Financial crime and compliance

Our customer, a large regional bank, has a small team dedicated to anti-money laundering (AML) research. The analysts use publicly available, internet-based resources to assess their clients’ risk profiles and demonstrate compliance with KYC requirements. They look deep into the business ownership structure; determine if the client’s industry or country of operation are subject to sanctions; analyze whether corruption is prevalent in the client’s region; and study business relationships of their client and their partners. Naturally, not all businesses are transparent, and while it’s not always illegal to mask certain business practices, associations, partnerships or ownerships, it makes the researchers’ job much more difficult.

The bank works with a variety of clients – from individuals and small businesses to large multinational corporations. Knowing who you’re dealing with and whether the customer is indeed who they say they are is the job of the AML/KYC team. As part of the verification process, the team requests certain information from the client, such as tax IDs, business licenses and financial statements. But it is also common knowledge that a lot of this information can be found on the dark web and available to anyone who, for any number of reasons, wants to conceal their business’ true identity and impersonate someone else.

When the bank’s AML team sets out to verify that they are dealing with legitimate clients who are not involved in or affiliated with the companies that engage in illicit activities, they must tread carefully. Ideally, all research should be conducted anonymously, without alerting the party that someone is looking into their background. The longer the AML team’s efforts can remain undetected, the more information they can uncover, helping to reveal the clients’ true selves.

Naturally, using standard-issue company laptops for this delicate research wasn’t an ideal option, especially with the bank’s strict IT policies and the mandatory use of proxies which blocked AML analysts from accessing the sites they needed. But the idea of a “dirty” infrastructure didn’t make sense either. This do-it-yourself approach to anonymity and isolation would require purchasing additional hardware, disconnecting it from the bank’s network and rebuilding machines every time an investigator’s account got “burned”, or researchers inadvertently picked up malware while traversing the web.

The expense of a “dirty” infrastructure was too great and would have placed an undue burden on the bank’s IT team to constantly erase and reimage machines, all while guaranteeing airtight security. To conduct anonymous research that’s also traceable for audit and compliance purposes, the bank’s AML team needed a specialized solution.

Silo for Research is built on the Silo Web Isolation Platform. This provides users with a one-time-use browser, rendered on demand in a secure, cloud- based container. With all web code converted into remote session display, endpoints are automatically protected from any malware and researchers are free to visit even the most devious sites, knowing they won’t expose their devices and networks to malicious content.

With Silo for Research, the bank’s AML analysts can spoof their location; manipulate their hardware and software fingerprints; and safely collect, annotate and share any internet-based information. Silo for Research also includes tools for language translation (especially relevant for investigating clients’ foreign ties), link tracing and web code and traffic analysis capabilities.

The ability to keep a record of the entire investigation with Silo for Research is especially useful when AML analysts uncover information that might be of interest to law enforcement or regulatory or government agencies. It is also helpful for retracing one’s steps and for sharing information with other analysts within and outside the bank.

“We are not aware of any other solutions like Silo for Research on the market,” says a cyberthreat intelligence analyst with the bank. In the future, the bank plans to further strengthen our threat research capabilities using Silo for Research in a full-service lab for malware analysis.