Beyond Madoff: Anti-Money Laundering with Quantitative Complexity Management.
By JB Beckett, Author of ‘New Fund Order’.
Foreword by Jacek Marczyk.
Foreword: “Our society depends on a number of highly complex and highly interconnected networks that process and distribute energy, information, goods, etc. They form an immense system of systems that has one key characteristic – huge complexity. As this system of systems evolves and grows its complexity also increases. And this is a problem. First of all, high complexity implies fragility. This is because highly complex systems can behave in a myriad of ways – called modes – and can often switch from one mode to another without any early warning. Many of these modes of functioning can be counterintuitive. In each mode a complex system offers different ‘concentrations of fragility’, points of weakness which may open the door to an attack. The more complex a system is the more concentrations of fragility it possesses in each mode. Think of all the things that go wrong in a modern car with its sophisticated electronics. More gadgets means more trouble. Why? Because gadgets interact with each other, even though this if often unintended. More gadgets more possible interactions. The tens of thousands of possible circumstances that can arise is impossible to test. The only way to proceed is on a trial and error basis and let customers debug a product.
Anomaly detection has become a popular subject nowadays. The detection of malfunctions or anything suspicious, such as hacker attacks or illicit operations of any sort, is obviously of great interest. There are obviously various types of anomalies or malfunctions. Certain attacks may be undetected for prolonged periods of time, until the damage become visible. Some attacks are immediately obvious, as is the case of blackouts. Then there exist anomalies that are permanent but are never discovered. They make systems less efficient, less profitable, but, very often due to high complexity they remain masked. Monitoring of this universe can performed periodically – even in real-time if sufficient computational power is available – to track its complexity over time. The above logic can be applied to a universe of financial transactions to detect anomalies, in particular Ponzi schemes.”
Introduction: Anomaly-based Anti-Money Laundering Software (A-AMLS) with QCM
In finance, Complexity can become inextricably linked to the rise of fraud. Complexity is the reciprocal of transparency. In a simple transparent system it is difficult to disguise fraudulent anomalies. The system remains resilient. However the number of financial products and product complexity is increasing; some are made deliberately complex, others escape their creator’s control by refusing to follow a Gaussian distribution here or a linear correlation there. The presence of highly complex products increases the complexity of financial markets, offering new opportunities for fraudulent and illicit operations. High complexity is a great way to hide incompetence, inefficiency, fraud and makes it difficult to identify responsibilities. Ponzi schemes (a form of fraud and money laundering) like Bernie Madoff were born out of investor desire to apply Complexity to escape market volatility. Likewise the incompetence of the custodians who accept deposits, monitor assets and pay on maturity must be addressed.
A complete rethink of Anti Money Laundering (AML) software is needed; both in how it is structured and actioned. Banks can be negligent through a combination of human error or poor AML systems, as was the case with Madoff Securities and JP Morgan (JPM). Quantitative Complexity Management (QCM) offers a solution. Without which Banks can be unwitting accomplices to fraud; yet with QCM they can become safeguards in the system.
Could the use of Complexity for Bank Deposit Anti-Money Laundering (AML) software stop the next Madoff fraud? How can a Ponzi scheme be detected in a universe of money transfer transactions? Complexity monitoring of such universes may be of help. Fraudulent attacks may be undetected for prolonged periods of time, until the damage become visible.
In the world of possible applications of Paytech; stopping criminality and protecting customers must surely rank right up there but is it possible? If judged against the full complexities of the Madoff case then the answer might sadly be no. Confined to the payment system, possibly. Reviewing the Madoff case, the basics of AML systems, and AML failings all help to provide a framework for applying QCM.
