Reinventing Anti-Money Laundering with complexity – Part 2

This is part 2 of the Reinventing Anti-Money Laundering with complexity analysis. Read part 1 here.

Madoff: The Aftermath

In 2014 Forbes magazine reported that JPM, “where Madoff kept the bank account at the centre of his fraud”, would pay a settlement of $1.7 billion. This resolved any potential criminal case against the bank arising from the Madoff scandal. JPM entered into a deferred prosecution agreement with federal prosecutors to resolve two felony charges of violating the Bank Secrecy Act.

The bank admitted to failing to file a “Suspicious Activity Report” after red flags about Madoff were raised, which, prosecutors alleged, did not have adequate anti-money laundering compliance procedures in place

JPM: The Sins of the Deposit

The vast majority of Madoff’s accounts were deposited with JP Morgan Bank for two decades. During the nineties, according to prosecutors, JPM Bank employees had raised concerns about Madoff’s consistent market-beating returns. One arm of JPM even pulled out of a deal with Madoff’s firm in 1998 after “too many red flags” were raised to proceed. By Autumn 2008, JPM had itself redeemed a $200 million investment from Madoff’s firm, without notifying clients or authorities. In January 2007 and July 2008, transfers from Madoff’s accounts triggered JPM’s AML software, but JPM failed to file a Suspicious Activity Report (SAR). In October 2008, a U.K. subsidiary of JPM filed a report with the Serious Organised Crime Agency.

Even with a rush of new investors who believed Madoff was one of the few funds that was still doing well, it still wasn’t enough to keep up with the avalanche of withdrawals.

Meanwhile JPM, as the depositing bank, should have been able to identify the volumes of money in; and money out, and that money deposited was not being paid to any investment account. It should also have identified the shortfalls in net flows much sooner. As the credit crisis intensified, investors tried to withdraw $7 billion from the firm. However instead of investing deposits, Madoff had simply deposited his clients’ money into his business account at Chase Manhattan Bank (part of JPM), and paid customers out of that account when they requested withdrawals.

To pay off those investors, Madoff needed new money from other investors. However, in November, the balance in the account dropped to dangerously low levels. Only $300 million in new money had come in, but customers had withdrawn $320 million. He had just barely enough in the account to meet his redemption payroll on November 19. Even with a rush of new investors who believed Madoff was one of the few funds that was still doing well, it still wasn’t enough to keep up with the avalanche of withdrawals.

JPM Bank, which at one point in 2008 had well over $5 billion, was now down to only $234 million. With banks having all but stopped lending to anyone, Madoff knew he could not borrow enough to cover outstanding redemption requests. He instructed the remaining balance to be paid out to relatives and selected investors.

The failings of JPM’s AML were therefore;

• High complexity is a great way to hide incompetence, inefficiency, fraud and makes it difficult to identify responsibilities
• Failing to identify the anomaly and malignant purpose of the Madoff business account
• Not identifying excessive deposits that were not moved into an investment account
  Not intervening as redemptions accelerated
• Failing to identify patterns between deposits and withdrawals
• Not tagging or identifying the original source or payment chain
• Human error in not actioning flags from the Anti-Money Laundering software
• Failing to escalate a SAR to the authorities

The Payments system has been progressively improved to protect the system against and undermine the money laundering of proceeds from crime and terrorism. It has not been designed foremost to identify fraud. AML systems thus still struggle to identify anomalies (fraud) perpetuated by existing customers and ‘upstanding’ tax payers moving large assets between domestic accounts. This need not be immutable.

An ‘A-AMLS’ solution could take a variety of forms but which?

• Geotagging money paid-in, paid-out and the source and beneficiary of funds
• Automated Suspicious Activity Reporting to remove human negligence
• Codifying every deposit and settlement for intent and behaviour
• Measure sequencing risk of outflows to inflows to detect ‘burn rate’
• Rules-based modelling on a set of assumptionsMachine-learning based on past Ponzi scheme behaviour to identify characteristics of future fraud to enable more sophisticated triggers for raising a SAR
• Redesigning Delivery Versus Payment (DVP) in asset management with BlockChain
• Anomaly-identification based on complexity observation

Applying Complexity to detect Anomalies rather than Modelling or Machine-Learning

The Principle of Incompatibility by L. Zadeh assumes if looking for a ‘small’ anomaly in a highly complex system it will probably be never detected because you cannot squeeze precision out of something that just doesn’t have it. This means that small anomalies may slowly cause major issues or losses in the long run. This can make such schemes difficult to spot. As AML systems have become more sophisticated through modelling and machine learning; they remain fragile to this principle. Renowned Dr Jacek Marczyk, inventor of model-free Quantitative Complexity Management (QCM) notes;

Building (complex) models of something that is already complex is a highly subjective and risky exercise

“Complexity doesn’t need to be modelled – it can be measured based on raw data. Models are based on assumptions, which are prone to error. Building (complex) models of something that is already complex is a highly subjective and risky exercise. Meanwhile, a machine learning system must see a given anomaly a sufficient number of times in order to learn to recognize it. In most cases, however, one cannot afford the luxury of multiple failures in order to learn to recognize an anomaly!” J. Marczyk.

