Anti-money laundering (AML) is the name given to the various governmental and international regulatory efforts to limit the amount of money that criminals pass through legitimate channels to ‘wash’ it so it’s kept out of the hand of authorities. The United Nations estimates as much as 2 to 5% of global GDP is so ‘washed’ per year, a sum that could be therefore as high as $200 trillion.
So it’s no surprise that regulators want to get something done. There’s also a considerable amount of terrorism funding that happens via money laundering, so since 9/11 there’s been more and more focus on the issue. A big part of that is to put the onus on banks and handlers of money payments to determine if there could be a fraudulent element to the transaction, starting in the late 1980s. The problem, as Paul Westcott, product director of Customer Due Diligence Solutions at commercial data and analytics firm Dun & Bradstreet, revealed to diginomica is that actually working out who owns what in a global financial systems can be a decidedly non-trivial task:
The question of ‘How do you know who owns the business you’re engaged with’ was highlighted by The Panama Papers, which shows just how easy it is to move funds around now and hide your ill-gotten gains. And as companies get accountants to create tax-efficient structures in a global environment, it’s getting more so. The business you’re looking at may be registered in the UK at Companies House, but actually headquartered in Luxembourg via The Netherlands via the Far East via the US.
His company was already aware of the issue, but attention became focused after a famous meeting of the G7 group of advanced industrial economies back in 2013 at Northern Ireland, hosted by then UK Prime Minister David Cameron where the problem of identifying fake companies was identified as something the commercial sector needed to take on board.
Since 2013 there have been various EU Directives that have been strengthening AML legislation that a company that ours needs to abide with, which range from scrutiny when you on-board them to auditing them.
And these regulations have bite: EU banks paid over $16 billion in fines between 2012 and 2018 due to lax money-laundering checks, the five biggest UK banks have all been fined for money laundering offences, and in 2019 a record number of AML-related fines were issued globally, totaling £6.2bn in penalties.
Key to the regulators’ approach is that even though all this takes time and cost, these can’t be passed on to the customer. To meet this problem, he states, he and his team looked into an efficient way to answer what they see as the regulators’ ultimate question: Who is the living person who ultimately owns or controls a legal entity? Westcott uses a non-controversial example to illustrate his point: according to Companies House Chelsea Football Club is owned by an entity called ‘Fordstam Ltd’, but is actually ultimately owned by a certain Mr Roman Abramovitch; similarly, Companies House thinks West Ham United FC is controlled by ‘West Ham United Ltd,’ but, again, it’s really run by two individuals, David Sullivan and Gold.
Finding the relationships
On paper, Dun & Bradstreet would look like a company in great shape to be able to answer the ‘Who Owns Me’ question, though. After all, it has details of over 300 million companies around the world, the personal details of 115 million individual shareholders and 160 million company principals in no less than 200 countries.
The problem, Westcott says, is that its traditional technology approach to working through all that data to answer the ‘Who owns me?’ question didn’t seem particularly promising.
We have a lot of disparate sets of data that tells you about the ownership of this company and about this particular person, but we needed to bring that together for the beneficial ownership issue, and we didn’t feel that the relational database would be able to do that for us. It’s a relationship we’re interested in, not a specific piece of data, and so we needed to bring together all our reports in a new way to see what we wanted to see.
Given that a single query on beneficial ownership from a customer could tie up a team for 10 to 15 days unravelling all this, as new approach was clearly needed. As a result, Westcott and his team started to explore graph technology, a form of working with data that is based more on the networks that connect items and their attributes instead of splitting data into rows and tables.
Graph seemed to lend itself to allowing us to ask questions of the data if we saw it as a network of multiple relationships, so we could follow the paths that linked nodes to see, for example, if more than 50% of the ownership went up to a different organisation or individual.
Westcott also cites the easier storage of the kind of network he wanted to build in graph, as well as the ease of querying he believed he could get, plus good response times. Using the term ‘property graph’ to describe what he’s built, Westcott claims it’s very easy to get the kind of answers he needed, based on calculation on various levels of risk in an ownership relationship (e.g. 10% is lower than 25%).
Dun & Bradstreet's graph journey began in 2017, he says, with software from Neo4j bolstered by visualisation technology from a specialist anti-fraud firm that also uses a graph approach, Linkurious. A proof of concept was delivered in about three months, and another two to bolt on the visualisation aspect. Now, he claims, Dun & Bradstreet customers have a holistic view of ‘Who owns me and who do I owe in turn?’, with the system physically separated into so-say ‘causal clusters’ in the various geographies the corporation operates in, with a recent addition to the system’s functionality being a change of ownership detection facility. Next steps include working out a way to get a more ‘360 degree’ view of individuals, as authorities start to work on the problem of working out who really controls an entity as opposed to being an owner (or not) on file.
Summing up his experience with graph as a way to meet AML standards, for Westcott:
“I believe we have prevented fraud and misdemeanour and while I can’t say more, it has been useful to financial crime authorities in terms of beating that, as well as uncovering potential terrorist funding.