Combating financial crime is increasingly complex in today’s fast-evolving financial landscape. Technologies like AI and machine learning enhance AML and KYC processes while regulatory frameworks adapt to challenges from digital finance and emerging fraud. For financial institutions, staying ahead is crucial for security and compliance.
To learn more about the future of financial crime prevention, the role of AI, and how regulations are adapting to the digital age, we interviewed Sverker Tornhagen, a seasoned financial crime expert with extensive experience in shaping compliance strategies across industries.
As a Financial Crime Compliance Futurist, how do you envision the role of technology like AI and machine learning evolving in financial crime prevention over the next decade?
This type of technology is becoming increasingly vital and important in the field. Historically, the financial industry has been extremely poor at efficiency in this area. We can see this in all the sanctions handed out worldwide. Therefore, many hope that this new technology will help to increase efficiency in the future.
Sverker T.
The EU's AMLA aims to centralize and streamline compliance. How do you foresee this influencing global efforts to harmonize financial crime prevention, especially across fintech startups?
I believe that more standardized supervision in the area will be good for both the quality of the supervision and for the competition of the companies that are under supervision. This applies in particular to fintech startups. Today, we can see differences in supervision between nations, and this is not good for either efficiency or competition. Something needs to be done about supervision in Europe as it has historically worked quite poorly. It has not been very proactive or unified. We can see this in all the institutes that have been sanctioned.
Sverker T.
With synthetic identities becoming a rising threat, how can institutions better integrate identity verification tools with predictive analytics to combat this trend?
Synthetic identity fraud, the fastest-growing form of identity theft, is costing businesses billions globally. These synthetic identities can remain undetected for years, allowing fraudsters to build a fictitious credit profile and exploit it for financial gain. Businesses can fortify their defences against synthetic identity fraud by deploying the most advanced identity verification technologies available.
These solutions should encompass automated identity verification, document authentication, and public records analysis. A two-step verification process is critical. The first step involves verifying the authenticity of the individual and their government-issued ID through biometric verification. However, this initial step is just the beginning. The second, equally important step involves verifying whether the individual and their ID details align with public records. Proprietary database verification and public records analysis are essential components of this process.
Sverker T.
Given the rapid rise of decentralized finance (DeFi), what are your thoughts on creating regulatory frameworks that balance innovation with security? Are there any best practices you would recommend?
The regulatory landscape surrounding DeFi has yet to be shaped. The absence of clear guidelines and the evolving nature of regulations create a complex environment, demanding adaptability and proactive measures to ensure compliance and long-term viability. The lack of regulatory clarity not only introduces uncertainty but also raises questions about the legal implications for both users and platform operators. I would recommend that the industry itself works to raise its level of compliance, this would give them more credibility and more established players would want to cooperate with them. A strong membership organization should be established to carry on this type of work
Sverker T.
In your experience, how prepared are global financial institutions to comply with evolving regulations around crypto-assets, particularly as jurisdictions like the EU roll out crypto-focused AML measures?
The FTX scandal is an example of why regulation is needed in the cryptocurrency market. A lack of knowledge about crypto – what it is, how it works, and who is using it – has contributed to increased risks across the entire financial system. Regulators are now tuned into this risk and taking action.
Comprehensive regulation of crypto assets has not been seen to date, and while many reputable crypto wallets and asset providers have taken a stance of acting as though they were regulated, the introduction of MiCA will see clear AML and KYC compliance standards pass into law. It will undoubtedly change the crypto landscape for providers and consumers – and it will hopefully curtail criminal activity in the sector. My experience is that the majority have a poor understanding of the financial crime risks associated with crypto. This applies to private actors but in particular authorities. Here, the level of knowledge must really be raised.
Sverker T.
How do you approach developing financial crime prevention strategies that are both proactive and adaptable to emerging threats such as cyber-enabled laundering or ransomware payments?
The most important thing is that the strategy is holistic, effective and operationally feasible. We often see that institutes have a lot written about financial crime, long policies and instructions. But the most important thing is to make it work operationally. It is important you understand who you do business with, and the risks associated with those entities and individuals. Use analytics and tools for a 360° view of who you do business with and the risks associated with that. The holistic view is central and important that you don´t work in silos.
Sverker T.
Looking at financial crime prevention globally, where do you see the biggest compliance gaps, and what solutions or technologies could bridge them effectively?
The biggest risk is data (KYC) and making decisions based on old data (KYC), which is disastrous. The process of perpetual KYC (pKYC) removes the need to look at risks associated with individuals or entities in a snapshot in time. pKYC is the practice of maintaining up-to-date customer and counterparty records through an automated, integrated workflow of data checks that take place in near real-time.
Sverker T.
As open banking adoption grows globally, how can financial institutions collaborate to standardize AML and KYC practices across borders, given the varying regulatory landscapes?
Information sharing is super important for this to be feasible. This also applies to the authorities. The exchange of information between the private sector and public authorities is far too poor today. This and knowledge exchange must be greatly improved if the efficiency of the system is to improve. If we don’t do this, there is a big risk that the criminals will become even stronger.
Sverker T.
What ethical considerations should compliance leaders keep in mind as AI-driven systems become more prominent in risk scoring and decision-making for financial crime prevention?
You must rearrange the compliance work and work with AI compliance, which means a greater focus on validation and algorithms. Which is a new type of competence in compliance that lawyers are not best suited to perform. New skills will be needed. Then you have to be aware that the development of AI is also something that the criminals benefit from. On the darknet, there are criminal AI tools that can be used in financial crime, so it is the reverse of the rapid technological development
Globally, enormous amounts are being ploughed into AI-related investments, and each new model costs ever greater sums to train and consumes ever greater amounts of energy. The hope is that the party will pay off in the form of increased productivity.
But opinions differ on how big the profits are to come – and how long it will take before they come.
Sverker T.
Finally, what advice would you give to aspiring professionals aiming to specialize in financial crime compliance, especially in light of the growing complexity and scope of regulations?
Focus on technology and data. It is the basis of a good and effective FCP program. In recent years, FCP efforts have begun to incorporate advanced technologies like artificial intelligence (AI), big data analytics, and cloud computing to analyze vast amounts of data, identify suspicious patterns, and predict potential risks, thereby improving detection accuracy and operational efficiency.
Sverker T.
We extend our gratitude towards Sverker Tornhagen for answering our questions.
[Trainee]
Astrid is one of Cellbunq’s latest add-ons to the team, she is currently undergoing a bachelor's degree in Artificial Intelligence at the Stockholm University of Technology (SIT).
Connect With HerLinkedIn
KYC, or Know Your Customer, is a critical verification process that financial institutions use to identify their clients and assess potential risks associated with maintaining a business relationship.
