What’s Finally Changing to Help Catch More Financial Crime With Andrew Davies of ComplyAdvantage
Andrew Davies has spent more than three decades fighting financial crime, starting with sanctions screening tools for central banks in the mid-1990s and arriving at ComplyAdvantage after nearly 16 years at Fiserv. He sits at the center of one of the most consequential questions in financial services: can we finally move the needle on financial crime detection after decades of catching less than 2% of what’s laundered globally? ComplyAdvantage serves more than 3,000 enterprises across 75 countries with its AI-native Mesh platform.
What We Covered
- Why the industry has historically caught less than 2% of money laundered globally
- How the money laundering economy ranks as the world’s third largest at an estimated $5.6 trillion
- The evolution from sanctions screening to FRAML to multi-dimensional financial crime risk
- The Mesh platform and what a unified financial crime system means for compliance teams
- Cassie, the agentic AI analyst automating customer screening investigations
- How 90% of compliance work was historically spent chasing false positives
- Real-time payments compliance and the risk-based approach to payment screening
- The SEPA Instant Payments challenge and batch screening against the EU journal
- Stablecoins, unhosted wallets, and the compliance infrastructure gap
- FATF’s finding that stablecoins represent 84% of illicit crypto transaction volume
- Data sharing consortiums as the next inflection point in fighting financial crime
- The network problem at the heart of money laundering and terrorist financing
Key Takeaways
The money laundering economy is estimated at $5.6 trillion, making it the third largest in the world, above Germany, yet we detect less than 2%. Agentic AI tools like Cassie are designed to eliminate false positives so human analysts only work cases that genuinely warrant their expertise. Data sharing consortiums, where organizations contribute to shared detection models, represent the most promising path to materially improving financial crime outcomes. Stablecoins create real compliance risk at the unhosted wallet layer, the Bank of England has floated a ban, while the US is unlikely to go that route, leaving a gap.
About Andrew Davies
Andrew Davies is the Global Head of Financial Crime Compliance Strategy at ComplyAdvantage. He began his career in the mid-1990s building sanctions screening tools for central banks and large financial institutions, and spent nearly 16 years at Fiserv in their financial crime division before joining ComplyAdvantage.
Transcript
Andrew (00:10)
Two to five percent of global GDP is generally laundered through the system, and then there’s varying statistics about what we actually detect. I’ve seen figures from the likes of the UN where it’s one to two percent, but I think it’s probably less than that. But we’re not destined to just continue to repeat that. We have more data available to us at this point and we have better inference techniques. This is what I’m talking about as an inflection point in the industry. We’ve got more data to inform more advanced inference techniques.
Peter (00:48)
This is the FinTech One-on-One Podcast, the show for FinTech enthusiasts looking to better understand the leaders shaping fintech and banking today. My name is Peter Renton, and since 2013, I’ve been conducting in-depth interviews with fintech founders and banking executives. My guest on the show today is Andrew Davies, the Global Head of Financial Crime Compliance Strategy at ComplyAdvantage, a leading provider of AI-driven financial crime risk management solutions. Andrew has been fighting financial crime for most of his career, starting in the mid-90s building sanctions screening tools for central banks and large financial institutions. Before joining ComplyAdvantage, he spent nearly 16 years at Fiserv in their financial crime division. In our conversation, we talk about why the industry has historically caught less than 2% of all money laundered globally and why that might be finally changing. We discuss the Mesh platform, ComplyAdvantage’s unified solution for payment screening, transaction monitoring, and fraud detection, and their agentic AI analyst, Cassie, who helps to automate financial crime compliance and orchestration. We also get into the compliance challenges of real-time payments, the growing threat from stablecoins, and why Andrew believes data sharing consortiums represent the next inflection point in fighting financial crime. Now let’s get on with the show.
Peter (02:28)
Welcome to the podcast, Andrew.
Andrew (02:30)
Nice to meet you, Peter.
Peter (02:28)
Good to meet you as well. I’d like to get these things started by giving listeners a little bit of background. You’ve been in financial crime compliance for several decades now. Maybe we get started — I’d love to know what drew you to this discipline, because it’s not an obvious choice. And maybe tell us a little bit about what it was like in the early days compared to today.
Andrew (02:57)
It’s sort of an interesting career journey. I actually tell some of my colleagues that I originally started work as a software developer many decades ago, and I was working on some projects around the processing of payments. Associated with payments, there was at the time — this is the mid-90s — an associated risk around sanction screening of payment messages. I thought it was an interesting problem to solve, not only ensuring the integrity and the safety and the compliance of particular payments, but also making sure that you didn’t unnecessarily stop payments. It’s been a common thread in the industry. I’d actually started working on some projects for central banks and large financial institutions around screening their payments for, in particular at the time, OFAC compliance. I’d worked on some software to do that, and then that was sort of all she wrote. I’ve been doing this in this particular industry since then, really.
