News & Commentary

11:28 AM
Troy Pugh, IBM Software Group
Troy Pugh, IBM Software Group

Navigating the Big Data Nuances of Financial Crimes

By approaching financial crime initiatives with an integrated approach, financial institutions can use data as an asset in communication across departments and stay up to date with evolving requirements.

“Catch me if you can.” That seems to be the mantra of the modern day cyber thief, fraudster or money launderer. Cloaked behind anonymizers, spoofing and botnets, criminals employ extensive means to go undetected. While advances in technology can provide organizations with the proactive tools needed to best tackle these crimes, the problem is still pervasive.

According to estimates from the International Monetary Fund and the World Bank, between $2-3 trillion is laundered around the world each year. To illustrate the challenge of combating laundering, a 2013 report from the Council of Foreign Relations found that government regulations and law enforcement agencies are only able to detect and stop $170 million in money laundering activities annually.

[Register for Interop here and check out the “Advanced Threat Confidential: 14 Lessons Learned from Real Cyber Attacks” session on October 4 in NYC.]

To detect and combat criminal activity, financial organizations are working to implement a framework of strong, effective defenses while also minimizing disruption to their businesses. With today’s market volatility and increased pressure from regulators for financial institutions to detect and prevent financial crime, the requirements to comply with regulations, while viewing the problems from all angles and across multiple departments, are imperative.

When I managed a financial crimes Intelligence and Analytics team, I saw this challenge firsthand. Any move toward an integrated approach to fight fraud, money laundering and cyber threats hinges on the availability of data. Whether extracted from various, disparate databases or accessible as the result of investment in Big Data initiatives, developing an integrated approach only moves forward when organizational silos are removed and data is viewed as an asset from which to derive intelligence.

Traditional anti-money laundering (AML) transaction monitoring systems, including those from just five years ago, generate alerts based on patterns and detection strategies. These strategies can quickly become outdated as criminals find new and elaborate ways to evade the system. Many of these systems generate high numbers of false positive alerts that can tie up resources working on leads that are legitimate transactions. While AML transaction-monitoring systems may be able to provide useful information into the nature of financial crimes, they are only effective if the system can make connections and recognize patterns in the data.

Financial crimes can also threaten an organization at multiple points of vulnerability. Focusing on a single channel or line of business, such as wire transactions or expense reporting, can hinder management visibility and allow fraud and money laundering to go undetected. Since financial crime is rife with many nuances, it’s important to keep an open line of communication so information can be easily and quickly shared across departments and geographies.

One benefit of monitoring financial crimes across channels is that it can prevent criminals from exploiting process weaknesses. With an integrated approach, an organization can enable a consolidated view of an operational environment where all risk-related data can be collected and analyzed from multiple perspectives. This unified perspective will not only show overlap in terms of potential fraud or money laundering, it also allows the organization to identify transactions that would normally fall below the radar to be identified as fraud. By linking cross channel investigations, the organization can reduce redundant investigations and free up investigators. Consolidated data can lead to more effective detection/prevention strategies and act as a force multiplier by eliminating multiple case assignments for the same investigations.

[See Also: Cyber Security – Avoid Prescriptions When Keeping Up With Threats]

Given the global expansion of money laundering, financial institutions need to be careful when assessing and implementing an appropriate AML solution. Since financial service institutions of all kinds – including banks, brokerages, and insurance firms – conduct business in the major and emerging capital markets, compliance with anti-money laundering regulations is required. With several requirements such as know your customer (KYC), watch list screening, and suspicious transaction monitoring, it can be challenging to keep up-to-date with constantly amended, complex AML regulations while efficiently managing available resources and long-term costs.

The financial marketplace continues to grow at a global scale. By approaching AML and other financial crime initiatives with an integrated approach, financial institutions can use data as an asset in communication across departments and stay up to date with evolving requirements. Once the nuances of financial crimes are understood, it becomes possible to mitigate threats before they happen.

Troy Pugh is a financial crimes subject matter expert with IBM Software Group

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Author
10/1/2013 | 4:51:50 PM
re: Navigating the Big Data Nuances of Financial Crimes
Adopting this data-based, integrated approach definitely makes sense. But isn't part of the challenge around detecting & preventing financial crimes the lack of communication and information sharing among different financial institutions? It seems like until that issue is addressed more effectively and consistently, internal integration & analysis is only part of the answer. That said, maybe that is the essential first step, and once banks start to see the benefits and opportunities, they will understand how this could be extended across the industry?
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.