clear goals up-front, you can tailor your model to meet desired outcomes, rather than trying to shoehorn in particular actions after the fact.

Create a Clear Framework

When it comes to AML models, a clear process framework is critical. This means sitting down and mapping out what your AML workflow looks like. For the greatest chances of success, you'll want to plan out a comprehensive fraud and AML program to make sure you have all your bases covered.

For example, will AI and ML tools handle the initial analysis of customers and transactions before passing them on to human experts, or will technology and talent work in tandem? If AI solutions are responsible for assessing and reporting potentially problematic transactions, what is the threshold for human interaction, and which transactions can be handled automatically?

Pinpoint Tools and Technologies

Next, your team needs to consider the tools and technologies that will underpin your AML model. This might include an onboarding orchestration tool to help pinpoint high-risk customers and validate ID, or it could mean incorporating transaction monitoring and case management tools capable of using well-defined data sets to conclude money laundering. 

This step also speaks to integration: How will these tools and technologies work together to produce the desired result without creating redundancy? 

Develop Consistent Controls

Controls must be consistent across your entire AML model to maintain compliance throughout the process.

This means creating a framework that delivers the same results in the same format every time — if processes change based on circumstance or due to a lack of robust documentation, the results of any AML assessments won’t be reliable or verifiable.

Ensure data accuracy

Accurate data produces accurate results. When developing AML models, this means pinpointing relevant data sources and ensuring that AML tools and technologies access these databases.

However, it also means limiting access to these relevant sources — while adding more data may provide additional context, it can also lead to results that are not relevant to the question at hand.

Test, Test, Test

Once you have a good idea of what you want to measure, how you’re going to measure it, and what steps you’ll take to ensure data accuracy, it’s time to test. And test. And test. The more you test your model, the better your chances of returning timely and actionable results.

Continually Monitor Outputs

Effective AML model development doesn’t stop when the first accurate outputs emerge. Instead, companies must continually monitor outputs to ensure that outputs remain consistent and compliant. 

Regularly Reassess the Impact

AML compliance regulations aren’t static. For example, consider the expanding need for strong customer due diligence (CDD), which requires companies to identify and verify the identity of customers and beneficial owners along with understanding the nature and purpose of customer relationships to develop risk profiles.

As a result, AML models must be regularly assessed to ensure they remain compliant — if not, they must be updated. 

New call-to-action

Four Signs of an Ineffective AML Model

To help improve AML model design and deployment, it’s also worth knowing when things aren’t going to plan. For example, suppose you’ve spent weeks working on an AML model. In that case, it’s better to see where the model doesn’t live up to compliance expectations — rather than spending months on development only to discover that it can’t satisfy BSA requirements.

To help give you a head start on making sure that your model lives up to expectations, here are four signs of an ineffective AML model: If your current framework displays any of these characteristics, consider going back to the drawing board and developing a new approach.

Substantial Alert Backlogs

If your model produces substantial alert backlogs that aren’t being addressed in a timely fashion, there may be a disconnect between processes and outputs.

Inconsistent Policy Application

If high-risk customers or transactions aren’t generating regular alerts, this may indicate a problem with the current risk thresholds of ML or AI tools.

Recurring False Positives

If you face a host of recurring false positives or alerts for customers who have already been verified, your risk level analysis may require adjustment.

Sudden Changes in Alert Volumes

If alert volumes vary wildly from month to month, your process application may be inconsistent across all data sources.

You can fix all of these problems with predictive scoring for your alerts. This helps your risk and compliance team easily visualize the severity of different alerts and prioritize them accordingly.

Understanding the AML Model Validation Process

Validation is critical to ensure your AML model can reliably detect and report suspicious activity. 

But what is model validation in AML? Put simply; it’s the process of ensuring that your model does what it’s supposed to do. For example, suppose your model is designed to initiate in-depth identity verification (IDV) for customers logging in from geographic locations with higher-than-average money laundering rates. In that case, validation ensures that this is actually happening. If these customers aren’t being flagged and sent for additional IDV, you may need to re-examine your model.

Standard validation approaches include conceptual soundness, ensuring that your model processes are backed by documentation and empirical evidence. It’s also good to validate output data to assess its relevance and accuracy. Over the long-term, meanwhile, gap analysis can help determine where models have improved current operations and where there is still work to be done. 

Best Practices for AML Model Development

Regardless of your AML model goals and frameworks, several best practices can help keep your efforts on track:

Prioritize Simplicity

Simple models are less likely to break, are easier to understand, and are more likely to be adopted by staff and customers alike. 

Improve Data Quality

Better data means better model outputs. By prioritizing the collection of high-quality, relevant data, you can improve model accuracy and speed. 

Stay Up-to-Date on Customer Data

Customers aren’t static. Their circumstances may change, in turn changing their risk profile. Therefore, regularly reassessing customer data is critical to align with AML expectations.

Pinpoint Scope Creep

As customer and data volumes grow, it’s easy for the scope of AML models to “creep” upward, in turn lowering their efficacy. So be on the lookout for this creep to help keep your model on track.

Download Transaction Monitoring Product Guide

Making the Most of Your AML Model 

A practical and in-depth AML model is critical to help your company pinpoint potentially fraudulent transactions and ensure regulatory compliance.

And while there’s no such thing as a “perfect” model — the dynamic nature of money laundering efforts means that continual monitoring and ongoing changes are part of effective deployments — you can increase the efficacy of your model by following our 8-step framework, watching out for the telltale signs of ineffective models, implementing powerful validation and ensuring alignment with AML model development best practices.

Subscribe to our Blog!

Please fill out the form below:

Related Articles

Getting started is easy

See first-hand how Unit21
can help bolster your risk & compliance operations
GET a demo