Peter (03:57)
And you came to ComplyAdvantage from Fiserv. What made you want to move to a company like ComplyAdvantage, focusing specifically on fighting financial crime rather than the broader infrastructure play?
Andrew (04:12)
Obviously at Fiserv I was working in the financial crime space there. But Fiserv is a huge company. There’s lots of things they focus on — processing payments, but also managing payment risk. I just felt that you could be more impactful working at a vendor that was exclusively focused on dealing with this problem and hopefully being part of the solution to solving the financial crime problem. Then of course, the interesting thing about ComplyAdvantage is there’s what I refer to as this trinity of assets that we have. I’ve never worked at a company that’s had this combined set of assets that can help in the financial crime risk management space — and that is domain expertise, technology, but then also underlying everything that we do is data, used as a mechanism or an asset to fight financial crime. That trinity of assets was what drew me to the company and then just the opportunity to work with smart people here.
Peter (05:13)
I’m curious about this — you’ve been around a while and I’ve always wondered why we do such a bad job. If you look at the statistics, we catch such a tiny percentage — I’ve seen one percent, I’ve seen two percent of all illicit financial activity is caught. Why do we catch so few, and are we destined to remain forever in this sort of low single-digit percentage of catching crime?
Andrew (05:45)
Good question. When I started, the only AML monitoring we were doing was actually linked to terrorist financing, and that was sanctioned screening. And then we’ve gone through this evolution from that rudimentary technology, just applying it to really high-value payments. Then we went through the introduction of transaction monitoring for identifying money laundering. And then of course we went through the step that is still broadly used called FRAML — fraud and AML in a combined platform. The regulators are interested in other predicate crimes for money laundering, including things like human trafficking and drug trafficking. So we have this broad perspective of applying technology and data to solve all of these problems.
But as an industry — to your point — the figure of two to five percent of global GDP is generally laundered through the system, and what we actually detect is probably less than one percent. I read an article recently about the value of the money laundering economy, and it’s around $5.6 trillion, which makes it the third largest economy in the world. You have the US, China, and then just above Germany is the money laundering economy, which is staggering.
I often joke I had hair when I started working in this business, but the percentage of global GDP that’s laundered and the percentage of that that’s detected is still the same. But we’re not destined to just continue to repeat that. We have more data available to us and better inference techniques. This is what I’m talking about as an inflection point in the industry.
Andrew (08:01)
We can certainly do better. I often talk about this stat because I say — if you remember back when I was at college and I got 0.1 or 0.2% on a test, I’ve not done very well. Data, technology, and the inference we’re making on that data will enable us to be more effective in financial crime.
Peter (08:35)
I interviewed your founder, Charlie Delingpole, on my podcast back in 2019. I’ll link to that in the show notes because he gave some great background on the founding of the company. But maybe I’d love to get your perspective — how do you describe what ComplyAdvantage does exactly?
Andrew (08:52)
A lot of people in the industry have talked about this notion of fraud and AML — they refer to it as FRAML. Our platform and our data go beyond FRAML. What I talk about is we have data, technology, and domain expertise that allows us to manage what I refer to as multiple dimensions of financial crime risk — could be fraud, could be money laundering, terrorist financing, human trafficking. And that’s what we manifest in our Mesh platform. We enable our customers to fight financial crime.
Peter (09:28)
So let’s talk about the Mesh platform, because I was reading about it — it sounds like it does a lot. Maybe you can talk about the different functionality of that platform and what it actually changes for a compliance officer at a mid-sized bank or a fintech in their day-to-day work?
Andrew (09:49)
One of the things we do annually is produce a state of financial crime report — downloadable from our website — covering around 600 C-level execs who are experts in this domain. One of the things they’re wrestling with is that they’ve got a heterogeneous set of tools, and they may have multiple tools doing the same thing within their organization. They may have this “swivel chair” situation of going to different tools. What we’re doing with Mesh is bringing together all of these capabilities and data onto a single platform. It’s a well-worn phrase, but it enables us to get a holistic view of financial crime risk at the relationship level.
Just having that view of risk isn’t enough. You want to know what it means for how you monitor individual customers, or what exposure you have as an organization around customers being exposed to fraud, money laundering, terrorist financing, or human trafficking. The real USP for Mesh is that sitting on top of unique data, all drawn together through a middle layer of entity resolution, are what we refer to as our risk apps — things like payment screening, transaction monitoring, customer screening, customer risk scoring, and detection for unusual activity that could be indicative of fraud.
