Transaction monitoring is a fundamental component of the risk-based approach to anti money laundering that banks and financial institutions in jurisdictions across the world are required to implement. When customers engage in activity that appears suspicious, financial institutions must be able to detect and address the potential money laundering threats in a timely, accurate manner and, if necessary, submit suspicious activity reports (SARs) to the authorities.
However, transaction monitoring often presents a significant compliance challenge and firms must think carefully about the sensitivity with which they set their monitoring thresholds. If the thresholds are too sensitive to suspicious behavior, the measures are likely to generate a large number of false positive AML alerts, with added time and cost burdens for the firm’s AML program. On the other hand, thresholds that are not sensitive enough run the risk of missing genuine criminal behavior, not alerting compliance teams and exposing a firm to the financial and legal penalties of noncompliance. Similarly, transaction monitoring thresholds often need to change and adapt quickly to cope with both emerging criminal methodologies and new AML transaction monitoring rules.
With AML inefficiencies and false positive alerts costing financial institutions an estimated $3.5 billion every year, transaction monitoring is a crucial AML consideration. Firms must think carefully about the parameters of their AML transaction monitoring thresholds and ensure the balance that they strike, between addressing their business needs and meeting their regulatory responsibilities, is appropriate.
In a risk-based system, firms may optimize their AML response by taking the following factors into account when developing and setting transaction monitoring thresholds:
The effectiveness of a transaction monitoring system depends on the data that it captures, however firms must balance the scope data coverage with the limits of their overhead costs. Since the primary focus of an AML program is to detect and prevent money laundering, data coverage and regulatory compliance should be the primary focus, but in order to manage overheads, firms can enrich that data in the following ways:
- Set out a fundamental set of transaction monitoring rules that match the known risks associated with their customers or financial products.
- Identify the type and volume of data that they need to support their transaction monitoring rules, including risk data, identifying information, general customer behaviors, and other relevant data sets. That data will also need to be refreshed at appropriate intervals.
- Introduce mechanisms and scenarios within the transaction monitoring system that allow compliance teams to apply rules based on contextual or emergent product and customer data.
Firms should set the thresholds of their transaction monitoring system in a manner that best serves their AML objectives. Practically, this involves:
- Customer segmentation: By segmenting customers into risk groups, firms can apply transaction monitoring thresholds that are appropriate to respective segments – as opposed to applying the same catch-all threshold setting to every customer on their books.
- Statistical analysis: Firms should perform statistical analysis to determine the effective threshold settings for given scenarios and customer segments.
- Tuning: Before threshold settings are implemented, firms should tune them to the types of AML risk they will face. Practically, this means performing dry-run AML scenarios to generate test alerts and tuning the sensitivity of the system accordingly.
Transaction monitoring settings should not be considered unchangeable aspects of an AML program. Prior to deployment, firms must conduct a number of essential testing activities order to ensure their transaction monitoring system is delivering the appropriate compliance results.
Those testing activities include system integration testing (SIT) to ensure the compatibility of transaction monitoring measures within an AML infrastructure, along with user acceptance testing (UAT) to gauge the effect that transaction monitoring has on the customer experience.
Firms may seek to establish a project manager, or project management office, to coordinate the development of a transaction monitoring system with other aspects of the AML process. A project management office allows compliance stakeholders to develop a holistic understanding of their transaction monitoring process as part of a wider AML infrastructure, and ensure that suspicious activity reports (SAR) are generated in a timely manner.
Artificial intelligence (AI) and machine learning models offer a range of benefits when setting and implementing AML transaction monitoring rules. By analyzing customer data and risk profiles, AI tools can help firms determine optimal transaction monitoring thresholds with a greater degree of accuracy – automatically segmenting customers, for example, based on an algorithmic analysis of available customer due diligence data.
In addition to the accuracy and efficiency benefits of AI, machine learning tools allow firms to use the data collected by transaction monitoring systems to respond to emerging and future threats. When a customer exhibits anomalous behavior for example, diverging from their normal transaction patterns, machine learning models within a transaction monitoring system would detect that change and trigger an AML alert. That alert could then be used to develop and inform new monitoring rules and adjust thresholds appropriately.
Setting effective transaction monitoring thresholds should be considered an ongoing process: as customer risk profiles, criminal methodologies, and regulatory environments change, so must the ways in which firms monitor for suspicious activity. To this end, firms must implement rules that are operationally effective which means that they must work quickly and efficiently within an AML infrastructure and be adjustable to suit the risk environment once they are deployed.
Similarly, firms should seek to develop their transaction monitoring systems within an AML culture focused on continuous improvement. This means that they should continually re-assess the effectiveness of the rules and thresholds that are used to generate alerts, checking that their risk assumptions are still safe, updating or replacing old technology, and adapting to new compliance regulations as they are introduced.