How firms can de-risk transaction monitoring

Many firms believe risk-based transaction monitoring means stricter rules, more alerts  – and more costs. Yet is this really true, or could this approach be costing firms in unexpected ways? At ComplyAdvantage, our implementation and customer success teams support our customers firms to show them how a more finely targeted approach can reduce excessive alerts, cut costs, and actually catch more illicit activity.

In this webinar, ComplyAdvantage Technical Lead Oscar Hazelaar discussed how the right approach to risk in transaction monitoring could also reduce costs. Based on his thoughts, this article explores how firms can find the “Goldilocks Zone” – where cost-effective monitoring is also risk-based. 

Transaction monitoring objectives

When done properly, transaction monitoring ensures regulatory compliance by addressing the risks a firm needs to cover based on its enterprise-wide risk assessment (EWRA). It helps firms detect behavior indicating that financial crime might be occurring. A risk-based approach means implementing rules that capture well-known financial crime red flags as well as a firm’s industry-specific risks. A transaction monitoring system should also be calibrated to protect a firm’s client base – not only detecting high-risk individuals, but also potential victims of financial crime. 

Defining success in transaction monitoring

What does success look like in transaction monitoring? Three key factors stand out: 

1. Its rules align with regulatory requirements and industry best practices. A risk-based approach builds rules around a firm’s regulatory requirements, as well as scenarios that address risks unique to its products or industry. For example, an exchange in the crypto space should be confident that it can detect when someone is moving fiat currency to and from its system without changing it into cryptocurrency. This might indicate money laundering. 
2. Its rules are driven by a firm’s risk data. Rules are important, but they cannot detect risk alone. It’s also crucial to factor in customer risk. This allows a firm to apply additional due diligence to riskier customers – while ensuring lower-risk customers are not unnecessarily impacted and can do business smoothly with the firm. 
3. It can access and take advantage of comprehensive data. Many firms sit on a wealth of customer insights and data that they can use to drive their solutions. One use case centered around ATMs, where a firm wanted to detect if a specific customer (of retirement age or above) was withdrawing repeated high-value transactions. This was a potential sign of elder abuse. The firm factored in their customers’ date of birth and age, using this knowledge to expand their transaction monitoring coverage beyond a standardized scenario.
4. Its rules are operationally effective. As a firm deals with transactions and scales its products, its solution should allow it to process alerts effectively without overwhelming backlogs. An overzealous transaction monitoring solution can create a difficult workload to manage and becomes hard to justify from a cost perspective. A robust solution is designed to respond to historical data and reduce future false positives. 

The consequences of ineffective transaction monitoring

An ineffective transaction monitoring approach can fail to detect financial crime and may even enable it. What might cause a firm not to miss potential criminial activity despite having a transaction monitoring solution? 

1. Inadequate transaction-monitoring rules. First, it might be that the behavior a firm failed to detect was not actually covered by its rules. Perhaps a crucial approach or angle was not considered when the transaction monitoring solution was set up. Alternatively, a rule might have been set up to detect a particular behavior but failed to capture it. 
2. Scenarios and rules that generate a lot of alerts. This occurs when a firm’s coverage is overly broad, which can create false positives. Repeated false positives from specific rules could encourage outright dismissal of future alerts – even if it sometimes captures true behavior that requires investigation and reporting.

What are the costs of ineffective transaction monitoring?

Operational strain

An imprecise transaction monitoring solution can create the need for a larger team to avoid alert backlogs. But increased headcount is not always manageable – especially in newer firms that don’t have the necessary resources. Nor does headcount alone guarantee a risk-based process: teams need the right tools to detect risk. The resulting inefficiencies can impact team morale. Large backlogs can create overwhelm, especially when reviews constantly reveal false positives. The extra strain can create a string of negative impacts in the long term, from burnout and analyst turnover to missed risks and even regulatory fines. 

Reputational damage

A poorly-implemented transaction monitoring solution can also result in reputational damage. On the one hand, this can occur if a firm operates too stringently relative to its risks – which is common soon after a new product launches. If a firm’s rules are too broad from the start, this could impact customer experience and first impressions. Although it’s essential to have a solid transaction-monitoring solution in place from the beginning, broad rules do not necessarily detect more risk. Instead, effective systems should capture a firm’s tailored risks. 

On the other hand, controls that are too lax can also result in missed suspicious activity.  For example, failure to detect a compromised customer account could negatively impact a firm’s reputation and any product involved. Not basing transaction monitoring on risks can result in a failed audit, particularly if a lack of controls is found to have facilitated financial crime. It can also result in regulatory penalties and bad press. Over the past few years, there’s been a lot of attention on organizations implementing poor compliance practices. Transaction monitoring is very much a part of this.

The Goldilocks zone: Balancing costs and coverage

How can firms work on a more effective transaction monitoring solution while managing costs? IA successful solution balances the need for comprehensive coverage with an organization’s operational requirements. Traditionally speaking, transaction monitoring solutions lean toward broader and more costly coverage out of an abundance of caution. And indeed, in a constantly-changing regulatory landscape, capturing and reporting as much potentially suspicious behavior as possible could be seen as a way to avoid regulatory fines and other risks. 

But again, broader coverage is not necessarily risk-based. A more effective approach – which can also be more cost-effective — is to assess a firm’s unique risk with a regularly-updated enterprise-wide risk assessment (EWRA). This allows firms to conserve resources in areas that are not significant risks for them, while targeting strategic investment in their riskiest areas.

