Back to ABBYY Blog

How the COVID Era Makes KYC/AML Interesting

Reginald J. Twigg

August 25, 2020

Blog cover | ABBYY Blog Post

By now it is accepted as given that banking interactions and the processes and technology enabling them have become normalized around social distancing. The accelerated adoption of Hyperautomation, originally conceived for making operations more efficient with AI and bots, now is a strategic element of making contactless business for both customers and employees work. Manual, high-touch paper-based processes, often assumed to have gone the way of the dinosaur, remain shockingly prevalent in banking. The COVID crisis has brought them into sharp focus as a target for financial crimes such as money laundering, fraud, terrorism and identity theft. And there are other threats.

If anything, the COVID crisis has turned the banking industry upside-down with its perfect storm of crashing economies and stimulus programs (CARES Act, for example), exploding credit and lending applications, forbearance requests, virtualization of the workforce and customer interactions – all providing good cover for criminal activity. As one writer observed:

”Market volatility has created opportunities for financial crime, and criminals are working overtime to exploit vulnerabilities, including the misuse of financial services and bypassing customer due diligence measures. There has also been a significant increase in COVID-related fraud, with criminals engaging in telephone fraud, fishing scams and even developing fake websites for personal protective equipment (PPE). These criminals are preying on the uncertainty and fear people are experiencing during times of crisis.”

KYC/AML Vulnerabilities Simplified

Extraordinary times like this unsettle “business as usual,” and with it comes distractions that offer perfect cover for laundering and terrorist financing, cyber crime, fraud, and other financial crimes. Normal processes and safeguards are disrupted with both new types of business activity (heightened credit application and forbearance, for example), and changes in working conditions (staff working remotely), creating breaches in established protocols. But these breaches can be addressed when knowing their most likely sources. Criminal activity with banks is most likely to target two areas of banking operation: process and content.


Banking systems are built for automating standard, repeatable processes and sets of known exceptions. BPM, RPA, and bespoke applications can significantly reduce time, cost, and risk for processes performed tens of thousands of times a day. It is this very benefit of automation that makes processes a good target of cyber-criminals. When activities follow set routines and fall within established limits for straight-through processing, criminals can attack banking systems with thousands of under-the-radar scams. Money laundering, for example, targets high-cash transactions and businesses, such as hospitality, food, and travel. With greater reliance on delivery and pickup, criminals can camouflage movements of cash as ‘normal’ in the established process. Even cashless transactions can camouflage crime with ‘under-the-radar’ activity.  

Further, Know Your Customer and Anti-Money Laundering (KYC/AML) banking regulations center on data integrity and authenticating customers and their transactions as legitimate. In the COVID crisis, banks are having to rely more heavily on process automation to deal with the combination of higher unusual transaction volume and fewer staff to manage it. The less financial institutions understand their processes (where the touches and types of activities actually occur), the more vulnerable they are to cyber-attacks and financial crimes going undetected by flying low and masking themselves as normal.


Banks and their processes run on documents. From customer onboarding and authentication to proof of eligibility for credit and lending, financial institutions directly rely on documents and unstructured content (messages, emails) as evidence of a customer’s employment status, residence, identifying traits, cash and assets, and provenance of funds at virtually every stage of any financial transaction. Cyber-criminals are keenly aware of this fact and continually sharpen their skills at producing documents that convincingly mimic authentic ones. Knowing this, they can create fake identity documents that can fool even modern AI-based technologies – especially those focused on high data recognition rates. The irony here is that many of these newer recognition technologies, such as pattern recognition, sacrifice contextual understanding and process visibility to get higher word-accuracy hits.

Because criminal activity can work within established protocols and limits, technologies have to become much more sophisticated in pattern recognition across documents (not just within) and the ability to verify content against user behaviors. Knowing customers is largely about the ability to show ‘signature’ patterns of behavior for particular, authenticated customers and business entities in order to spot and act on anomalies. Good entity extraction, for example, can spot the language behaviors in documents in the context of the history of documents and content on record for a customer – for example, expressions appropriate to the writer’s business, culture and experience. Field pattern recognition and accurate capturing versus the image itself are not enough to catch the newer generation of cyber-criminals launching KYC/AML breaches every day. Recognition technologies need to get smarter to keep up with more sophisticated criminals. 

The Difference Digital Intelligence Makes

Newer approaches add several dimensions of intelligence to understanding both the processes and the content that necessarily runs them, such as understanding of context, patterns of behaviors that identify customers, and the veracity of their actions. Digital Intelligence brings together the context and content as ways of understanding business activity. It is not enough to automate processes or improve content recognition accuracy; instead, looking at the complex interactions of people, processes, and content with smarter tools is the necessary first step to spotting and protecting against suspicious activity and cyber-breaches.

COVID has accelerated Digital Transformation priorities, especially their reliance on automation, virtualization, and authentication in keeping the business of banking going in disruptive conditions. The transformation occurring today is in the recognition that automation, higher data extraction rates, or even process mapping are not enough. There needs to be additional layers of intelligence in solutions to look at activities, behaviors, and interactions among the essential business factors of human behaviors as they interact with content-driven processes. These now-achievable levels of contextual and behavioral intelligence, which bring together artificial intelligence with machine learning (AI/ML), Process Intelligence (looking at processes as human and content interactions, and not just maps), taken together as Digital Intelligence, can help banks adapt their digital strategies immediately to the new threats to KYC/AML banking regulations in 2020.

Watch our panel discussion, "Protecting Against Fraud and Money Laundering", to learn more.

[1] Rachel Wooley, ‘Banks Set to Accelerate Digital Transformation in Response to COVID-19,’ Corporate Compliance Insights (27 May, 2020).

Intelligent Automation Financial Services Coronavirus
Reggie Twigg ABBYY

Reginald J. Twigg

Subscribe for blog updates


Connect with us