Andrew (12:11)
Everything brought together on that single platform so you can inform investigators in one area with the results of investigations in another area. I’ve seen at financial institutions where they thought they’d identified some fraud in a particular case. They contact the customer, it’s not fraud, gets passed over to the AML team, and it ultimately turns out to be terrorist financing. Having everything together is almost like a force multiplier because each of the different risk apps can be used to inform the others, making everything much richer in the management of financial crime.
Peter (12:57)
I want to talk about the Mesh platform being described as an AI-native platform, but there’s also Cassie, your agentic AI teammate. Tell me a little bit about Cassie and how she fits into Mesh and how she’s able to handle a lot of the automations and heavy lifting that was presumably done by humans before.
Andrew (13:42)
Great question. We do a lot with agentic AI and AI in the background. One of the things we do is collect and curate adverse media data, and we’re using agents in that regard. Historically, people have valued adverse media but thought they’d get too much noise. What we’ve done is automate the process of collecting the data and then using different types of AI techniques to curate it, so that what you actually see when Cassie enters the mix is actually relevant information to make a determination about customer screening.
Depending on the configuration a compliance officer wants, you can have Cassie as an agent take investigations that would typically have been done by human analysts in the past. One of the perennial problems we’re solving is the creation of cases that are not worthy of a human analyst’s time — generally referred to as false positives. Basically, Cassie will take the cases and then perform an investigation. Cassie is remediating customer screening cases. Someone’s name has hit against either a sanctions list, adverse media, fitness and probity, or a PEP list. That generates a case. Cassie takes that case and, in a fully explainable and audited way, makes a determination about what to do with it.
Andrew (16:04)
That could be marking all of the matches within a case as a false positive, or Cassie makes a referral to a human analyst. So in that lifecycle, there’s still a human in the loop.
Peter (16:16)
Let’s talk about that, because you’ve been doing this a while. What’s your take on where the human fits and where the machine should be doing the work?
Andrew (16:38)
What we refer to as Level 1 reviews — which is often just trying to find a needle in a haystack — involves dealing with a lot of false positives. Cassie will take away a lot of that work, but there is still a “spidey sense” that human analysts have that is probably not replicated in a lot of the agentic AI at this point. People are also a bit nervous about completely automating final determinations on financial crime cases.
Right now, the idea is that the agents are getting rid of a lot of the false positives so that the pool of remaining cases becomes smaller but sufficiently unusual to warrant a human analyst. That’s where they step in with more advanced and detailed review. Compliance teams at financial institutions are also now mandating that the people they’re hiring as AML analysts be AI-savvy. One of the other things we do in Mesh is allow our customers to almost “vibe code” with natural language creation of different types of detection scenarios.
Peter (18:49)
If you look back two or three decades — what you were doing then — how much of your work was just chasing noise and not actually doing something that could move the needle?
Andrew (19:00)
Way back in the midst of time, and even consistently up to probably four or five years ago, something like 90% of the work is just basically dealing with the noise. I’ve been to organizations — mid-size financial institutions in the US — where, if they’re screening for sanctions, 98% of their investigations are false positives.
Peter (19:26)
So what you’re saying — the implication of that is that today, these departments could be ten times or more effective than they were before?
Andrew (19:35)
Exactly. And that ties us back to the technology we have available today. One of the things I should mention — 80% of millennials think that money laundering is a white collar crime. We really need to do better than the 0.1 to 0.2% of money laundering that’s detected, because some of the criminal activities that are predicate crimes for money laundering — things like human trafficking — before COVID there were 40 million people subject to human slavery according to the International Labour Organization. Fast forward to today, it’s estimated to be 50 million. It’s getting worse. But if we can be more effective in stopping the proceeds of these criminal activities being laundered through the system, hopefully we can stop some of these particularly heinous crimes.
Peter (20:38)
Yes, indeed. I want to talk about a specific use case — real-time payments. In the UK it’s been around for a long time. In the US, more volume is coming through every year. When you’re dealing with real-time payments, you’re dealing with milliseconds of decision-making time. How does your transaction monitoring allow that kind of speed?
Andrew (21:13)
I’ve been involved in real-time payments for the longest time. There are more than 100 domestic real-time payment infrastructures in the world today in production. Here in the UK we’ve had faster payments since 2006-2007. By the way, at that point there was a dramatic increase in fraud on real-time payments, because criminals will take advantage of any transformation or disruption in the financial system. They’ll see where the gaps are and go to that path of least resistance.
