Faculty of law blogs / UNIVERSITY OF OXFORD

Is There a Role for Machine Learning in Anti-Corruption Risk and Compliance?


Jonathan Rusch
Adjunct Professor of Law at the American University Washington College of Law


Time to read

3 Minutes

In any large enterprise—whether a major corporation or large government agency—indicia of corruption can be difficult to find. Unlike money laundering, which typically requires frequent infusions of large amounts of funds into the financial system to move criminal proceeds, corruption schemes generally make bribe payments fewer times, in more variable amounts, and at more irregular intervals to bribe government officials in order to obtain or retain business. Moreover, the task of finding patterns reflecting potential corrupt transactions or relationships becomes vastly more difficult for humans to carry out, as large companies may have multiple datasets, totaling several petabytes, that are dispersed across the enterprise.

To date, many companies are content to use rule-based programming, which requires humans to write algorithms for a particular solution, in their financial crime compliance programs. In recent years, however, academicians and non-profit organizations have been showing that machine learning—a branch of artificial intelligence in which the machine-learning solution ‘learns on its own in writing algorithms—can be highly effective in finding corruption-related patterns in large datasets. Various studies have successfully used machine learning on public or specially-gathered datasets to predict public corruption based on economic and political factors, to find small-scale illegal mines in the Democratic Republic of the Congo, and even to assess the effectiveness of anti-corruption educational campaigns.  Moreover, the Organisation for Economic Co-operation and Development and the US Department of Justice have indicated that companies need to aggregate and make effective use of all of the data in their possession as part of their compliance programs.

As a consequence, many companies in the United States and the United Kingdom have been taking a closer look at possible use of machine learning in their anti-corruption risk and compliance programs.  Uncertainties about how machine learning actually works, how it can be used for anti-corruption programs, and how much anti-corruption machine learning solutions would actually cost have tended to slow the active development and use of such solutions for compliance purposes.

To address this problem, on April 8 the nonprofit Coalition for Integrity issued a guidance document, Using Machine Learning for Anti-Corruption Risk and Compliance, that is directed at business and compliance leaders rather than programmers and data analysts.  The document states that it is intended to assist companies in multiple sectors ‘in thinking about whether and how to approach the task of deciding whether some form of anti-corruption machine learning would make sense, in operational and economic terms, for their anti-corruption programs’.

To that end, the document first makes clear that before seeking to develop an anti-corruption machine learning solution, a company must first decide that it can articulate a business case for doing so. To make that decision, the company must consider (1) whether machine learning, which is better suited for situations in which a company has a large dataset and a large number of factors, is more suitable for its needs than rule-based programming; (2) whether the company has enough risk and compliance professionals who would have the necessary training and expertise to make effective use of the solution; (3) whether the solution should address a broader range of risks than anti-corruption (eg, third-party or insider risk); and (4) what the likely cost and return on investment of such a solution would be.

Once it has determined that it has such a business case, the company should then proceed in a five-step development process: (1) framing the specific machine-learning problem and solution; (2) constructing the dataset; (3) transforming the data, which can include such actions as changing data types and converting categorical data to numerical data; (4) training the machine-learning model, which involves taking data from its raw source state and transforming it into data that is ready for analysis; and (5) making predictions with the model and assessing its performance on a continuing basis.

The document also provides three examples of companies in different industries that have successfully implemented anti-corruption machine learning solutions: AB InBev, Microsoft, and Alexion Pharmaceuticals.  Each of these descriptions explains the process by which the company developed and uses its solution.

Finally, the document identifies three sets of considerations that companies must factor into implementing and operating an anti-corruption machine learning solution: (1) ethical issues, such as responsible design and use of artificial intelligence; (2) legal issues, such as data privacy and cybersecurity; and (3) governance issues, such as whether the company will need to make governance and structural changes to make the solution effective across the enterprise.

The document concludes that

it would be inappropriate to say that all companies, regardless of size, business model, and financial resources, need to adopt anti-corruption machine learning, or that regulators will expect all companies to incorporate anti-corruption machine learning into their compliance programs. But experience to date indicates that anti-corruption machine learning holds considerable promise, and that companies should take that into account in deciding how to improve their anti-corruption and related compliance programs.

Compliance experts are already reacting favorably to the Coalition for Integrity guidance.  Because there is no comparable guidance or benchmarking document that addresses anti-corruption machine learning in nontechnical terms, business and compliance leaders should make use of the document as a template for their internal discussions on how to improve their anti-corruption programs.

Jonathan J. Rusch is Principal, DTG Risk & Compliance; Senior Fellow, Program on Corporate Compliance and Enforcement, New York University Law School; Adjunct Professor of Law, Georgetown University Law Center.   He conducted the research and drafting of the guidance for the Coalition for Integrity.


With the support of