–> This is a pre-event interview in the run-up to the Leaders in Finance Cyber AML Europe event on 29 June 2023 in Brussels.
Tom: Thank you very much for speaking to us today. You already told us a lot about yourself in our pre-event interviews. However, we are very much looking forward to hearing a bit more about yourself. Could you provide us with a short introduction?
Dan: Sure. My name is Dan Margetts, I’m the Head of TM Transformation at ING and the Deputy Head of TM. I’ve been at ING for the last four years helping to build-out the bank’s transaction monitoring capability. Prior to that, I spent time doing something similar at Nordea and at HSBC. So my career has always been oriented around delivering change. I tend to focus on the early parts of the change process, identifying the dot on the horizon where we want to go to and setting up the necessary support frameworks to be able to execute against that strategic vision. I’ve been in financial crime compliance since the beginning of 2013, cutting my teeth in this space with the DPA that HSBC faced at that time. So that’s my background.
Tom: Good to hear! You also mentioned that you were working at HSBC and then Nordea, for example. Does that mean that you also worked all over Europe before this?
Dan: All over Europe might be overstating it somewhat. But yes, although I am actually from the UK, I’ve spent more of my working career outside the UK than in it, living and working in the US, Canada, Mexico, Spain, Sweden, and now the Netherlands. I’ve also spent a lot of time in India and some time in China. So yes, I’ve been very lucky to enjoy a fairly broad international career.
Tom: Great, very interesting! So there’s a lot of baggage over there from all over the world, actually, not even within Europe. That’s interesting to bring to the event as well. On the topics of the event and mostly the AML topic, you’ve been working within AML for quite some time, you just mentioned. What are the biggest changes you have seen unfold in the field of AML in the last few years?
Dan: That’s a great question. When I first got involved at the beginning of 2013 with HSBC and their DPA, it was one of the first banks that faced a fine as the regulators saw the bank’s failings in complying with regulatory obligations. The focus from my experience from 2013 until recently has been on becoming compliant to avoid the risk of regulatory sanction, putting in place the necessary frameworks and technology to do that. Latterly, the industry is realising that despite all the efforts that we put into achieving technical compliance, we have not always been as effective as we would like to be. To a greater or lesser degree, banks have done what they were told to do – we had no regulatory choice and, until recently, the technology choices were also limited.
Now the cost of technical compliance is priced into business models, we are seeing a divergence of views where there’s one side of the house that’s saying: “Surely, we’re done”. And the other side of the house is saying: “Technically, we’re compliant, but there’s a better way of doing things. Not only is technology offering opportunities to be more effective, but also more efficient and to take out cost.” We’re also beginning to see a move by the regulators to support different ways of doing things. There’s a lot more language around taking a risk-based approach and using advanced technologies to become more effective, so the banks and public bodies can allocate their resources in a better way.
To sum up, the change is a move from achieving technical compliance to seeing new opportunities to do things better, to be more effective in combating financial crime.
Tom: Very interesting. You say that there are a lot of opportunities. You also said: “The focus has been on being compliant and less on being efficient”. From all the different changes or opportunities, you see coming up right now, which changes and developments in AML do you see happening in the near future?
Dan: A year ago, we were having a different conversation, as we had for years prior to that – we’ve put in place rules-based because we’ve had to. Regulators would not allow us to do anything different. One year on, one or two organizations have challenged that paradigm, for example, HSBC, which is moving away from rules-based and applying advanced analytics to be both more effective and more efficient. Further, we have seen the Dutch regulator moving to more a more risk-based approach, supported by the Bunq case.
The conversation today is increasingly: “How do we follow that example? How can we take advantage of these new technologies and approaches safely, moving forward with the continuous support of the regulators, while at the same time being more effective and more efficient?” So now it is a real conversation, not around: “I wish we could”, but around: “We can, how do we?”
Tom: Very interesting stuff. One thing I heard you say in recent conversations was that lessons have been learned with bias in AI or machine learning. Is that something, for example within your job, you encountered, or do you see some solutions on that?