In terms of what we do on our Mesh platform — first, we want to make sure we don’t introduce unnecessary customer friction because that will lead to customer churn. Even on the onboarding side, the application abandonment rates for new financial services products online are something like 65%. The way we do that first and foremost is by having technology on Mesh that allows our customers to implement a risk-based approach. What’s my tolerance for risk? You need a flexible tool to allow you to configure Mesh to map to your particular risk appetite at your organization.
Andrew (23:37)
Then there’s a whole technology infrastructure that allows us to be fully scalable. The volumes our scalability allows us to achieve to meet the real-time payment obligations our customers have are just staggering. In the context of SEPA Instant Payments and screening against the EU journal — you’re mandated not to screen them against the EU journal in real time. Rather, if there’s a change to the EU journal, you need to screen all of the participants in those payments that you have on record. Having that type of capability for particular unique use cases in markets allows our customers to meet the obligations they have from the origination of a payment to a beneficiary receiving that payment.
Peter (25:04)
I want to switch gears and talk about crypto and stablecoins. The Financial Action Task Force has said that stablecoins represent 84% of illicit crypto transaction volume. The GENIUS Act is well underway in the US. Where’s the compliance infrastructure gap as stablecoins get mainstreamed into the banking system?
Andrew (25:52)
This is something I’ve been thinking a lot about recently. With the conflict in the Middle East, there are particular use cases — the Iranian government charging tolls for ships to pass through the Strait of Hormuz and asking for payment in stablecoin. That being said, stablecoin from a payment perspective democratizes payments. It makes them much cheaper and much faster. That’s good, as long as they’re going through credible exchanges and payment companies, because then you have the opportunity to monitor them.
Something that’s been mooted by the Bank of England here is banning unhosted wallets. Because then the money becomes data — and how do you ensure or trust that data? There’s no way of intercepting it. So banning unhosted wallets is a good first step. In the United States, we’re not looking to ban unhosted wallets. So how do we manage financial crime risk in that context? The techniques need to be appropriate and given the right data from stablecoin transactions on the blockchain. We do have the travel rule applied to those transactions. Monitoring at the point where transactions come off-ramp into fiat currency is how we solve the problem of these types of crypto transactions.
Peter (29:04)
I want to close with looking forward. You said we’re at an inflection point right now because we have fantastic tools, but the criminals also have AI tools. Take us three to five years into the future — what does the world look like when it comes to catching financial crime?
Andrew (29:42)
Absolutely true. In the last two years, there’s been an 850% increase in criminals’ use of AI — account takeover, deepfakes, authorized push payment fraud. It’s basically never ending. However, there are some mechanisms already in place where we can make a difference.
One of the things we do with our own data is create a knowledge graph with millions of nodes and millions of connections. Financial crime has historically been seen as unusual behavior for an individual. However, financial crime, and particularly things like terrorist financing and money laundering, are really a network problem. They draw together all of these bad actors.
The future — a few years down the line — is that we need to share more data across the industry. This is the future of us being materially impactful in stopping financial crime. We’re building consortium insights based on multiple organizations contributing to those models. It’s a well-established technique that’s been around for a long time in the credit card fraud space. Sharing consortium insights across our customers will help us be more effective in financial crime down the line. It’s a force multiplier because organizations are contributing to that model as they encounter new types of attack vectors. On the dark web, criminals will share information, but they won’t share it at that scale. And that’s where we have the opportunity to be impactful. Myself and my colleague Ian Armstrong raised this during conversations with the UN on their non-binding guidance on countering terrorist finance in member nations.
Peter (32:17)
Well, you give me some hope, Andrew. I think that’s a great place to end it. I really appreciate you coming on the show today. Best of luck to you. Thanks again.
Andrew (32:30)
Excellent. Thanks, Peter.
Peter (32:38)
The most important takeaway for me in this interview — and something I want to emphasize again — is that up until just a few years ago, roughly 90% of compliance work was chasing false positives. Investigations that started and went nowhere. Nine out of ten. And at some mid-sized US banks, the figure for sanctioned screening was as high as 98%. When I pushed him on the implication, he put it simply: AI tools like Cassie mean these departments could be ten times more effective than before. This is an example of an efficient use of AI that is not about cutting headcount. It is about giving skilled analysts work that is actually worth their time — the cases that genuinely require human judgment to resolve — while AI handles the grunt work. As I said, it gives me hope that maybe we can finally move the needle on fighting financial crime.
Anyway, that’s it for today’s show. If you enjoy these episodes, please go ahead and subscribe, tell a friend, or leave a review. Thanks so much for listening.