Models are based on assumptions. Every time a model is used one would need to check if the said assumptions are indeed satisfied. How many people actually do that? Models need to be updated and maintained, a very costly exercise. In models certain factors are necessarily – because of computational cost or lack of data – neglected. Well, experience suggests that the most important things in a model are those it doesn’t contain.

Similarly it is attractive to use machine learning such as Automated Neural Network (self-learning) tools to detect anomalies. However, in order to recognise an anomaly, your machine learning system must see a given anomaly a sufficient number of times in order to learn to recognise it. In most cases, however, one cannot afford the luxury of multiple failures in order to learn to recognise an anomaly! So, what can one do? How can one detect that something ‘wrong’ is happening? For example, how can a Ponzi scheme be detected in a vast universe of money transfer transactions?

In a model-free approach to complexity quantification, all that is needed is raw data spanning a particular period of time. In case of financial transactions it can be minutes, days or months. From that we can create a QCM framework.

Starting Framework for a Complexity Anomaly-based AML system (AAMLS) being;

• Anomaly detection requires two things; 1) define what an anomaly is and 2) in non-stationary systems – the anomalies themselves will also change
• The total numbers of payers and payees creates a network, producing observable data
• Complexity is a function of that structure
• High complexity implies fragility
• Total deposits in; and withdrawals out, are complex across the network both in terms of time, different amounts, different payees and payers
• The resilience of the account is a function of its burn rate, the deficit/surplus of net flows across the network
• Highly complex systems behave in a myriad of ways – called modes – and can switch from one mode to another without warning
• Deposit and withdrawal behaviour in isolation may appear normal
• The behaviour of the account might alert a possible fraud or Ponzi
• The identify of the payer and payer might not alert suspicion

Therefore any given business (or account) is based on a series of processes that possess structure (i.e the way information flows in the system). This structure is reflected in the account ledger. Typically we’re looking at loss of structure due to ‘de-correlation’ between the entries on the account ledger. If the person committing fraud it changes the arithmetic then it will show up immediately as a sudden change in complexity.

Then by applying Quantitative Complexity Management;

1. Essentially, one structure is (implicitly) mapped onto another. The creation of accounts and ledgers are done according to sets of rules, such as the International Accounting Standards (IAS).
2. The structure is reflected in the so-called Complexity Map which shows the interdependencies between its entries.
3. When the underlying model is manipulated with fraudulent intent, so does the topology of its Complexity Map.

A growing Ponzi scheme will present itself in the form of an upward drift of complexity with a gradient proportional to the rate at which the scheme itself expands. For conventional AML systems the anomalies must be of sufficient magnitude in order to rise above the ‘noise floor’ of a given system or process. In QCM, disguising a Ponzi scheme with numerous small transactions will not be sufficient to hide it because the emergence of its structure will be inevitable. This is because the nice feature of the QCM algorithm is that it is scale-independent, which means that the magnitude of the transactions doesn’t affect complexity.

Conclusion

The Payments system has to accept its role for Ponzi schemes; a parasitic issue of fraudulent behaviour, often carried out behind the auspices of legal activity on home soil. Today’s AML systems remain woefully misguided and ill-equipped. Reliance on modelling and machine-learning incurs fragility. However when a Ponzi scheme is instituted within the bank’s universe it will alter its structure, in particular it will add structure, hence increase complexity. As J. Marczyk puts it;

In a totally different context, QCM has been show to differentiated with an extremely high degree of success between counterfeit and genuine electronic components, such as chips

“Complexity is a function of structure (as well as entropy but we will leave entropy out of the picture). When a given system undergoes some sort of mutation – in physics we could speak of a phase change, for example from liquid to solid – its structure changes. When this happens, complexity undergoes changes, that may be sudden or gradual. When these changes are gradual they offer great crisis anticipation signals. This has been observed in medicine, whereby hospitalized patients in intensive care, monitored via a series of clinical parameters and biomarkers, showed rapid complexity increases prior to an instability or side effects of drugs before conventional signals hinted anything anomalous. In a totally different context, QCM has been show to differentiated with an extremely high degree of success between counterfeit and genuine electronic components, such as chips.”

Complexity modelling changes the focus of your AML system from client to anomaly identification, optimising payments analysis, automating the SAR process and removing human error. The prize, an end to fraudulent Ponzi schemes being obscured by the ever faithful depositing account. We look forward to moving to proof of concept by working with progressive Banks.