How AI could help stamp out financial crime — or help accelerate it

Oliver Bullough



Last week, I swam in the acronym-infested waters of the compliance industry at a conference hosted by the Association of Certified Anti-Money Laundering Specialists. I was most struck by new artificial intelligence products on display there. One “reg tech” company — SymphonyAI — demonstrated a program that could basically replace much of financial institutions’ compliance departments with something as easy to use as a Gmail account. 

It spots anomalies in financial transactions, spells out why they’re anomalous and writes it all up in straightforward prose, which can be translated into multiple languages, ready to be emailed to your regulator. You can chat with it (“Show me the risky transactions”), ask it questions (“Which transactions involved China?”) and give it feedback, so it learns to tailor its advice to your particular needs. A lot of the focus on AI this year has been to mock it for falling in love with a New York Times journalist or to worry that it might be “sentient,” but this was the first time I’d personally witnessed its human-replacing capabilities.

Another company — Quantexa — has remarkable software that maps companies, their shareholders and directors, financial transactions and other information in clear and easily comprehensible ways, thus negating the kinds of obfuscation used by criminals to hide their transactions. It is remarkable to think this is just the beginning of what AI can do.

Several banks have already adopted versions of AI — including HSBC and ING — in their quest to improve their compliance with anti-money laundering rules after their well-publicized failures to do so. 

At panel discussions, officers from both banks talked about how the AI systems are more effective than their predecessors at identifying anomalous transactions and more efficient in terms of how much they cost to run. 

Previously, banks had to employ large teams in their “first line of defence” to sift the alerts generated when a transaction broke the rigid rules of the old compliance systems, of which perhaps 99% would be false positives. The new “contextual monitoring” AI programs claim to do that filtering automatically, thus generating far fewer alerts overall but more alerts that actually result in transactions being reported as suspicious. This is potentially good, since it means financial intelligence units won’t be so swamped by Suspicious Activity Reports and instead will be able to focus on legitimate alerts from banks.

  • “Financial crime is an arms race between the institutions and the bad actors, and the bad actors are always innovating,” one senior compliance officer said. 

But that got me thinking about what AI would mean for money laundering and financial crime more broadly. I’m afraid it left me more worried than reassured.

Of course, new technologies have aided the battle against financial crime many times in the past. Faster communications allow police agencies to exchange information with each other, and the internet allows us to search foreign corporate registries. However, those advances have been just as helpful to criminals. Faster communications allowed tax havens to become major banking centers. The internet made interlocking shields of shell companies cheap and available to everyone. Banking apps made fraud easier.

I see no reason why AI won’t work in the same way. Yes, it will help compliance departments work more efficiently, but it will also help criminals bury their transactions ever deeper in the financial system. Like every tool, it is neutral in its effect but — if previous innovations are any guide — criminals will be more imaginative than their opponents in how they use it. Fraudsters will use AI to devise more ingenious ways to fool their victims. Lawyers will use it to defend kleptocrats. Accountants will use it to hide dirty money. 

  • “Criminals are always one step ahead, innovating and evolving their strategies to get past financial institutions and regulators. It’s a never-ending roundabout where as soon as one threat is thrown off, a newer, more challenging one gets on,” says this helpful article from FinTech Magazine.

Technology will not be a silver bullet to tackle financial crime unless it is used as part of a well-resourced, well-designed strategy uniting all parts of the public and private sectors. I sincerely hope that law enforcement agencies will not be — unlike the banks — seeing it as an opportunity to lay off their employees but instead as something to make those employees better at their jobs.

One key aspect of that is for regulators to provide compliance teams with reliable feedback on the Suspicious Activity Reports that they receive so as to train the AI systems that are generating them. Artificial intelligence is only as good as the training it receives — you teach AI to recognize a cat by repeatedly showing it pictures of cats. It won’t get better at spotting financial crime if we don’t tell it when it’s done so. Right now, the Dutch Central Bank has just 70 people tackling dirty money. The Banque de France’s ACPR has only 90. That’s not enough to do the work that’s already demanded of them, let alone to help train our new digital overlords.

On that note, one regular topic of conversation in the queues for coffee at the conference was how European Union politicians would resolve the conflict between the bloc’s attempts to protect data and to fight financial crime. There is no point in having spectacular computer programs to analyze the movement of money if you’re going to deny them the data that will allow them to do so. But we also need to make sure the data is being used in ways that are beneficial. I’m glad it’s not me having to decide where the line should be drawn. Or, as Michael McGrath, of Ireland’s Department of Finance, put it: “We’ve got a job of work.”


