On the 13th of October 2020, Sentinels' Managing Director, Joost van Houten discussed the current trends in transaction monitoring, and how our solution improved the AML operations of the latest Dutch fintech unicorn - Mollie. The webinar was one of Deloitte's fintech series and it covered the increasing regulatory requirements, the financial service provider's challenges and how the right technology can mitigate risks in a future-proof way.
Deloitte's webinar hosts, Hilko van Rooijen and Stephan Ong, kicked off the webinar with a short introduction of the transaction monitoring landscape, and defined three main trends:
With regulations firmly in place, and new ones being implemented, the financial authorities are including fintechs in the spotlight. Fintech innovators now need to adjust to higher standards to obtain and retain a license to operate legally in the financial sphere. This comes with the responsibility of having an in-house compliance team. It's crucial to have the right processes in place from onboarding to transaction monitoring and from reporting to auditing. What's more, the technology supporting those processes also needs to be fully compliant with the regulations and approved by the relevant authorities.
Even though the technological advancements in AI and network analysis are the enablers of this trend, it is mainly the regulators themselves pushing for implementing the most effective technology out there. Wisely, international regulators are moving to assess effectiveness of compliance, rather than adherence to processes. Between the guidelines and this trend, you can see an increased need for business intelligence to shape and improve existing AML and compliance processes, with the Dutch National Bank (DNB – Netherlands regulatory authority) clearly pointing to an automated and self-learning infrastructure.
“An institution needs to have an automated and self-learning transaction monitoring system commensurate with its risk profile” - DNB, Post-event transaction monitoring maturity model for payment service providers
The only existing technology that could meet these standards is AI. Even though it is early days, AI has already shown promising results, such as increasing the efficiency of operations and in successfully detecting more suspicious behaviour. AI is also now streamlining ‘rocky’ transaction monitoring measurements.
“Structural use of pattern recognition and network analysis to recognize unusual transactions” - DNB, Post-event transaction monitoring maturity model for payment service providers
After discussing the trends influencing the transaction monitoring landscape and theregulators, Deloitte outlined the essentials of compliance in practice:
It starts with understanding your own business and establishing clear risk assessment policies (SIRA). These form the basis for traditional financial institutions and fintechs to establish their compliance processes and governance.
Onboarding, risk assessment and CDD:
From the SIRA, processes are established, starting at onboarding and collecting the essential information from their client and making a risk assessment. After the initial validation, ongoing monitoring of the client’s transactional behaviour and in case of detected suspicious behaviour, deeper investigation and reporting follows.
The supporting tools:
Technology helps compliance and risk teams manage the whole process, from KYC and CDD to transaction monitoring. It is key to find solutions that can not only streamline the whole process but also be more efficient in detection. And when required, the solution must easily report cases to the relevant authorities.
The new regulations combined with the challenge to remain compliant do not just affect the larger more traditional financial institutions. These issues also significantly impact the smaller innovative players. When Mollie reached its exponential growth phase, they needed to streamline all their processes, including risk and compliance. Their aim was to improve both the onboarding and transaction monitoring in such a way that it was sustainable.
Mollie conducted an in-depth RFP, reviewing ten incumbents in the transaction monitoring space. Their thorough analysis revealed that most of the existing solutions were not build for agile (PSP) innovators. Mollie holds their vendors to the same high standards as their own product development, and they are known for their "Apple and Star Wars mindset".
Slimmer AI's machine learning-first approach matched with Mollie's vision. A partnership was formed, and with more than sixty “Jedi” engineers and ten years of experience with applied AI product development, Slimmer AI was ready to combat the dark force and establish an innovative transaction monitoring product (now known as Sentinels). One of Slimmer AI's core values is a strong belief in like-minded partnerships. "We grow as you grow" was exactly what the next biggest payments unicorn was looking for.
Sentinels' AI-powered stack for transaction monitoring allows using different internal and external data sources to teach the algorithm to spot patterns humans alone would normally miss. As a result, Mollie has a better understanding of their customer data and potential risks. Working closely with Mollie's risk & compliance team, Slimmer AI has improved Mollie’s business rules performance. We achieved this by gradually replacing underperforming business rules with machine learning. This pragmatic machine learning approach has helped reduce false-positive rates of initially low performing business rules from 96% to 75%. Based on the compliance team's feedback and the regulators' requirements to frequently update business rules, we've made them editable from the Sentinels user interface. Developer time is no longer needed, and compliance officers can update the rules themselves.
Sentinels transaction monitoring goes beyond simple automation. The Sentinels Network Analysis feature, for example, helps Mollie to detect suspicious behaviour sooner and aids in accelerating investigations. The Network Analysis feature reveals connections between different clients that are less likely to trigger alerts individually, but when looking collectively, reveals suspicious patterns.
We also paid close attention to technology usability and experience. By incorporating the newest UX and UI trends into our interface, Sentinels has managed to reduce workload by 50% while simultaneously improving investigation quality.
