Money laundering is the process of taking money that has been obtained illegally and making it seem like legitimate income. It’s believed that anywhere from 2% to 5% of global GDP is laundered each year, potentially equating to over a $1 trillion being moved about in this way.
Because this widespread practice has been established to make it harder to track the legitimacy of funds, anti-money laundering (AML) techniques have been introduced to stop the spread of illicit financial gains in many different arenas, including financial institutions and insurers. These investigations aim to stop the spread of illegal funds and stabilize financial systems on a global basis.
What is an AML investigation?
An AML investigation is a process that organizations rely on to detect, prevent, and then combat all activities associated with money laundering. It can also be used to stop terrorist financing, as well as any other form of financial criminal activity. Aiming to ultimately protect the stability and integrity of the wider financial system, AML investigations serve to directly stop any criminal networks that might look to exploit loopholes.
An investigation will be conducted in a number of phases, with a focus on identifying anything suspicious, looking for inconsistencies in financial reporting, and attempting to identify the source of any illegal activity. By pulling together statistical analysis and customer activity, an investigation aims to identify, spotlight, fight against, and ultimately prevent money laundering.
Click here to view the full image.
What are the steps involved in an AML investigation process?
As we’ve discussed, an AML investigation will be spread across a number of different steps. Each of these works towards the larger goal of identifying or preventing money laundering from continuing, or even occurring to begin with. The most important parts of any successful AML investigation are:
Initial alert.An AML investigation first begins when an alert is triggered on an account. This can occur as a result of an internal review, an automated monitoring system, or even someone noticing suspicious customer behavior on a given account.
Triage.At this stage, an internal analyst will scrutinize whether the red flag triggered by the alert needs to be pursued. If an alert is valid, the investigation process enters the next stage. If not, it will be dismissed and chalked up as a false positive.
Case creation.At this stage, a case is created from the alert, or series of alerts related to the same customer. The case is then assigned to an investigator, who in turn will review the reason that the alert was generated as well as severity and exposure of the potential risk.
Information gathering.Details about the customer should be collected or relied upon next. This data might already exist as part of customer due diligence (CDD), or, if additional information is required, via outside systems such as LexisNexis, credit bureaus, and even Google.
Transaction analysis.Next comes a detailed breakdown of all transactions made on the account. Investigators will look for anomalies, suspicious movements of money, patterns, and unusual behavior, and may even go as far as to carry out further research on the customer’s full financial footprint and history.
Source of funds check.If there’s cause for alarm, an investigator will track and assess the source of the money being moved and potentially laundered. At this point they will determine whether it comes from a legitimate source or not.
Suspicious activity reporting.If it’s determined that money laundering may have taken place on an account, a Suspicious Activity Report (SAR) will be filed with the relevant regulatory authorities. If these authorities rule that money laundering has taken place, then the account will be frozen.
Record keeping.It’s important to store and provide a detailed portfolio of documentations, findings, and actions that were carried out during the investigation. This helps others, such as managers or outside departments, during their own investigation, while also making it easier to monitor the same accounts and customers in the future if a similar alert is triggered.
Ongoing monitoring.If the investigation comes to a conclusion, the accounts in question still need to be monitored in order to prevent future crimes. This means assessing all transactions made by an account or the customer in question.
Intelligence-led Investigations
Reduce false positives. Automate and augment investigations and visualize hidden connections. Lower the cost of compliance with more confidence in your coverage.
AML investigation triggers
An AML investigation will be triggered by any number of warnings or red flags. Often manifesting in some form of suspicious activity, these occurrences will breach any procedural habits outlined in a company’s AML Compliance Program. Triggers come in many different forms, but common examples include things like:
Frequent cash transactions of irregularly large amounts
Complex and layered transactions
A series of rapid and unexplainable transactions
Withdrawals made on an account immediately after a deposit
Refusal to provide the necessary documentation or compliance with regulatory checks
Inconsistent transactions in comparison to a customer’s profile and background
Large transactions made involving high-risk countries
Internal referrals highlighting odd behavior
If any of these triggers is spotted on an account, an investigation is the wisest and safest next procedural course of action.
AML investigation use cases
Not every case in AML will be handled identically. Depending on the nature and severity of the case at hand, a number of different techniques might be employed as part of an investigation. Here are some common examples of different use cases:
Risk-driven targeting
This proactive approach to AML sees the risk factors assessed against a particular account or product in an attempt to prevent money laundering from becoming a reality. Several facets will be scrutinized, including geographic location, types of transactions, information about the individual account holder, and any channels through which a product might move.
Collaborative intelligence
Interconnectivity between different financial institutions and even across national borders will also serve to aid AML efforts. The sharing of AML techniques and intelligence, as well as data and an overall framework, serves to harmonize and concentrate all approaches to an investigation.
External law enforcement
Owing to the regulatory and legal nature of AML techniques, law enforcement will work to strict compliance programs in order to correctly enforce the management of any investigations. If an investigation determines that the involvement of law enforcement is a necessity, they’ll work with a financial organization to resolve the issue.
Regulatory guidance
This is the set of procedures that should be used as a guiding post for anyone conducting an AML investigation. Compliance programs ensure that AML is carried out by the book at every stage, guaranteeing that an accurate and legal conclusion is made on every account.
Controls testing
Also referred to as an AML audit, this approach to AML tests the effectiveness of different compliance procedures that are used as part of an investigation. This includes, but is not limited to, internal controls, customer due diligence processes, and transaction monitoring systems. Controls testing assesses whether an AML investigation, if conducted, would operate in accordance with regulatory compliance procedures.
AML investigation challenges
As with any complex financial procedure, those conducting an AML investigation will be met with challenges throughout the course of the process. While these might make completing an investigation more challenging, they can be circumvented. Here are some common AML challenges, as well as how to adapt and overcome them:

