BioCatch blog channel

Browse topics

When bad data undermines the best anti-financial crime strategy

Written by:

Nicolas Strömbäck

When bad data undermines the best anti-financial crime strategy featured image

In BioCatch's 2025 Dark Economy Survey, 68% of practitioners said their firm spends $10 million or more annually on financial crime detection technology. And half of them said they’d like to spend more. But this begs a critical question: Is it worth investing in technology before addressing data quality? Or should technology be part of a broader journey to better data?

I've worked as an attorney and anti-money laundering (AML) practitioner for years and I’ve seen issues with data quality play out across the industry many times. Research is conducted, the right stakeholders are engaged, and a business case is built. Yet, the intended outcome often proves impossible to achieve due to flawed underlying data.

Whether it’s a legacy system that no longer meets today’s evolving fraud landscape or a newly acquired platform that’s poorly implemented, the result is the same: Without good data, the best tech in the world can’t deliver what it promises.

Data quality: The foundation of financial crime prevention

High-quality data is imperative in fighting financial crime. Firms are required to process and analyze vast amounts of data, ranging from customer due diligence (CDD) to transaction monitoring and beyond. When this data is inaccurate, outdated, or incomplete, the entire AML program suffers.

Take AML-risk assessments, for example. If the underlying data is poor, the assessment loses its value. It can no longer identify or measure inherent and residual AML risks. Without that clarity, it becomes impossible to create proportionate routines and guidelines for managing financial crime. This opens up the firm to regulatory scrutiny and penalty fees — or worse, losing its license.

Low-quality data also complicates potential investigations. Missing or incorrect data can cause firms to handle CDD-demands incorrectly or assign customers the incorrect risk classification. It can also lead to the mishandling of alerts, false positives, and other issues that impact investigations. In turn, it becomes a massive drain on resources, as teams spend valuable time managing problems that could have been avoided with proper data governance.

Interestingly, good data quality isn’t just good practice. It's essentially a regulatory demand. The European Banking Authority (EBA) guidelines on money laundering and terrorist financing risk places a strong emphasis on reliable and independent data, both in identifying customers and in using technology for verification. It states, for example, that “firms should verify their customer’s identity and, where applicable, beneficial owners’ identity, on the basis of reliable and independent information and data,” and that “firms should set out in their policies and procedures which information and data they will treat as reliable and independent for CDD purposes.”

Regarding the use of innovative technology for identity verification, the EBA guidelines note: “Firms should make sure that this evidence is based on data or information from reliable and independent sources.”

Legacy pain and data ownership gaps

Despite this guidance, I’ve often seen firms fail to prioritize data quality. In many cases, the root cause is legacy systems, where the cost and resources of replacement delays action.
In other cases, systems are so interdependent that fixing one issue creates three more. I’ve had many meetings where tech teams simply sigh in resignation, knowing the uphill battle they face. In some cases, it’s taken firms close to a decade to sort out data issues.

What’s missing in many firms is true data ownership. Solving these problems requires a data governance model with real accountability, ideally sitting with someone like the head of IT, or another role with the authority and visibility to make meaningful decisions. Without that ownership, data quality will always be “someone else’s problem.”

A smarter way forward

Poor data quality doesn’t just impact compliance. It undermines the effectiveness of any technology investment aimed at preventing financial crime. Before buying that brand new system, firms need to conduct a data quality risk assessment. Its results should then be used to create a strong data governance model that addresses gaps in data quality, be it system-related or human error.

Only once this foundation is laid can firms truly unlock the value of innovative technology in financial crime management. Without it, even the most sophisticated tools will fall short and may ultimately become just another sunken cost.

Recent Posts

Why banks need more than a face to fight fraud Fraud Prevention
August 13, 2025 Why banks need more than a face to fight fraud
Read article
BioCatch earns top spot in 2025 SPARK Matrix for Behavioral Biometrics and Device Intelligence Behavioral intelligence
August 07, 2025 BioCatch earns top spot in 2025 SPARK Matrix for Behavioral Biometrics and Device Intelligence
Read article
Is risk culture in the Nordics impacting financial crime prevention?
August 07, 2025 Is risk culture in the Nordics impacting financial crime prevention?
Read article