Walk the floor of almost any financial crime operation today, be it in New York, London, Frankfurt, Sydney or Mumbai and you will hear a version of the same complaint. The issue is rarely that institutions cannot detect suspicious activity. Alerts are constantly firing, models are scoring and watchlists are continuously being matched.
What you hear instead is that there are too many alerts, too little context behind each one and not enough hours in the day to turn that noise into a defensible decision.
After years of designing solutions for banks and financial institutions across these markets, we’ve come to believe the industry has been investing heavily on the wrong side of the problem.
The Market has Changed Underneath Us — Everywhere at Once
The UN Office on Drugs and Crime puts laundered money at up to $2 trillion a year and a recent Nasdaq Verafin estimate suggests illicit financial activity reached roughly $4.4 trillion in 2025 — a $1.3 trillion jump in two years.
The consumer-facing picture is just as stark. In the US, the Federal Trade Commission reported losses of more than $12.5 billion to fraud in 2024, a 25% rise year on year. In India, the Reserve Bank’s FY25 annual report showed the value of bank fraud nearly tripling to around ₹36,000 crore, concentrated in digital payments — unsurprising in a market where UPI now carries an overwhelming majority of non-cash retail transactions. Scams are not getting cheaper nor simpler.
Regulators across every major jurisdiction have responded by raising the bar on what “good” looks like:
- In Europe, the new Anti-Money Laundering Authority (AMLA) shifts the test from “did an alert fire” to “was it reasonable for it to fire and can you defend how you escalated or dismissed it.” That single change turns the long-tolerated 95% transaction-monitoring false-positive rate from an efficiency drag into a control deficiency.
- In the UK, the FCA continues to press on transaction-monitoring effectiveness and the disproportionate volume of alerts that never become a suspicious activity report, alongside reforms placing real accountability on firms to demonstrate their reasoning.
- In Australia, AUSTRAC’s AML/CTF reforms extend obligations to roughly 100,000 entities through 2026, against an estimated AU$82 billion annual cost of financial crime.
- In India, the RBI has mandated dynamic authentication for all digital payments from April 2026 and even deployed its own AI tool, MuleHunter, to identify money-mule accounts, showcasing how regulators are effectively setting the technology pace for the industry.
- In the US, enforcement remains material even as headline fine totals fluctuate, while real-time rails and instant payments compress the window in which a decision must be made.
And here is the uncomfortable truth underneath the spend. Common to all of them: banks commonly devote 10–15% of their headcount to KYC and AML. The industry spends an estimated $60 billion-plus a year on compliance, yet it can detect only a small fraction of actual criminal flows.
More people thrown at more alerts has not closed the gap. It cannot.
Why Does This Gap Exist?
When we studied how investigators spend their day across multiple operating-model reviews, a consistent pattern emerged — and it held regardless of country. Roughly 45% of effort in financial crime detection goes into assembling context: pulling KYC, payments, prior alerts, communications and screening result out of siloed systems. Another 25% goes into coordination: queue management, manual escalations, rework loops, waiting on a second pair of eyes. About 15% goes into documenting evidence in a form that survives audit. That leaves only around 15% for the actual judgement the investigator is uniquely qualified to make.
Put differently: roughly 85% of investigator effort is consumed before any judgement happens. Detection is broadly adequate. The failure lives in the space between an alert firing and a decision being made.
One System, Three Layers, Working as One
Most transformation programs pick a single lever and pull it hard; it can be a new detection model, a workflow tool or a data lake. We think that’s the core mistake. The problem is not any one layer; it’s that the layers don’t operate as one system. This is the principle behind how we approach financial crime at Persistent, called the 3C model — Control, Context and Coordination — designed to work together, not in sequence.
Control is the secure, governed, observable foundation: the data platforms, model management, agent runtime, identity, auditability and responsible AI guardrails. It is what makes everything above it defensible to an examiner in any jurisdiction.
