Training for financial crime analysts ranks as their biggest challenge. That’s according to a recent survey conducted by Authentic8 and the Association of Certified Financial Crime Specialists (ACFCS), where nearly a third (28 percent) of respondents listed training to keep up with evolutions in criminal tactics, techniques and procedures (TTPs) and technology as the biggest organizational challenge to online investigations. Surveyed analysts put the issue above budget constraints, workflow productivity tools, hiring/retaining staff and even the shift to remote work.
Training to keep up with compliance and regulatory changes ranked as the fourth biggest challenge, further highlighting the need for specialized training for financial crime analysts.
Why is Training for Financial Crime Analysts Such an Issue?
Financial crime analysts have special needs that traditional training apparatuses within their organization (e.g., HR, IT) aren’t equipped to deliver. Thus, they’re left to their own devices to fulfill their training needs, often without the time or adequate budgets to do so.
A lack of proper training can have considerable impact on analyst productivity and the quality of their investigations. In the same survey, declining or stagnant caseload productivity was present in more than half (57 percent) of organizations which could result in prolonged exposure to adversaries, compliance violations and monetary loss due to money laundering and the effects of reputational damage.
Training for financial crime analysts is available through a variety of third parties including industry associations like ACFCS and the International Association of Financial Crimes Investigators (IAFCI) among others as well as some vendors of investigative tools. When evaluating programs for training for financial crime investigation and its online research components, consider the following criteria:
- Does it match my expertise level? Some analysts may be new to the role and require a basic introduction to the practice of online investigation. Industry veterans, however, will need advanced lessons to hone their craft and keep up with the evolutions of sophisticated adversaries, cutting-edge technology or complex regulatory requirements.
- Does it include OSINT collection techniques from the open, deep and dark web? The training program should prepare analysts to follow a lead wherever it may go, ensuring that proper tradecraft, security and compliance measures are taken whether accessing the open, deep or dark web.
- Does it offer the tradecraft training I need? Tradecraft like managed attribution (disguising your online fingerprint so as to go unnoticed by targets) and other techniques should be core to the training provided, as well as sharing trends on criminals’ latest methods for carrying out financial crime
- Does it provide training for workflow best practices? Operational tasks like evidence collection, analysis, storage and collaboration with teammates and law enforcement should be included in the training as best practices to improve caseload productivity and investigation quality
- Does it fit my schedule? Training for financial crime analysts shouldn’t be a once-a-year intensive session. To continuously stay abreast with the latest trends and not distract from the core job function, I recommend carving out an hour each week to devote to continued training.
About OSINT Academy
Authentic8 offers a training program to its Silo for Research customers to continually educate analysts and investigators from a variety of commercial industries as well as the government sector. Financial crime analysts will find the self-paced training program useful to their role whether they’re at a beginner or advanced level.
The course covers the basics of intel collection and workflow to advanced techniques such as dark web investigations and utilizing artificial intelligence for OSINT collection. It also provides training on managed attribution, teaching attendees how to misattribute their user agent string (i.e., geographic location, browser, OS, etc.) to avoid tipping off targets that they’re under investigation. This skill is critical to protect the integrity of the investigation — as wise targets may start presenting analysts with disinformation — as well as the security of the analyst and their organization, limiting the risk of retaliatory cyberattack or real-world retribution.
Attendees of OSINT Academy will learn different techniques to match different use cases, and learn the latest in criminal TTPs, technology and regulatory requirements (the program content is updated regularly based on insight from training providers). And the training videos and quizzes make it easy to fit any schedule and to revisit courses where reinforcement or refresh is needed.