The Comprehensive Guide to Transaction Monitoring
New attack vectors, criminal methodologies, and regulatory requirements are constantly moving the goalposts and changing the way that firms comply with their obligations.
To detect and prevent financial crimes such as money laundering and terrorist financing, businesses must work hard to understand the financial activities of their customers by implementing transaction monitoring — a key component of a wider anti-money laundering (AML) and combating the financing of terrorism (CFT) framework.
What is transaction monitoring?
AML transaction monitoring is the process that helps financial institutions detect and prevent money laundering and other types of financial crime. Information that’s gathered during transaction monitoring is mostly used to meet obligations under AML and CFT laws, for filing suspicious activity reports (SARs), and to inform decision-making.
Transaction monitoring is important because compliance with financial regulations is non-negotiable. Firms can face significant fines for not detecting and reporting any transactions tied to illegal activity.
Transaction monitoring activity is becoming more common and more visible to end-users. Unusual or high-value purchases may require approval via mobile banking or request a one-time password sent to a customer’s phone or email address.
Although transaction monitoring methods will vary between different firms and tools, they all work to do the same thing — to identify suspicious activity, assess risk levels, and make predictions about the future.
Who needs transaction monitoring?
Any firm operating in the financial sector should be conducting it as a part of its day-to-day operations, including:
- Digital banks and neobanks
- Money transfer companies
- Crypto platforms
- Accounting, legal, and real estate firms
- Insurance firms
How do regulated companies monitor transactions?
While regulated companies are invariably obligated to carry out transaction monitoring, they’re mostly free to decide how to carry it out and manage it. There is little clear guidance from regulators and defined requirements are uncommon.
They will often carry out transaction monitoring with a mixture of manual processes and automation, using various tools and tech-led solutions to ensure the best possible results.
Here’s our brief step-by-step instructions on how you can achieve comprehensive transaction monitoring:
1. Assign a risk value — Different clients will represent different levels of AML risk depending on current and historical factors, such as industry and location.
2. Create risk-based rules — Based on the risk value, financial institutions should assign specific rules for each category. These rules should be dynamic and customizable.
3. Set up alerts — When your AML rules are breached, an alert should be issued. This doesn’t mean that illegal activity has occurred but rather that a review is necessary – you can find out more about these alerts on our solutions page
4. Assign your compliance team — Once an alert has been triggered, the transaction may be put on hold, pending further investigation by compliance or risk personnel.
5. Create a Suspicious Activity Report — If evidence of a financial crime is detected, a SAR should be created. The transaction in question should also be reported to the relevant Financial Investigation Unit (FIU).
The risk-based approach
Although regulated companies are free to curate their own transaction monitoring processes, the Financial Action Task Force (FATF) recommends that they should take a risk-based approach.
In practice, this requires businesses to perform assessments on individual customers and then respond in proportion to the risk that they present. Transactions involving higher-risk customers might be subject to more stringent monitoring while lower-risk customers will be looked at with less scrutiny.
In addition to the above steps, a risk-based approach might also be supported by additional measures and controls such as:
- Customer due diligence — Businesses should verify their customers’ identities by conducting due diligence checks, such as collecting names, addresses, dates of birth, and more.
- Adverse media monitoring — Risk level can be informed by external factors, such as a customer’s involvement in adverse media stories in both print and online sources.
- Sanctions screening — Regulated businesses should screen their customers against sanctions and watch lists to avoid doing work with sanctioned entities.
What can transaction monitoring detect?
A thorough and comprehensive transaction monitoring program can detect:
- Money laundering — Where a person or business secures money through illegal activities and then undertakes a series of actions to hide its origin. This is often carried out via a three-stage process: placement, layering, and integration. First, money is deposited in a business (placement) and then accounting techniques are used to cover it up (layering) before it is used for other payments (integration).
- Terrorist financing — This is the act of providing financial support to individuals or groups involved in terrorism. Most regulated businesses have a list of organizations that they monitor on an ongoing basis for terrorist activity, and the FATF Blacklist includes a list of countries that are designated as non-cooperative in the global fight against terrorist financing.
- Fraud — Fraud is when one or more parties intentionally deceive another. When it comes to finances, fraud usually involves things like identity theft, false insurance claims, and dump schemes.
- Bribery and corruption — Transaction monitoring can be used to detect potential bribery situations by looking out for specific indicators, such as abnormal cash payments and expense payments made in round sums.
Automated vs manual transaction monitoring
AML transaction monitoring is generally automated by using software tools or cloud-based platforms. It’s becoming increasingly rare for financial institutions to rely solely on their own internal compliance teams for transaction monitoring coverage.
This is because automated transaction monitoring is superior to laborious and time-consuming manual transaction monitoring processes. Attempting to conduct manual transaction monitoring is invariably a costly mistake, especially since humans have a much greater capacity to make errors than purpose-designed software. And given the stance of regulatory bodies on firms’ compliance obligations and their low tolerance for breaches, financial institutions should be doing everything they can to reduce the potential for mistakes to be made.
That said, there are still some manual elements to automated transaction monitoring that play an important role in the overall process. For example, an automated transaction monitoring tool may flag a transaction as suspicious for a human employee to look at and determine if it needs further investigation or if a SAR needs to be created. Real people are needed to ensure that any automated tools are working as intended, after all.
What are suspicious activity reports?
SARs are an important part of the transaction monitoring process.
When a suspicious transaction is flagged, it is the duty of the regulated business to report it to the relevant authorities. In most countries, this is managed through the submission of SARs, which are forms that are sent to the authorities each time a new suspicious transaction crops up. They are very important, and relevant employees must know when and how to complete SARs, and how to file them in line with regulatory requirements.
The exact rules depend on the jurisdiction, but firms generally have 30 days to do their own initial work and submit a SAR once the suspicious activity has been detected.
Scenarios that might cause a SAR to be submitted can include unusual transactions, transactions over a certain value, and large cash deposits. SARs can also be submitted if employees have engaged in suspicious behavior; they’re not just for customers.
Transaction monitoring challenges
Transaction monitoring is not without its challenges. Here are some of the more common ones faced by regulated businesses and financial institutions when deploying transaction monitoring processes.
1. False positives
These are by far one of the main challenges faced by regulated companies whe implementing internal transaction monitoring tools. False positives arise when a rule is defined in a way that causes legitimate transactions to be flagged as suspicious, and they can lead to increased labor expenses and cause analysts to be distracted from focusing on real suspicious transactions that require their attention.
2. Speed and anonymity
Online transactions give criminals a degree of anonymity that they wouldn’t have with in-person transactions. This might lead to high-risk customers being able to conceal their identities when conducting transactions and subvert transaction monitoring efforts.
Criminals can also leverage the speed of online banking services to quickly move money between accounts and across different jurisdictions while flying under the radar of AML/CFT controls.
3. Trying to capture all eventualities
There’s a real temptation to try and use transaction monitoring software to capture every possible suspicious transaction, and firms often try to do this by creating a huge list of rules and scenarios. This can have a detrimental impact, however, as too many rules and scenarios make it difficult to maintain context which can lead to even more false positives.
It can also become difficult to manage the different scenarios and rules and determine when and how analysts should use them. This is inefficient and may cause gaps in AML transaction monitoring, leading to real cases slipping the net.
Keep reading to find out
So far this has been a primer on the complexities of transaction monitoring, but the issues go far deeper and are heavily specialised for every industry. There are unique demands for each business that needs to conduct transaction monitoring. Click onto the section below to uncover the requirements for your business.