Heterogeneous and complex data ingestion

Real-time monitoring and decision-making

Data sharing and collaboration in compliance with data privacy

Evolving compliance regulations
AML case management best practices
In order to execute AML case management as efficiently as possible from start to finish, a series of best practice techniques should be utilized. These may look different depending on the exact nature of your case, but will ultimately serve to heighten the efficiency of the process and get the results you need:
Get a thorough and detailed understanding of all legislation and regulations in the jurisdiction where you operate
Use a proactive risk-based approach to AML investigations
Meet all requirements for AML compliance
Rely on AI and other automated AML software
Automate data integration and analysis
Provide consistent and ongoing training to all employees
Manage all cases in one centralized location to help visualize data
Regularly update policies and procedures
Run annual audits to test your system
Create and maintain detailed documentation for every individual AML investigation
Measuring the effectiveness of your AML case management
In order to understand the impact that your AML investigation has had, it’s vital to assess it against relevant metrics and KPIs. While some might be obvious, there are assessment metrics which might not immediately be clear to someone conducting an investigation. Use the following KPIs and metrics where relevant to your own case:
SAR disclosure rate
This tracks the number of suspicious activity reports that have been passed on to law enforcement and regulatory bodies. These metrics provide a clear understanding of the number of high-risk and likely cases of money laundering that have occurred, and serve as a top-level overview of how well wider AML prevention practices are working.
False-positive rate
Tracking the number of false positives that a system triggers as red flags is also highly valuable. This will give an organization the opportunity to fine-tune their alert system if it’s determined that a disproportionately high number of cases are being incorrectly flagged.
Customer turnover rate
While far from the only factor, a poor AML approach from a financial institution can lead to an increase in customer turnover rates. Tracking motivators for leaving might help to determine whether AML procedures are the root of a high turnover rate.
Operational cost measurement
The operational costs of AML compliance include factors such as team compensation, department expenses, and maintenance costs of AML case management system software and hardware. Measuring these costs (usually as part of a SAR) is another useful way to examine if your AML case is as efficient as it needs to be.
Total alerts
This overview gives an institution the opportunity to assess any underlying changes to business practices or market trends that might result in a shift in the total volume of alerts. It also tests the sensitivity of any transaction monitoring system when paired with the false positive KPI.
How Quantexa can drive intelligence-led AML investigations
Quantexa’s Intelligence-led Investigations turns data into intelligence and empowers specialists with a context-driven, single view of new and material risk. This leverages internal and external data for more efficient operations, systems, and approaches that go beyond a single event, relationship or activity enabling a more holistic understanding of customers, employees, counterparties and their related risk.
This rich aggregation of disparate data supports strategic threat analysis, develops intuitive investigative capabilities, and facilitates intelligence-led action. This provides insights against complex typologies and accelerates more consistent, effective and economical investigation of criminal, terrorist, or fraudulent activity.
Quantexa’s Decision Intelligence (DI) platform is a data-agnostic solution, which does not have a predefined data model. Any dataset and all entity attributes within a dataset can be ingested, cleansed, and combined for matching, analysis, and monitoring. Quantexa’s platform provides a broad set of capabilities with a number of proprietary features for parsing, cleansing, and standardizing data. This world-class platform provides a single, authority-wide entity and network generation for many user profiles, allowing several investigation methods while avoiding data duplication.
With the broad capabilities of Quantexa’s platform, intelligence officers have a powerful tool that can run different analytical tasks, covering a risk-based approach and integrating third-party data and external sources for deeper investigation. Providing the right solutions and technology is crucial for an effective and efficient way to combat financial crimes. These solutions must also comply with existing legislation concerning data protection and data privacy. Investigation results also need to be documented and evidence must be stored in a case management system for cross-authority collaboration and prosecution. Through the Quantexa Decision Intelligence platform, and the context derived through connected data, a holistic understanding of customers and counterparties drives trusted, confident decisioning.