Context is a unified investigative intelligence layer — an entity graph linking customer, counterparty, account, beneficial ownership, adverse-media signals, jurisdiction risk and disposition history, enriched from multiple structured and unstructured sources and, crucially, learning from every investigation it touches.
Coordination is the governed execution layer where investigators and AI agents work typology-led cases together, with clear accountability and fallback paths.
The reason all three must move together is simple. Invest in Context without Coordination and you build a beautiful knowledge graph that no workflow consumes — the intelligence is stranded. Invest in Coordination without Context and you simply automate the wrong workflow faster. And invest in either without Control and you cannot put a single recommendation in front of a regulator. Each layer makes the next one possible: Control supplies trustworthy data and lineage to Context; Context decorates every alert with evidence the Coordination layer can act on; Coordination feeds investigator decisions back down as new training signal that retrains Context and is audited by Control. It is a constant loop, not just a stack.
The Accelerators that Close the Messy Middle
We don’t ask clients to build this framework from a blank page. Persistent brings a set of pre-built accelerators that map directly onto the 85% problem.
At the heart of this approach is iAURA, our AI operating system. Through its Data Context Builder, it assembles the learning enterprise knowledge graph that forms the Context layer, resolves duplicate entities across systems, enriches every transaction with lineage and risk signals, and reduces the effort spent reconstructing context by hand by as much as 45%. On top of it, our Agentic Fraud Case Investigation and Disposition accelerator supplies the specialist agents and evidence-pack and SAR-narrative drafting that attack the coordination and documentation friction, while our multi-agent Fraud Detection platform— with built-in sanctions-check and transaction-risk tools, SSO and end-to-end traceability — and our Databricks-based Merchant Risk Scoring solution bring real-time scoring and human-in-the-loop override to the front of the funnel. For institutions wary of sending sensitive decisions to frontier models, our domain-tuned Enterprise Language Model approach embeds institutional judgement in a bank-owned, on-premises model that returns cited rationale and a confidence score, keeping the Control layer intact. Because these accelerators share one architecture, a bank can start where the pain is sharpest and extend without re-platforming.
An estimated 73% of AI models in banking never reach production, largely because of explainability failures and audit gaps. In a regulated investigation, whether the examiner is FinCEN, the FCA, AMLA, AUSTRAC or the RBI, an unexplainable recommendation is worthless and worse, a liability.
So, the design target enabled by iAURA’s acceleration suite is: zero unapproved AI-only suspicious-matter decisions, full recommendation-and-decision lineage and audit-readiness on every case. iAURA’s Agentic Data Engineering patterns & agents recommend, suppress candidates only with evidence and pre-draft SMRs (Suspicious Matter Reports) as they focus less on the data platform and more on the data pipelines and workflows. Authorized people decide, report and own the outcome. Meanwhile, defensible decisioning isn’t a feature you bolt at the end; it lives in the Control layer from day one.
What does the integrated model buy for a bank? Based on pilot targets and delivery patterns we’ve seen, the realistic prize is a 25–40% reduction in low-risk alert workload, materially faster triage through ready-made evidence packs and in our automation work for a payment gateway serving major banks, outcomes like $32 million in savings and case throughput rising from 60 to 170 cases a day. We’d caution any leader to treat headline accuracy claims as hypotheses to prove against their own baseline rather than promises. The durable value is structural: because the three layers form a loop, every disposition retrains the next decision and the system compounds.
The Honest Takeaway
The next two years will separate institutions that treat compliance as a cost center to be minimized from those that treat it as a strategic capability to be engineered. The not so smart will keep tuning detection in isolation and adding headcount while the winners will fix the messy middle — Control, Context and Coordination, operating as one governed system an examiner in any market can defend.
Detection was never the hard part. The decision is. That’s where the next decade of financial crime compliance will be won.
Author Profile
Satish Wadhwa
Head of BFSI Solution Design, Persistent Systems