The partnership between Mollie and Slimmer AI’s Sentinels has led to insightful learnings. For example, we both noticed that it was important to nurture both internal compliance processes and as well as the transaction monitoring solution itself. Mollie had to face the critical question that now all financial institutions must answer when it comes to compliance: “Should we build the solution in-house or outsource it to a third-party provider?”. As everyone knows, building technology inhouse is always challenging. But this challenge is even more compounded when the solution is not the core of your business and increasingly requires expert knowledge in advanced technologies such as AI and ML. The financial institutions which choose to buy over build, they must ensure needed safeguards to combat the fear of "losing control" over part of your operations. It is therefore key to find an agile partner you trust.
We concluded the conversation by defining a clear and increasing need for AI and ML in the future of AML compliance. With the flexibility of Open Banking and PSD2 and initiatives like TMNL to outsource transaction monitoring, financial institutions are now able to thoughtfully consider and embrace the right partnerships. As a result, we will see more and more, future-focused PSPs like Mollie choosing to partner with like-minded AI innovators like Sentinels.
To learn more about Sentinels go to: https://www.sentinels.ai/
Sentinels (‘us’, ‘we’, ‘ our’’) is dedicated to protect the confidentiality and privacy of your personal data and information entrusted to us. This Privacy Statement provides an overview of our standard data processing activities and sets forth your rights in relation to the processing of your personal data.
Slimmer AI Sentinels B.V. a limited liability company incorporated under the laws of the Netherlands, Chamber of Commerce number 82155313, having its registered office at The Rock Atoomweg 6-B 9743 AK Groningen (‘Sentinels’).
We are responsible for processing your personal data in accordance with the European General Data Protection Regulation (‘Data Protection Regulation’).
We have appointed a Data Protection Officer (DPO) for you to contact if you have any questions or concerns about this Privacy Statement and/or your rights set forth in this statement. Please contact us at firstname.lastname@example.org.
This Privacy Statement provides information about collecting, storing and processing of your personal data that you disclose to us when you use our services.
The type of personal information we collect may depend on how you interact with us and our platform and which services you choose to use. Generally, we collect, store and use the following personal information: name, surname, job title, company, business type, and email address.
When you choose to use our services, you agree to provide us with most of the personal data when you:
We process your personal data in accordance with the provisions of Data Protection Regulation. We will only use and process your personal data we obtain in the context of commercial relationship. We intend to use and process your personal data under the following conditions:
In case we rely on consent as a legal basis for processing your personal data, please note that you have the right to withdraw your consent at any time by contacting at email@example.com. However, please consider that withdrawing the consent may affect the legal basis of processing of your data, hence we may not be able to provide certain products or services to you. If this is the case, you will be advised accordingly at the time you withdraw your consent.
We are committed to maintaining organizational and technical security measures to protect the personal data we hold about you. We have implemented a set of controls and relevant policies and procedures to prevent the personal data we hold about you from being accidentally or deliberately compromised.
Your personal data is stored in accordance with the provisions of the contractual agreements and/or applicable statutory obligations. We maintain adequate retention policies and procedures so that your personal data are deleted after a reasonable and prescribed time. The data will not be stored longer than is strictly necessary to achieve the purposes for which the data have been collected.
Data collected via the website will be retained until users unsubscribe (after which a new consent will be requested)
We do not transfer your personal data to third parties unless it is mandatory by law or court order, in order to protect the rights of the parties involved in the performance of the agreement or if you give your consent to do so.
Cookies are files with a small amount of data, which may include an anonymous unique identifier. We use functional cookies that are essential for technical operations necessary for the users’ navigation on the platform. These cookies also support the website security and basic functionality.
You can set your browser in order not to accept cookies. However, in certain cases, some of our website features may not function as expected.
For more information regarding the cookies in use can be found in our Cookies Policy.
You have the right (under the certain circumstances and subject to the exceptions), pursuant to Data Protection Act to:
You can exercise any of the above-specified data protection rights, by contacting us at: firstname.lastname@example.org.
Should you have any questions or concerns about this privacy statement or you would like to exercise one of your data protection rights, please do not hesitate to contact us at: email@example.com.
However, if you feel we haven't addressed your concern in a satisfactory manner, you have the right to contact the Data Protection Authority.
Address: PO Box 93374, 2509 AJ DEN HAAG
Telephone: +31 70 888 85 00
Privacy Statement Version
This Privacy Statement was last modified on September 1, 2021.
We reserve the right to update or change our Privacy Statement at any time and you should check this Privacy Statement periodically. Your continued use of the service after we post any modifications to this Statement will constitute your acknowledgement of the modifications and your consent to abide and be bound by the modified Privacy Statement.
If we make any material changes to this Privacy Statement, we will notify you either through the email address you have provided us or by placing a notice on our website.