We conducted a comprehensive review of the model landscape and governance across all KYC & AML models in a leading Dutch bank with over 900 billion in assets.

Challenge​

Although the shift toward a risk-based approach for models and processes in a bank’s first line of defense (1LoD) is widely adopted across the industry, this approach is often lacking in second-line (2LoD) activities. As a result, limited compliance and validation resources are allocated to low-complexity, low-impact models, leaving less time for rigorous evaluation of high-impact, complex models.

We conducted our review by focusing on four key areas: first, clarifying the definition and classification of models; then building a risk-based approach to model risk management given this classification. Finally, we covered model ownership and the overarching landscape.

Model Definition and Classification

What qualifies as a model? This question is as straightforward as it is fundamental. Without a clear definition, institutions cannot build a coherent approach to model risk management. Under the existing framework, several "expert opinion"-based systems were subject to model validation requirements. By leveraging Zanders’ extensive market experience, we refined the definition to align with industry standards, effectively removing these expert systems from the model inventory.

The bank’s existing model risk classification, based on the likelihood and magnitude of reputational risk, did not require an overhaul but benefited from key refinements. Zanders recommended enhancing the framework by factoring in additional elements, such as automation and model complexity. These refinements resulted in a classification system suitable for leading industry models.

Risk-Based Model Risk Management

With a robust model classification established, a risk-based approach to model risk management was implemented. Each model was assessed based on its potential reputational risk and intrinsic complexity, with oversight measures adjusted accordingly.

For example, models with lower risk and complexity were validated using a more qualitative approach, eliminating unnecessary benchmarking and confidence level requirements.

Model Ownership

Ownership is a critical component of the financial crime model landscape. Without clear ownership structures, model maintenance and necessary improvements, such as those prompted by validation findings, become challenging.

A well-defined ownership structure ensures sufficient independence between model development, ownership, and validation, reinforcing accountability and governance.

Model Landscape

Within the Compliance and KYC domains, a wide range of models exist, broadly categorized under:

• Customer Due Diligence (CDD)
• Transaction Monitoring (TM)
• Screening
• Market Abuse
• Investment Risk

Following our review, we provided a detailed visual representation of this often highly complex model landscape. This offered the management team a unique, high-level perspective, helping identify key areas for improvement based on industry best practices and regulatory expectations.

For more information, visit our Financial Crime Prevention page, or reach out to Johannes Lont, Senior Manager.

We restructured the Financial Crime Prevention (FCP) model landscape of a bank with over 500 billion in assets to prioritize efficient model development and reduce analyst workloads.

Challenge​

Despite having a mature and well-resourced FCP department, this Dutch bank’s existing model landscape was overly complex. It lacked transparency in the alert generation process and produced too many unnecessary alerts. Additionally, the model development process was extremely time-consuming, causing a lengthy delay between development and implementation. This resulted in frustration within the department and exposed the bank to operational risks.

Our mandate was to develop a model landscape that:

• Improves the effectiveness of models within the landscape
• Enhances the efficiency of the model development process

Model Development

Any mature model development process follows key stages: data preparation, experimentation/modeling, implementation (e.g., within a pre-existing codebase), and model validation.

By developing a landscape where preparation, implementation, and validation are streamlined, model developers can dedicate more time to in-depth analysis and leverage cutting-edge modeling techniques. The result is a landscape populated by high-performing, advanced models.

To achieve this, we provided several key recommendations:

• Model Validation: By enacting a toll-gated approach to model validation, potential issues can be flagged earlier in the development process.
• Data: By emphasizing reusable and well-documented data elements (e.g., through feature stores or derived layers), features and tables can be shared, drastically reducing data preparation time.
• Implementation: By standardizing the model design process and adopting a robust MLOps framework, model implementation can become seamless and consistent.

Model Landscape

Within such a complex domain, having high-quality models is only the first step in tackling the risks associated with financial crime. To be truly effective, models must have minimal overlap while collectively maximizing coverage of perceived risks.

Once this balance is achieved, models can be embedded into a landscape designed for targeted signals (i.e., ongoing due diligence) rather than the former periodic review regime.

Below is a schematic view of a best-practice FCP model landscape. The trigger-based approach ensures that analysts assess only those clients or transactions worth investigating. This shift results in higher-quality Suspicious Activity Reports (SARs) and more engaged analysts.

Implementing our recommendations would reduce the time-to-market for a model in development from 24 months to 9 months, significantly decreasing analyst workloads while improving the efficiency and effectiveness of financial crime detection.

For more information, visit our Financial Crime Prevention page, or reach out to Johannes Lont, Senior Manager.

We assisted a private Dutch bank in managing the overwhelming volume of queries from bankers regarding Know Your Customer (KYC) and Customer Due Diligence (CDD) by developing an AI-powered chatbot.

Challenge​

Bankers frequently needed specific information to assess customer profiles, verify identities, and evaluate potential risks to comply with regulatory requirements and ensure due diligence. However, this information was scattered across approximately 30 documents in various formats, including Word documents and PDFs. As a result, CDD specialists were overwhelmed by a constant stream of queries, making the process inefficient and increasing the risk of inconsistent or inaccurate responses.

To address these inefficiencies, the client sought a solution to streamline information retrieval and provide accurate, consistent answers.

Solution

Zanders proposed a step-by-step approach to developing the CDD chatbot:

1 - Investigating requirements from CDD specialists and bankers.

2 - Developing the chatbot using Retrieval-Augmented Generation (RAG).

3 - Optimizing performance through rigorous validation.

4 - Deploying the chatbot for live use by the client.

In the initial phase, we held discussions with both CDD specialists and bankers to identify their key requirements. It became evident that the chatbot needed to deliver accurate, reliable information while ensuring response consistency. Given these requirements, the unstructured nature of the data, and the chatbot’s internal use case, we determined that a Generative AI (GenAI) chatbot would be the most effective solution.

For development, we leveraged Retrieval-Augmented Generation (RAG), a method that combines fast and relevant information retrieval with the power of advanced AI to generate accurate, context-aware responses. This ensured a reliable and informative user experience. The processes in this approach are shown in the figure below.

To validate the chatbot’s performance, we created a dataset with expected responses, fine-tuned hyperparameters, and conducted extensive accuracy testing.

Finally, to ensure a seamless deployment, we established a structured system for development, deployment, and continuous improvement. By leveraging pre-trained large language models (LLMs), we were able to rapidly deploy the chatbot and refine it based on real-world user feedback.

Performance

As a result, the client successfully implemented the CDD chatbot, allowing users to query the document corpus directly and receive responses in plain English, along with a list of reference sources used by the LLM. Thanks to the RAG approach and thorough validation, the chatbot consistently produced accurate and reliable answers.

The chatbot has significantly improved efficiency, enabling CDD specialists to manage inquiries more effectively while helping bankers conduct due diligence with greater speed and accuracy. This has led to a more streamlined and reliable CDD process.

For more information, visit our Financial Crime Prevention page, or reach out to Johannes Lont, Senior Manager.