Whether it’s because of bureaucratic inertia, nostalgia, or a fear of the unknown, it’s not at all unusual to see large financial institutions running software systems that are years, if not decades, old. While this could be justified occasionally, in most cases, hanging onto old software not only presents a waste of resources but also a danger to the institution and those it serves.
There are few instances where this is more true than in cases that involve anti-money laundering (AML) software. With highly sophisticated and often state-authorized bad actors constantly figuring out ways to evade detection and counter existing sanctions screening methodologies, it’s not just the very integrity of institutions that are threatened, but innocent lives as well. Clearly, there’s a need for many financial institutions to upgrade to better solutions that offer more robust know your customer (KYC) and sanctions screening technologies.
Here are some specific reasons why keeping outdated AML software isn’t worth it.
1. Older Tools May Not Scale Well
Many older AML tools that are still widely used today are hosted entirely on desktop or local networks. This has many serious implications for the scalability of an AML system, as the network capabilities of older software tend to be limited. This, in turn, makes it difficult to use older systems to handle larger numbers of transactions.
This is especially an issue given that the sheer amount of worldwide online financial transactions has skyrocketed in the past few years. The inability to scale a system properly will inevitably lead to delays in reporting and pattern recognition, making the maintenance of most older systems a poor use of resources.
2. Limits to Coding Languages
R, Python, Scala, SQL, and other programming languages have advantages depending on the specific application. For instance, businesses mostly hire Python engineers to implement solutions with major databases, while R is more common with data visualisation. Because AML encompasses a wide breadth of different activities, it’s not unusual for older systems to be composed of discrete parts programmed in different languages. This creates complications in integration and makes it difficult to do updates that work well across the entirety of the system.
Newer systems account for these issues and are generally much smoother to integrate. This means systems can have better uptimes and fewer errors across the different components.
3. More Manual Inputs
Older AML systems tend to require a lot of manual inputs, particularly when generating reports. This is partly due to the issues with different programming languages preventing easy integration but also due to new requirements that were not around when older systems were first developed.
When you’re dealing with hundreds of thousands or millions of entries on an older desktop system, these manually inputted reports will tend to accumulate a fair number of errors, making them less reliable. Additionally, manual inputs take a significant amount of time to do properly, which results in poor resource utilization.
4. Outdated Discovery Capabilities
Criminal enterprises and rogue governments are among the most innovative groups out there. For them, the failure to innovate has a fatal effect on their very survival as entities. As a result, these groups are constantly coming up with new ways to spoof and circumvent AML systems.
In practical terms, this means that the AI of older software is next to useless at catching patterns from newer generations of criminals. Given how ingenious money launderers are, even fairly new AML systems can become out of date very quickly. Again, this usually means that to get any utility out of an older system, you will need to dedicate human analysts to the tasks, which further reduces the utility you get out of your system.
5. A Shrinking Pool of Qualified Users
Even just finding qualified people to maintain an outdated system can be problematic. Both programmers and competent users will tend to become fewer and harder to find with time.
This can be due to attrition and because there’s little motive for most individuals to invest time learning older AML systems and programming languages. As a result, enterprises that want to maintain an older system may have to go through a lot of trouble or pay a premium just to keep their preferred software in good working order.
6. Lack of Reporting Capabilities
Reporting is an especially crucial function for AML software as it can make complex information easier to digest. Importantly, visualization options on older systems can be poor or non-existent, which makes data presentation potentially cumbersome and dependent on manual input and interpretation. In cases where non-experts have to make a decision, this lack of reporting functionality can be a serious downside.
7. Slow to Provide Data
It’s not unusual for data provisioning on older AML systems to be measured in weeks or months. This is one of the worst things about running an outdated system. Money launderers can use these long delays to move dirty money and hide their trail more effectively. What this means is that systems with sufficiently slow data provisioning become essentially useless at detecting anything but older events and the most careless fraudsters.
8. Becomes Costlier with Time
Taking all of the previous points into account, it’s clear that maintaining an older system has running costs that will only become less justifiable with time. Ultimately, the function of an AML system is to detect and prevent criminal activity. If the system can no longer do that, it becomes a costly exercise just to maintain it. In this case, paying for the initial cost of an upgrade to a more current system is always worth it.
It’s Time to Get Rid of Legacy AML Systems
The risks of maintaining old AML software are numerous and real. There are serious downsides to delaying upgrades from both financial and utilitarian perspectives. If your institution is running a system that was implemented over five years ago, it may be worth investigating the benefits of an update.