ING Leverages Graph Technology to Identify Suspicious Activity

ING is adding graph technology to its data analytics platform, Hunter, to better detect suspicious activity in transactional data.

Graph technology is a method of storing data that shows the different relationships between data points. For instance, in financial services, analysts can use it to better understand connections between entities and products, which can help to detect anomalies. Annerie Vreugdenhil, chief innovation officer (CIO) of wholesale banking at ING, says new advancements in analytics and graph databases are helping banks such as ING keep pace with increasingly sophisticated financial criminals.

“We are now working on graph technology and working it into [Hunter] so that we can visualize the patterns that you see emerging from suspicious activities. That is very important, because so far, we have always been [a few steps] behind the actors,” Vreugdenhil says.

As financial crime operates on an international stage, bad actors can be difficult to keep track of. Vreugdenhil says criminals often move their operations to different territories where they believe they will have less regulatory scrutiny, or scrutiny from institutions. And in response, banks need to be able to follow and monitor these bad actors’ movements on a global scale.

“This graph technology that we are working on right now will help us to be closer to those new trends and the new [criminal] networks that are emerging, because you will simply see them and visualize them much faster,” Vreugdenhil says. 

Graph databases improve the more data they ingest, and every new data point changes the network. Vreugdenhil takes Facebook as an example. When a user accepts your friend request on Facebook, this changes the network linked to your page, and the new friend’s profile and their friends list will be mapped to your account.

“This is the way we are mapping the data using graph technology, so that we can see networks emerging, especially in anti-money laundering,” Vreugdenhil says. “This is very important, because if you find a suspicious transaction, [at one point in the network] and you flag it, it will have a different effect on the relationships.”

Visualization is a key part of ING’s graph-based approach. Vreugdenhil says graph technologies help its financial crime team make better informed decisions even if there are some missing data points in the network. However, there is no substitute for full comprehensive data, and the more data points, she adds, the more relationships that can be established.  

This technology [graph tech] that we are working on right now will help us to be closer to those new trends and the new [criminal] networks that are emerging

Annerie Vreugdenhil, ING

The ING analytics platform is designed to analyze 14 billion transactions in a matter of seconds. The solution has been fully operational from early this year, but the bank is continuing to develop out its analytics models and tools for its financial crime investigations teams.

“We were actually able to create our first Hunter models in weeks on top of the technology [the analytics platform],” Vreugdenhil says. “Because we had loads of payments data, [our] data scientists were very quickly able to create a model and put it to work on this platform, and we have started adding graph technology to it.”

The bank hopes to have the technology incorporated into the new models by the end of the year.

ING is currently using the platform for its own transaction monitoring, but Vreugdenhil says banks could become better at targeting bad actors on a global scale if they collaborated and combined their data sets. However, this is challenging to achieve in practice as institutions are obligated to comply with data privacy regimes such as the General Data Protection Regulation in Europe, and protect client data.

Industry efforts to create more cooperation in this area do exist. ING is part of an initiative among Dutch banks called Transaction Monitoring Netherlands, including ABN Amro, Rabobank, Triodos Bank and De Volksbank. The group of firms announced a joint venture this summer to develop a utility platform to combat AML and financial terrorism. But data sharing between banks requires legislative changes to avoid breaching rules like GDPR. Some have gone so far as to call for the wholesale reform of financial crime regimes. 

“So, this is one of the big debates that I know that a lot of banks are talking to governments and regulators about…It is not just about technology and modelling, it is really also about the whole system, and how do you make it work better,” she says.