Luke Mawbey, VP of engineering at ComplyAdvantage, explains the prevalence of financial crime globally and what organisations can do to ward off attack.
Prior to this, he worked with the United Nations Development Programme – specifically its Africa Adaptation programme – which instituted long-term planning and climate-resilient policies in 20 countries in Africa.
‘Embedding security into the culture of a company is essential to ensure systematic and comprehensive protection of data’
– LUKE MAWBEY
Tell me about your own role and your responsibilities in driving tech strategy.
It’s estimated that between $800bn and $2trn is laundered every year, and somewhere between 1pc and 3pc of this is detected and potentially stopped. At ComplyAdvantage, we believe that the system is fundamentally broken and that we need new approaches to the detection and prevention of financial crime. These approaches must take advantage of modern technology.
As such, our business is powered by technology. Our technology strategy is designed to best serve our clients by removing the pain from their AML [anti-money laundering] compliance processes. Whilst I’m accountable and lead the process of building a technology strategy, there are many stakeholders that have input from within engineering as well as other parts of the business.
Are you spearheading any major product and IT initiatives you can tell us about?
Detecting and preventing financial crime requires us to build up profiles and identify connections between people, companies and events. We need to be able to absorb, interpret and present this data clearly. This means our clients can quickly understand and act on the information. To that end, we are building the first global, connected database of people and companies powering world-leading financial crime detection tools.
How big is your team? Do you outsource where possible?
Our product and engineering teams currently include 150 people – roughly half the company by headcount. One of our competitive advantages is the ability to build and deliver products based on modern technologies. We do the vast majority of this in-house so that we can maintain a strong focus on quality and innovation.
What are your thoughts on digital transformation and how are you addressing it?
Digital transformation is at the cornerstone of what we do. Our entire business is built around a technology-first approach to compliance. If we can automate a process, then we should do that as it’s far more efficient, and often more effective, than the alternative.
What big tech trends do you believe are changing the world and your industry specifically?
We love that machine learning (ML) is rapidly maturing, and there are a bunch of different ways to approach solving problems with ML. Everything from using the fundamental building blocks through to TensorFlow, or even ML-powered services available on demand such as named-entity recognition (NER) processing.
Cloud-native development has also been a hugely successful approach for us. It has allowed us to build products, iterate and develop rapidly. As various infrastructure-as-a-service (IaaS) offerings have matured, including databases, event streaming and even Kubernetes, being cloud-native has allowed us to take advantage of these services. This means our engineers can focus on building better products rather than installing and configuring servers, operating systems or databases.
Linked data and semantic graph databases have nicely matured in recent years. As more institutions adopt these, it offers exciting opportunities in how we can draw more power and insight from the data that already exists through increasing interoperability and connectivity.
In terms of security, what are your thoughts on how we can better protect data?
Embedding security into the culture of a company is essential to ensure systematic and comprehensive protection of data. We are strongly focused on the concept of security by design, and deliver that through product and engineering.
Many security breaches are the result of not following best practices and so getting the fundamentals right is hugely important. Data protection is often less about rocket science and more around applying best practices in a consistent, methodical manner. This isn’t easy, and I don’t envy those that are accountable for protecting an organisation.
Beyond technical issues and protections, we also need to be vigilant against social attacks. This, of course, forms part of best practices, but for those of us in technically focused roles, it’s an area that is easy to overlook.
Updated, 10.25am, 4 February 2020: A previous version of this article said that between $800m and $2trn is laundered every year. This was amended to clarify that the figure is between $800bn and $2trn.
Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.