I have just read an advance copy of “Number Go Up” by the Businessweek reporter Zeke Faux, which is very, very good. If you want a well-researched and authoritative — but also funny, irreverent and readable — account of the crypto business, this is most definitely the book for you. Faux spends time with the bros in New York and Nassau but also treks to Cambodia to see the victims of human trafficking gangs enabled by cryptocurrencies and points out — with a slight note of despair — that while some of the hucksters whose schemes collapsed last year were being prosecuted, there were no equivalent cases against the gangsters.

What little use crypto does have is to the benefit of criminals, so we badly need workable rules governing cryptocurrencies to prevent them from being used to launder wealth. That means a lot is riding on the European Union’s proposed Markets In Crypto-Assets Regulation. Unlike previous EU initiatives, including the anti-money laundering directives, the application of this one will not be left up to interpretation by national governments. Instead, it will be unified across the bloc. It will probably come into effect at the start of 2025.

  • “The MiCAR kicks off a new era of regulated crypto markets by establishing a harmonised regulatory framework that will better protect investors and consumers through authorisation and notification requirements and measures against market manipulation, while also improving market integrity and financial stability by regulating public offers of crypto-assets,” according to this analysis.

But (wouldn’t it be great if — one day — I could write about a new initiative without having to use the word “but” at some point?), there is an issue here. Although MiCAR will establish a single approach to crypto across one of the most important markets on earth, it will not establish a single enforcement mechanism. The EU remains a collection of 27 different countries, each of which has its own police force and each of which has a different degree of indifference about tackling financial crime.

  • “The decentralised enforcement model foreseen in the regulation is likely to result in forum shopping, as crypto projects will be likely to adopt the member states with the most efficient and crypto-friendly authorities as their home state,” this analysis states, and I see no reason to disagree with it.

There is a potential — if only partial — solution to this in the form of the proposed Anti-Money Laundering Authority, which would act like an EU-wide taskforce to create better coordination and cooperation against dirty cash and hopefully to raise standards to a common high level.

Do not expect action any time soon, however. EU members are now engaged in the time-honored tradition of arguing among themselves over who should get to host the new authority and thus gain the prestige and income that derives from its employees living in their capital. According to Ireland’s McGrath, this wrangling should last until the end of the year at least.

  • “Given the delays we are seeing, I personally think the timeline is a little vulnerable,” he said before making a pitch for Dublin to be chosen as the authority’s home base.

Of course, before getting too enthusiastic about regulating crypto, it’s worth asking what that would achieve.

  • “So many smart people had spent so many thousands of hours working on cryptocurrency — and yet shockingly little of use had come of it,” Faux writes toward the end of his book.

Since cryptocurrencies therefore primarily exist as a speculative investment, perhaps regulating them in the same way we regulate gambling is the correct approach.

  • “With no intrinsic value, huge price volatility and no discernible social good, consumer trading of cryptocurrencies like Bitcoin more closely resembles gambling than a financial service, and should be regulated as such. By betting on these unbacked ‘tokens,’ consumers should be aware that all their money could be lost,” said Harriet Baldwin, chair of the U.K. House of Commons’ Treasury Committee, when launching a new report.

Considering the embarrassing spectacle last year of the British government trying to show how cool it was by proposing (and then abandoning) a non-fungible token that could be traded online, thus gaining all the credibility of a dad at a school disco, it is hard to believe such a common sense approach will gain ground. But then, considering the public health catastrophe unleashed by Britain’s under-regulation of the gambling sector, perhaps this wouldn’t be a good model for holding the crypto industry to account anyway.


The Hay Festival remains in full swing, and the sun is shining for once. On Sunday morning, I took part in a panel with Fiona Hill, who’s perhaps the best of all Western analysts of Russia and who became famous among non-Russia-watchers for testifying at former U.S. President Donald Trump’s impeachment trial. I am ludicrously lucky that people like her continue to come to the little town in Wales where I grew up to share their thoughts with tents full of interested and interesting people. My advice to you, if you can’t join us this year, is to mark your 2024 diaries now and to come to Hay-on-Wye for the best book festival in the world.

I also appeared (very briefly) on a podcast made by the BBC about conspiracy theories, which I think is thought-provoking and worth a listen. Over two series, from JFK to Brexit, it looks at what motivates conspiracy theorists and what their theories tell us about the societies we live in. Or perhaps that’s just what they want us to think.