Starting assumptions for any AML system;
- Prevent the placement of assets from criminal, terrorist or sanctioned sources
- Prevent the layering of assets, from prohibited sources, into deposit and investment
- Prevent the integration of prohibited assets being paid back
- AML is designed around client identification controls
- AML relies on humans monitoring and escalating
- AML identifies anomalous payments based on past customer behaviour
What is a Ponzi scheme
A Ponzi scheme can be defined as a structure that attracts cash deposits on the prospect of future returns but actually pays out existing investors using the deposits from new investors. These schemes display high cash burn rates but can exist for decades as long as investors are content and redemptions are covered. Ponzi schemes have dogged the Finance industry as long as they have existed. They cast a long shadow and perhaps none more so than Bernie Madoff. Why did it happen? I could cite you Orwell, Nietzsche or even Confucius; or any other commentator of the human condition. It is an ethical question but also a system based problem. The Chartered Financial Analyst Institute consider the ethical aspect here:
The Psychology of Ethics in the Finance and Investment Industry, CFA Institute Research Foundation Publications (June 2007) available free at: https://www.cfainstitute.org/research/foundation/2007/the-psychology-of-ethics-in-the-finance-and-investment-industry
It is more useful to consider how? Eradicating the causality of Ponzi schemes is a rubicon that regulators have failed to succeed. However for all the complexity of a Ponzi scheme; they are often perpetuated through an unassuming bank account. Payments in; payments out. Yet over time and thousands of accounts this is itself becomes a complex network.
For those who don’t recall, this case involved the largest known Ponzi scheme in history; $65 billion defrauded out of $177 billion. All deposited into a reputable bank. The fact that the collapse of the Ponzi was the consequent of the Great Financial Crisis only made the losses all the more painful. Something in the American psyche broke.
On March 12, 2009, Madoff pleaded guilty to 11 federal crimes and admitted to operating the largest private Ponzi scheme in history. In his guilty plea, Madoff admitted that he hadn’t actually traded since the early 1990s, and all of his returns since then had been fabricated. The New York Post reported that Madoff “worked the so-called ‘Jewish circuit’ of well-heeled Jews he met at country clubs on Long Island and in Palm Beach. Over the years many accusations and investigations were initiated against Madoff over the years, both externally and internally at the depositing Bank, but none led to action.
In 2000 Harry Markopolos alerted the SEC. His analysis concluded almost immediately that Madoff’s numbers didn’t add up. After four hours of trying and failing to replicate Madoff’s returns, Markopolos concluded Madoff was a fraud. He told the SEC that based on his analysis of Madoff’s returns, it was mathematically impossible for Madoff to deliver them using his claimed strategies. Either Madoff was front running his order flow, or his wealth management business was a massive Ponzi scheme. The culmination of Markopolos’ analysis in his third submission, a detailed 17-page memo entitled ‘The World’s Largest Hedge Fund is a Fraud’ specified 30 numbered red flags based on just over 14 years of Madoff’s trades. He approached The Wall Street Journal in 2005, but WSJ editors decided not to pursue the story. Watch Harry Markopolos CFA testimony on Madoff here: http://www.c-spanvideo.org/program/283836-1
Madoff: The Aftermath
In 2014 Forbes magazine reported that JPM, “where Madoff kept the bank account at the centre of his fraud”, would pay a settlement of $1.7 billion. This resolved any potential criminal case against the bank arising from the Madoff scandal. JPM entered into a deferred prosecution agreement with federal prosecutors to resolve two felony charges of violating the Bank Secrecy Act. The bank admitted to failing to file a “Suspicious Activity Report” after red flags about Madoff were raised, which, prosecutors alleged, did not have adequate anti-money laundering compliance procedures in place
JPM: The Sins of the Deposit
The vast majority of Madoff’s accounts were deposited with JP Morgan Bank for two decades. During the nineties, according to prosecutors, JPM Bank employees had raised concerns about Madoff’s consistent market-beating returns. One arm of JPM even pulled out of a deal with Madoff’s firm in 1998 after “too many red flags” were raised to proceed. By Autumn 2008, JPM had itself redeemed a $200 million investment from Madoff’s firm, without notifying clients or authorities. In January 2007 and July 2008, transfers from Madoff’s accounts triggered JPM’s AML software, but JPM failed to file a Suspicious Activity Report (SAR). In October 2008, a U.K. subsidiary of JPM filed a report with the Serious Organised Crime Agency.
