Uncovering hidden red flags in your due diligence reports

Whether you’re a fee earner or head of compliance, recognising financial crime red flags is crucial. Criminals naturally want to reveal as little as possible about themselves—whether that’s their true identity or false aliases—and hide their tracks. The only way to get the full picture is by conducting deep due diligence on them.

But compliance teams work in busy environments where heavy workloads and business pressure can seed the thought of shortcuts. The risk here is that compliance teams and fee earners won’t truly know the client. And that makes it hard to recognise anomalies in their behaviour or suspicious changes in instructions.

We discussed the risks of tick-box compliance in a blog here. We also introduced the process of Initial Due Diligence (IDD) to triage clients more efficiently here. Low-risk clients can be quickly approved and move straight into fee-earning work, while medium to high-risk clients can be escalated for further investigation. But it’s important to first understand the red flags to look for during Initial Due Diligence, which we’ll explore today.

The traffic light system for AML risk levels  

We’re all familiar with what traffic lights mean. Green means go, amber means be cautious, and red means stop. This simple approach is why many law firms use it to rate the severity of risks tied to a client or transaction. High-risk (red) cases are flagged for immediate and thorough investigation. Moderate-risk (amber) cases receive closer scrutiny. Low-risk (green) cases proceed with minimal oversight. By categorising risks in this way, compliance teams can take quick and decisive action. It also aids in regulatory compliance by ensuring all clients uniformly undergo assessment. 

How Initial Due Diligence can inform AML risk levels

TenIntelligence analysed 500 due diligence reports and found that 38% were rated as “Moderate Risk” and 6% as “High Risk.” While high-risk cases may seem rare, they are the most important to look out for. The problem is that many firms dedicate their entire resources to all new clients as if they fall into that 6%. This leads to an overwhelming process. When researchers become fatigued, they fail to connect the dots and miss red flags. This was a concern highlighted by the General Counsel at Pinsent Masons in a webinar we hosted last year. Initial Due Diligence can help by providing an upfront view before full resources are invested. Compliance teams can quickly greenlight low-risk clients, saving time that would otherwise be spent on full Customer Due Diligence.

AML red flags to look for in due diligence reports

So what hidden red flags should compliance teams look for during Initial Due Diligence?

According to TenIntelligence, the most common red flag found among the 6% high-risk reports was adverse media. These sources revealed critical information about clients, such as news articles accusing them of corruption or uncovering family ties to various crimes, Politically Exposed Persons, or sanctioned individuals or companies. Other discoveries included undisclosed bankruptcies, litigations, insolvencies, and name variations.

Clients with connections to companies, entities, or individuals involved in crime or negative media should trigger this red flag. Even if a client has no recent criminal convictions, undisclosed past issues found online still need consideration. Ties to individuals known for unethical practices should also raise a red flag.

However, not all negative media is easily found or visible. This is a common challenge when manually performing due diligence and looking for adverse media. The most obvious starting point is a search tool like Google. But search engines cater to consumers, not to the needs of compliance teams. As search engines improve at connecting advertisers with consumers, they get worse at surfacing obscure, less-optimised information crucial to due diligence. Important articles can be easily missed when references to money laundering or corruption are buried deep in search results.

How Xapien helps you uncover hidden AML red flags

It’s important to note that risk is subjective. Our legal clients today make nuanced decisions when they conduct due diligence. This is especially true as more firms become Corp B certified or go beyond traditional risk typologies to include ESG risks. What firms cared about a few years ago is very different from today and will be different again in a year. Manual due diligence can’t keep up with this change, but AI technology can.

Xapien’s AI automates the manual research process across screening platforms, international corporate registries, and internet and media coverage, whether it’s in a blog, a company website, or a press release. This is all powered by advanced natural language processing technologies (NLP) that read, understand, and extract relevant information while discarding information that’s irrelevant to your subject. Importantly, everything is referenced down to individual phrases in sentences, which is crucial for using Xapien in a regulated context.

The result is a comprehensive due diligence report generated in as little as 10 minutes. Xapien summarises everything it finds into concise sections, providing an initial overview of a client’s risk profile. If red flags are identified, compliance teams can delve deeper into the report to gain a full understanding of the situation. 

Interested in learning more? Fill out the form below to connect with our legal team.