Around the world, anti-money laundering programs follow the same general playbook. It works like this.
Transactions are monitored for illicit activity using set parameters that scan for a specific pattern (a “rule”) and raise a flag anytime that pattern is identified.
These rules are constructed from a series of narrow statements (i.e. “[PERSON] is from [SANCTIONED COUNTRY]” or “Large [CASH] amount is transferred to [ACCOUNT] twice in [TIME SPAN]).
Compliance programs that manage their alert generation are said to use “rules-based” transaction monitoring systems. These have been the de facto approach for the last several decades. There are a few exceptions, as newer fintechs and the more sophisticated banks have begun to employ machine learning to create and adjust rules dynamically (an approach called “behavior-based” transaction monitoring), but in general the approach has been the same.
If this approach were more effective, overall, there would be no problem. Unfortunately, however, it’s an industry consensus that a rules-based approach to transaction monitoring has a roughly 1% accuracy rate.
Let me say that again: for every 100 flagged transactions a compliance analyst reviews, 99 of them are not productive to surfacing suspicious behavior. That’s a big problem given that effectiveness in compliance translates directly to stopping financial crime.
On the other side of the equation, organizations like the UN and the Basel Institute estimate that less than one percent of global illicit money movement is caught. Why? There are as many explanations as there are criminal syndicates, but the umbrella reason for our general ineffectiveness in fighting financial crime comes down to information asymmetry.
The bad guys freely share information and operate seamlessly across borders and across financial institutions. The good guys, on the other hand, only look at their own institution’s data, and are constrained by privacy laws, information security programs, national restrictions, counter-productive vendor strategies – a host of disadvantages that ladder up to playing with one hand tied behind your back. Traditional, rules-based transaction monitoring, with its 99% error rate, is one of the key contributors to our inability to level the playing field.
For years, this has been a known problem within the industry. But now, with DARPA’s newest initiative, all of that might be set to change.
Earlier this year, DARPA announced the “Anticipative and Adaptive Anti-Money Laundering” (A3ML) program. The goal? Nothing short of making it “prohibitively expensive for our adversaries to transfer illicit value through the global financial system.”
Backed by eleven intelligence agencies as well as the Pentagon’s office of defense research and engineering, DARPA plans to accomplish its goal by going after rules-based transaction monitoring. According to the project’s brief, they believe that “illicit tactics, techniques, and procedures (basically behavioral fingerprints) can be extracted from heterogeneous financial transaction data and represented in generic shareable form."
Net-net: instead of having financial institutions each individual create a long list of brittle and quickly-outdated rules for flagged transactions, DARPA wants to create, manage, and distribute behavioral transaction monitoring models, making them available (and eventually, one presumes, enforced by regulatory policy) for the financial industry to implement and use.
In February, during the public unveiling of the program, DARPA noted that the project has two phases – which together will run through April 2027. The first phase involves competition participants developing algorithms that can be trained in both classified and non-classified data environments to create behavioral fingerprints that can be shared without compromising the contents of the underlying data. The second phase kicking off in April 2026 will test the effectiveness of the submitted algorithms. The winning algorithm will be open-sourced and the team behind it will receive a seven figure cash prize.
Hummingbird was invited to attend the launch of the program, and left feeling energized by the possibility. As an AI-powered platform for compliance orchestration, we were founded with the belief that AML is fundamentally a data science challenge. We believe that capabilities like behavioral fingerprinting can be accomplished in a secure, privacy-adhering manner, and that the thing that has stopped these tools from being developed isn’t technical feasibility but siloed information and partitioned teams. DARPA’s challenge – coming, as it does, with the backing of the U.S. Government – is set to change that.
In 2027, then, we will see the creation of both an open-sourced standard for financial crime modeling and a government API designed to feed behavioral typologies for illicit money to the industry tasked with screening for it. If you’re a compliance professional working today, ask yourself – what is your current preparedness to adapt to this change? What type of transaction monitoring are you using now, and how ready are your current vendors, tools, and processes for something like this? 2027 isn’t far off – it may be time to have a conversation about the topic directly. Ask your vendor partners if they’re aware of the A3ML initiative, and what they’re doing to prepare for it.
A new, government-backed, open-sourced model for illicit activity isn’t a panacea, but it is an important step. In order to deliver maximum impact, legislative and regulatory frameworks will need to change to allow for the new approach. The DARPA team specifically said that they don’t get involved in policy. Their intent is to “prove the technology works and leave the policy to other agencies and to Congress”.
At the end of the day, it will be down to those of us operating in the industry to advocate for more effective methods, and be prepared for them when they arrive. If you’re in compliance, I encourage you to start talking about it – with your teams, your partners, and your colleagues. Our ability to learn from each other (and from law enforcement data) is what will fundamentally change the math behind that one percent accuracy rate we’re all so tired of dealing with.
Like all of you, I’m interested in leveling the playing field. And I’m glad to see DARPA getting in on the act as well.
To hear more about this effort, tune into the Alliance for Innovative Regulation (AIR)’s podcast interview with A3ML program manager David Dewhurst.Subscribe to recieve new content from Humminbird