Meanwhile JPM, as the depositing bank, should have been able to identify the volumes of money in; and money out, and that money deposited was not being paid to any investment account. It should also have identified the shortfalls in net flows much sooner. As the credit crisis intensified, investors tried to withdraw $7 billion from the firm. However instead of investing deposits, Madoff had simply deposited his clients’ money into his business account at Chase Manhattan Bank (part of JPM), and paid customers out of that account when they requested withdrawals. To pay off those investors, Madoff needed new money from other investors. However, in November, the balance in the account dropped to dangerously low levels. Only $300 million in new money had come in, but customers had withdrawn $320 million. He had just barely enough in the account to meet his redemption payroll on November 19. Even with a rush of new investors who believed Madoff was one of the few funds that was still doing well, it still wasn’t enough to keep up with the avalanche of withdrawals.
JPM Bank, which at one point in 2008 had well over $5 billion, was now down to only $234 million. With banks having all but stopped lending to anyone, Madoff knew he could not borrow enough to cover outstanding redemption requests. He instructed the remaining balance to be paid out to relatives and selected investors.
The failings of JPM’s AML were therefore;
- High complexity is a great way to hide incompetence, inefficiency, fraud and makes it difficult to identify responsibilities.
- Failing to identify the anomaly and malignant purpose of the Madoff business account
- Not identifying excessive deposits that were not moved into an investment account
- Not intervening as redemptions accelerated
- Failing to identify patterns between deposits and withdrawals
- Not tagging or identifying the original source or payment chain
- Human error in not actioning flags from the Anti-Money Laundering software
- Failing to escalate a SAR to the authorities .
The Payments system has been progressively improved to protect the system against and undermine the money laundering of proceeds from crime and terrorism. It has not been designed foremost to identify fraud. AML systems thus still struggle to identify anomalies (fraud) perpetuated by existing customers and ‘upstanding’ tax payers moving large assets between domestic accounts. This need not be immutable.
An ‘A-AMLS’ solution could take a variety of forms but which?
- Geotagging money paid-in, paid-out and the source and beneficiary of funds
- Automated Suspicious Activity Reporting to remove human negligence
- Codifying every deposit and settlement for intent and behaviour
- Measure sequencing risk of outflows to inflows to detect ‘burn rate’
- Rules-based modelling on a set of assumptions
- Machine-learning based on past Ponzi scheme behaviour to identify characteristics of future fraud to enable more sophisticated triggers for raising a SAR
- Redesigning Delivery Versus Payment (DVP) in asset management with BlockChain
- Anomaly-identification based on complexity observation
Applying Complexity to detect Anomalies rather than Modelling or Machine-Learning
The Principle of Incompatibility by L. Zadeh assumes if looking for a ‘small’ anomaly in a highly complex system it will probably be never detected because you cannot squeeze precision out of something that just doesn’t have it. This means that small anomalies may slowly cause major issues or losses in the long run. This can make such schemes difficult to spot. As AML systems have become more sophisticated through modelling and machine learning; they remain fragile to this principle. Renowned Dr Jacek Marczyk, inventor of model-free Quantitative Complexity Management (QCM) notes;
“Complexity doesn’t need to be modelled – it can be measured based on raw data. Models are based on assumptions, which are prone to error. Building (complex) models of something that is already complex is a highly subjective and risky exercise. Meanwhile a machine learning system must see a given anomaly a sufficient number of times in order to learn to recognize it. In most cases, however, one cannot afford the luxury of multiple failures in order to learn to recognize an anomaly!” J. Marczyk.
Models are based on assumptions. Every time a model is used one would need to check if the said assumptions are indeed satisfied. How many people actually do that? Models need to be updated and maintained, a very costly exercise. In models certain factors are necessarily – because of computational cost or lack of data – neglected. Well, experience suggests that the most important things in a model are those it doesn’t contain.
