Jennifer Calvery, global head of Financial Crime Threat Mitigation, writes about early results from a technology system being developed to fight financial crime at the bank.
Before working for HSBC, I was a regulator cracking down on money laundering and the financing of terrorism for the US government. Since joining the bank, I am often asked the same question: how does it feel to be on the other side? But I reject the premise of the question. The fact is, I’m on the same side as I always was.
The question that matters most to me is how we can be more effective at what we’re doing already. That’s where technology comes in. We are developing a system that will allow us to be even more targeted at identifying those who pose a real risk of financial crime. It will enable us to provide genuinely useful information to law enforcement bodies.
This system is a completely new approach to managing the risk of financial crime. There are three key elements that will underpin its success.
The first is data. Here, the size and scale of HSBC put us at an advantage. We have more than 39 million customers and operate in 66 countries and territories, giving us vast amounts of information to work with. We are working in partnership with a technology company to start to manage elements of it in the cloud, subject to regulatory approval, enabling us to process it more quickly.
The second element is analytics. With the help of tools such as artificial intelligence, our system will analyse customers’ behaviour, compare it with that of similar customers and identify anomalies for review. It will also look at their transactions and wider networks for any areas of concern.
The third – and most challenging – piece of the puzzle is about how we act on any concerns. We need to be able to cut through the vast amounts of data involved and pass on the right information to the right people in a timely way – both at the bank and in law enforcement agencies – so that it is clear what action they need to take.
This system involves looking for criminal activity in a completely different way from before. It is therefore vital that we keep our regulators fully engaged with each development. Given the security implications of using the cloud to process sensitive data, we have also made sure that we have safeguards in place they are at least as strong as we have now to keep customers’ personal information safe and protect their privacy.
While there is some way to go before the system is fully operational, we have tested a prototype and the early results are very promising. They show that it can identify the signs of criminal activity that in the past were only spotted by employees. In other words, our computers can now solve problems that, until recently, only humans could. This is a real game-changer because it brings consistency to our approach and makes it much easier to scale up.