ComplyAdvantage works with firms to increase a risk-based level of accuracy, working to target relevant behavior. This can help reduce overhead costs while keeping the primary focus on risk-based and effective transaction monitoring. 

So how can a firm achieve the right balance? Here are the steps we generally follow with clients.

• Start with a base set of rules. This can be determined based on rules a firm may have implemented previously – or that other members of their industry recommend. 
• Compare those rules with known operational and industry risks. This can be broken down into three steps:
  • At the base level is a firm’s customer risk data, gathered at onboarding, establishing that the individual onboarded is who they say they are. This information includes where the customer is located and typical behavior and activity – such as products that they’ve purchased and used regularly. This data can then be used to create a risk rating to drive transaction monitoring rules. 
  • The next part is to identify subgroups within a firm’s customer base. A straightforward example would be the difference between individual and corporate customers: as their behavior will be very different, they must be monitored differently. If firms monitor both with the same rule set, they’ll fail to cover at least one of those groups effectively, and alerts will not be risk-based. 
  • Lastly, a firm can use any additional information gathered at customer onboarding within its transaction monitoring product. For example, say a firm’s customer announced ahead of time how much they planned to use its service. The firm can use that information as part of its transaction monitoring rules to continuously verify that the customer is sticking to what they initially said. 
• Introduce rule-refining mechanisms based on this information. For example, a threshold-based rule may need to differentiate between a firm’s corporate customers and its individual clients. Similarly, a firm may want to compare customers in a specific industry to others previously onboarded in the same industry. If a new customer’s average transaction volume exceeds the norm for the industry’s customer base, there may be a red flag to investigate. 
• Keep optimizing after deploying the first solution and establishing the first rule set: 
  • Verify any assumptions (such as customer risk level) made while planning for accuracy and effectiveness against the data going through the system. 
  • The setup should change with the product as the firm grows and adds additional products or services. The transaction-monitoring solution must be flexible enough to accommodate new types of transactions, volumes, or patterns without inflicting excess work. 
  • The solution should keep up with continuously-changing regulations – and, ideally, should be designed around continuous regulatory change.

How ComplyAdvantage helps clients maintain continuous improvement

At ComplyAdvantage, we take several steps to help customers continue improving their transaction monitoring solution: 

• Assess: How is the System Performing?

This involves more than just looking at how many rules are triggering for certain types of transactions. We drill down, investigating where those hits are coming from. What type of customer is generating these alerts? How are these rules triggering, and what was the outcome of our customers’ reviews? If we see that specific types of alerts are repeatedly flagged as a false positive – or no action was taken – we then ask: is this as expected? Is this repetitive alert part of planned checks and balances, or do adjustments need to be made? 

• Share Insights & Observations

We then discuss the insights and patterns our analysis has revealed with our customers. This opens the way to talk about changing the existing rules to better accommodate real-life transaction volumes. This is an ongoing discussion because we continually find new insights and transaction monitoring approaches.

• Determine Which New Scenarios to Address

Based on the information and insights discussed, we work with clients to determine the best way to address new scenarios. When implementing transaction monitoring rules, it’s natural to think in terms of capturing certain behaviors. But it’s important not to stop here, as other elements may also contribute to false positives or negatives. For example, moving beyond hard-coded transaction thresholds, what’s the average transaction volume for specific customer groups? 

• Design for Continuous Improvement

Taking the time upfront to design an agile system will pay off in the long run. The more time firms can invest upfront to design a solution that effectively facilitates change, the easier it will be to maintain and improve over time.  In contrast, if a solution is only designed to monitor one type of transaction, firms can encounter problems when incorporating inevitable new scenarios, leading to overly complex money flow representations. Well-planned solutions will allow firms to self-manage many rule changes and additions, reducing the need to submit third-party requests for routine adjustments and improving efficiency.

Key takeaways

Firms looking to optimize their transaction monitoring solutions should focus on three key areas. If they partner with an existing provider, they may want to consider whether the vendor will walk alongside them to address these three areas. If not, they may want to consider a provider that will focus on these areas with them.

1. Find the “goldilocks zone” where risk-based coverage and cost efficiency overlap. Instead of seeing cost-effectiveness as competing with risk-based coverage, consider them as two sides of a coin. While effective transaction monitoring requires real investment, a risk-based approach is not always the most expensive. Rather, indiscriminately broad or lax coverage can negatively impact cost as well as risk. A solution that instead targets a firm’s unique risks will not only catch more but also reduce wasted spending on excessive measures, repeated work, damaged reputation, staff turnover, and regulatory penalties. Risk-based approaches are generally more cost-effective.
2. Tailor transaction monitoring around firm-specific needs and risks. This should be driven by internal information, including a recently-updated EWRA. No one client has the same data available – or works in the same way. Firms might share general scenarios, but their approach to each should be tailored around the specific risk that comes from where they’re located, what regulations are in place, and the types of clients they have. There’s no such thing as a run-of-the-mill solution. Each solution should work for the individual firm and its product. 
3. Design an agile solution that changes with the firm. An ineffective transaction monitoring solution falls behind a firm’s product constantly. Ideally, firms should think ahead and proactively anticipate upcoming risks and obligations. Each firm’s product should be designed ahead of time to allow it to implement those changes quickly.