Dan: Another great question. This is all wrapped up in a broader concept of explainability and something that we refer to as the Explainability Framework. If you’re going to put in place AI/machine learning-based models to do this kind of work, you have to prove to a number of different stakeholders that the model is doing what it needs to from the perspective of those stakeholders. So that goes from investigators being able to understand what the model is saying, accepting it and leveraging that in their process, all the way through second lines and regulators understanding how the models are effective; third lines understanding alignment to policy and standards; COOs understanding how the models will cut costs and not effectiveness; technology groups understanding what is needed to make the models work end to end; data folks understanding what data should and should not be used and/or is relevant in an AML context; model validation folks understanding what we are trying to achieve and model developers understanding what is needed for validation purposes, and so it goes on. This is new for many and hard to do.
But a key element that you picked up on is ethics. Data scientists fully understand the challenges and the pitfalls from not getting ethics right. Models are trained on human behaviour therefore, the risk of incorporating bias within the models is high and we have to get this right.
A key challenge is how to apply ethics in AML models: what might not be relevant in one context, might be relevant for AML purposes. For example transactions involving high-risk jurisdictions, affiliations to certain political or religious groups etc may be red flags that we need to consider but which should not be considered in other contexts. So we have to figure out: “How do we apply ethics in our model development to avoid bias while at the same time not negating the red flags that we actually need to pay attention to?” It is the application of techniques and technology that have been around for some time in an AML context that is the challenge; it’s not the technology itself.
Tom: Allright. Maybe just to continue on that, because I just zoomed in a bit on that specific topic, is there something else that you think is currently not happening? Or what do you wish would happen in the future?
Dan: Yes. I am thinking about the initiative that we have underway in the Netherlands, Transaction Monitoring Netherlands or TMNL, where five banks have come together, ING, ABN, Rabo, Triodos and Volksbank, to create a utility that uses advanced analytics machine learning technologies on the combined data of those five banks (only businesses) to improve TM effectiveness. We have proven that doing so enhances our ability to detect potential financial crime, and that we can be more effective with five banks working together than individual banks working alone – we are moving from an institution level view of financial crime to a country level view – that is huge. There is still a lot of work to do, in particular to better align AML and privacy legislative frameworks to enable us to take full advantage of the capabilities we are building, whilst still protecting privacy. There are many discussions taking place on that in the Netherlands and at European level and it will be interesting to see how that pans out.
Tom: That’s clear. I think a good case of what you’re describing was discussed last year during the event as well. You just mentioned ACAMS, it’s still very relevant now. Maybe one thing to follow up on that. You said there are some privacy issues, could you give any tips to the government, businesses, detection institutions, legislators, you name it, which tips should you give them to make these things work more fluently?
Dan: This is about a dialogue; this is not about taking up adversarial positions. The only way that we can move this forward is by arriving at a common understanding of each other’s perspectives so that we can mould and adapt and create new legislation to achieve the objectives of both sides for the common good. We have to remember what we are trying to do here. We are trying to tackle financial crime for the benefit of society.
Tom: Definitely. As you say, dialogue is an important topic. Great to hear! It’s also something that is very important for the event as well, to have all the people within the chain or all organizations present there to do keep the dialogue going and get a bit further. If there is something you could get out of the event, or is there something you would be looking for, what would it be?
Dan: I was at a conference recently, talking about the same sort of things. The general topics of discussion were the same topics that we’ve had in the years gone by, where we were talking about ‘Rules-based is expensive’, ‘It doesn’t work very well so let’s apply robotics’, et cetera. The conversation and the topics were what we have always talked about. However, at the end of the conference, after I described some of the things that we’re doing and other speakers participated, there was an aha-moment. I could see lightbulbs going off in people’s minds. The conversation has moved on and there are opportunities for us to do things differently, which we weren’t aware of up to this point. So, if there is one thing that I would like to achieve out of the Leaders in Finance conference, it is exactly that. That we can have more lightbulbs go off in people’s minds to further the conversation, to enable us as an industry to move forward and not just complain about why it’s difficult.
Tom: Very well said! I think that is a great way to go up to the event. Thank you very much for your time, Dan. We’ll see you at the panel sessions during the event.
Dan: I’m looking forward to it very much. Thank you, Tom!
–> This is a pre-event interview in the run-up to the Leaders in Finance Cyber AML Europe event on 29 June 2023 in Brussels.