Similarly it is attractive to use machine learning such as Automated Neural Network (self-learning) tools to detect anomalies. However, in order to recognise an anomaly, your machine learning system must see a given anomaly a sufficient number of times in order to learn to recognise it. In most cases, however, one cannot afford the luxury of multiple failures in order to learn to recognise an anomaly! So, what can one do? How can one detect that something ‘wrong’ is happening? For example, how can a Ponzi scheme be detected in a vast universe of money transfer transactions?
In a model-free approach to complexity quantification, all that is needed is raw data spanning a particular period of time. In case of financial transactions it can be minutes, days or months. From that we can create a QCM framework.
Starting Framework for a Complexity Anomaly-based AML system (AAMLS) being;
- Anomaly detection requires two things; 1) define what an anomaly is and 2) in non-stationary systems – the anomalies themselves will also change.
- The total numbers of payers and payees creates a network, producing observable data
- Complexity is a function of that structure
- High complexity implies fragility.
- Total deposits in; and withdrawals out, are complex across the network both in terms of time, different amounts, different payees and payers
- The resilience of the account is a function of its burn rate, the deficit/surplus of net flows across the network
- Highly complex systems behave in a myriad of ways – called modes – and can switch from one mode to another without warning.
- Deposit and withdrawal behaviour in isolation may appear normal
- The behaviour of the account might alert a possible fraud or Ponzi
- The identify of the payer and payer might not alert suspicion
Therefore any given business (or account) is based on a series of processes that possess structure (i.e the way information flows in the system). This structure is reflected in the account ledger. Typically we’re looking at loss of structure due to ‘de-correlation’ between the entries on the account ledger. If the person committing fraud it changes the arithmetic then it will show up immediately as a sudden change in complexity.
Then by applying Quantitative Complexity Management;
- Essentially, one structure is (implicitly) mapped onto another. The creation of accounts and ledgers are done according to sets of rules, such as the International Accounting Standards (IAS).
- The structure is reflected in the so-called Complexity Map which shows the interdependencies between its entries.
- When the underlying model is manipulated with fraudulent intent, so does the topology of its Complexity Map.
A growing Ponzi scheme will present itself in the form of an upward drift of complexity with a gradient proportional to the rate at which the scheme itself expands. For conventional AML systems the anomalies must be of sufficient magnitude in order to rise above the ‘noise floor’ of a given system or process. In QCM, disguising a Ponzi scheme with numerous small transactions will not be sufficient to hide it because the emergence of its structure will be inevitable. This is because the nice feature of the QCM algorithm is that it is scale-independent, which means that the magnitude of the transactions doesn’t affect complexity.
The Payments system has to accept its role for Ponzi schemes; a parasitic issue of fraudulent behaviour, often carried out behind the auspices of legal activity on home soil. Today’s AML systems remain woefully misguided and ill-equipped. Reliance on modelling and machine-learning incurs fragility. However when a Ponzi scheme is instituted within the bank’s universe it will alter its structure, in particular it will add structure, hence increase complexity. As J. Marczyk puts it;
“Complexity is a function of structure (as well as entropy but we will leave entropy out of the picture). When a given system undergoes some sort of mutation – in physics we could speak of a phase change, for example from liquid to solid – its structure changes. When this happens, complexity undergoes changes, that may be sudden or gradual. When these changes are gradual they offer great crisis anticipation signals. This has been observed in medicine, whereby hospitalized patients in intensive care, monitored via a series of clinical parameters and biomarkers, showed rapid complexity increases prior to an instability or side effects of drugs before conventional signals hinted anything anomalous. In a totally different context, QCM has been show to differentiated with an extremely high degree of success between counterfeit and genuine electronic components, such as chips.”
Complexity modelling changes the focus of your AML system from client to anomaly identification, optimising payments analysis, automating the SAR process and removing human error. The prize, an end to fraudulent Ponzi schemes being obscured by the ever faithful depositing account. We look forward to moving to proof of concept by working with progressive Banks.
JB Beckett, Chartered MCSI
Author ‘New Fund Order’, Non Executive Director
Emeritus, Association of Professional Fund Investors