Understanding Drivers of Customer Risk Using Machine Learning

10/30/2017 by Eric Hale Financial Crimes

In the financial world of Anti-Money Laundering (AML) monitoring, Customer Due Diligence is a key requirement detailed under the Bank Secrecy Act to detect and prevent money laundering. This oftentimes requires financial institutions to establish an operationalized and defendable way to identify customers with a high opportunity to launder money through a risk ranking process. In addition, investigators are required to further review customers that are determined to be at higher risk through an Enhanced Due Diligence review. You can read more about Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) guidelines outlined in the FFIEC manual.

Iterations of Regulations

One of the challenges that financial institutions face is the fact that criminals are constantly improvising ways to launder money under the radar. Regulations are updated in response to those changes, which trickles down to financial institutions who then are required to modify their due diligence methodology accordingly. How can institutions understand their drivers of risk and be better prepared when new risks emerge?

By using supervised methods and predictive modeling, analysts can understand and communicate the main drivers of customer risk to stakeholders and help investigative teams understand the key combination of factors that contribute to high risk individuals selected for Enhanced Due Diligence. By text mining Enhanced Due Diligence review notes, organizations can then identify additional filtering criteria for due diligence, and further understand how teams of investigators vary in their assessments.

Understanding and Validating Customer Risk Assessments Using A Case Study

Let’s take a look at how to use predictive modeling using SAS Visual Analytics on Viya and text mining within SAS Viya to improve our understanding of customer risk. Here’s our high level process and decision making steps:

Data Overview and Exploration

Let’s look at a sample of 3,300 customers that have been initially determined by business investigators as high or low risk. Approximately 10% of our subset of customers are high risk and the remaining are low risk.

Let’s collect and explore our data, transforming transactional variables, and gathering key business risk attributes. The initial list may include the following:

  • Country in which transactional activity took place
  • Country of Residence
  • Aggregated transactional activity: Cash, ACH, Wire
  • Counts or indicators of Historical SAR or CTR filings
  • Politically Exposed Person (PEP) Indicator

Creating the Baseline Model

Now we can create our baseline predictive model – in this case, we’re using a decision tree to predict whether each individual is at high or low risk of laundering money through our organization. The orange leaves at the end of the decision tree indicate buckets of customers who are determined by the model to be high risk, and green predicted to be low risk.

We can look at the Variable Importance plot in the upper right hand corner to understand the relative importance of each attribute in contributing to the predictive power of our model, and use SAS Visual Analytics’ interactivity to explore the combinations of attributes provided in the decision tree that lead a person to be in a low or high risk “pathway”.

Interpreting Decision Trees

Like traditional trees, decision trees are composed of branches and leaves and are used to classify indivudals into categories. You can follow the branches to the leaves to understand the different cominations of attributes that were used to determine a risk classification. Let’s look at some of our leaf statistics to help us understand what the predictive model is telling us. We have a bucket of 34 customers that have been determined by the business as high risk; The majority of those customers (32) have been predicted by the model as high risk because these customers have a high risk country of residence and transactions that occurred in one or more high risk countries.

Two of these 34 individuals have been determined by the business as low risk, but our predictive model says that they are likely to be high risk.

This tells us that:

  1. We are missing information contributing to the risk assessment of these 2 customers or
  2. Our investigative team(s) are somewhat inconsistent in their risk assessments

Now we have the opportunity to examine these two customers to understand why they were determined by the business as low risk and adjust the risk assessment, if necessary. This is a great way of validating initial customer risk assessments. We also learned that customers who have a combination of high residence country and transactions in higher risk country are almost (and perhaps should) always classified as needing an additional Enhanced Due Diligence review. This example is more obvious, but the key take-away here is that we can use the combinations of attributes derived from the decision tree model to understand risk classifications and help validate those risk assessments.

Each of these combinations of risk attributes AKA our “risk pathways” can be ranked, prioritized, and tuned to provide the organization with greater understanding of their customer risk.

Further Reviewing High Risk Customers

Finally, customers determined to be high risk will undergo an additional, more critical Enhanced Due Diligence review. During these more time-intensive reviews, investigators will document why they either downgraded an individual’s risk or maintained a customer’s risk status. Analysts can leverage text mining the review notes to discover additional information that investigators are using in their decision-making process. If that information is easily gathered or calculated for the entire population, it now becomes a candidate for incorporating in the initial risk rating step.

This is a key feedback loop that will help continuously tune the model over time. If investigators start looking at different sources of information, the text mining process will surface up that information and the analyst can then incorporate new information into the original model to keep it current and robust.