AML Transaction Monitoring: Challenges and opportunities

Banks are required to monitor transactions to detect suspicious transactions linked to possible money laundering, as mandated in Art. 20 of the FINMA AML Ordinance. Increasingly insurance companies are doing the same and implementing AML Transaction Monitoring (TM) as part of their anti-financial crime procedures. However, despite substantial investments in anti-money-laundering (AML) measures, many financial institutions struggle with inefficient transaction monitoring (TM).

Common problems we observe are:

1. High number of false positives affecting efficiency: A large number of generated alerts are closed as false positives. This drives up operational costs unnecessarily and leads to resources being wasted on investigating non-criminal activities.
2. A lack of effectiveness, as AML scenario selection is not risk-based: Many scenarios/rules are implemented because they are available in a vendor solution but without a solid foundation in an AML risk assessment, leading to under-monitoring in some areas and over-monitoring in others.
3. Overwhelming complexity: Modern AML TM solutions offer a myriad of adjustable parameters, and without a systematic approach the complexity can be overwhelming, as a result of which firms use factory settings which are usually not optimal for their specific circumstances.

In this blog mini-series we want to shed some light on these common problems and suggest how anti-money laundering transaction monitoring might be improved.
 

Elements of an AML Transaction Monitoring systems

To understand where some of the difficulties in AML TM originate, it is useful to begin by looking at the elements in a TM system.

The foundation for TM should be the AML risk assessment taking into account the products offered, the client base, geographical footprint and channels for interacting with clients. Industry standard TM systems use rules (also called scenarios) which generate an alert when certain conditions are met, for example if the sum of all transactions into an account over the course of a month from countries considered high risk is above a threshold amount of X.

Most rules will have a monetary threshold above which an alert is triggered, often combined with additional conditions (such as the country risk rating, as in the example above). The parameters also depend on client segmentation, for example distinguishing between retail customers, medium-size enterprises or large corporates, for which very different transaction behaviour is expected. Another relevant factor is the customer risk rating.

When an alert for a customer or account is generated, it is handed over to a case management system where an AML officer will review it and decide whether the alert warrants further investigation or whether it should be closed, as not being suspicious. Transactions and clients for which an alert leads to a concrete suspicion of money laundering are reported to the relevant authority as part of a Suspicious Activity Report (SAR). The interplay between all these elements is complex, and a detailed Target Operating Model is a necessary foundation for a successful AML Transaction Monitoring programme.
 

Typical issues in AML TM

While the individual elements of a rule-based AML TM system may appear simple, there are many issues which can lead to frustration.

• Lack of client segmentation: The absence of tailored client segmentation can result in certain client groups, such as retail versus corporate, being either under-monitored or over-monitored. This lack of differentiation impairs the effectiveness and efficiency of transaction monitoring, as it fails to account for the unique risk profiles associated with different types of clients.
• Disconnect between AML risk assessment and TM processes: A lack of alignment between AML risk assessment, scenarios, and the products covered leads to either under-monitoring or over-monitoring of money laundering risks. This increases both regulatory and reputational risks, as it fails to provide a comprehensive and accurate assessment of potential threats.
• Disconnect between transaction monitoring and the underlying business activity: A lack of synchronisation between transaction monitoring and actual underlying business activities can lead to a misinterpretation of transaction risks.
• Inability to respond rapidly to changing money laundering risks: Inflexible systems and processes cause slow response times to emerging risks or regulatory changes. This inability to adapt quickly undermines the effectiveness of transaction monitoring and increases vulnerability to evolving threats.
• Unclear data mapping: The rationales for the inclusion or exclusion of transaction types are often not well documented, leaving key stakeholders unaware of what is actually being monitored. This lack of clarity impedes transparency and understanding, reducing the overall effectiveness of the transaction monitoring process.
• Peer-driven scenario implementation: Some scenarios are adopted merely because peer organisations use them, rather than being based on specific risk analysis or to address particular risks. This undermines the effectiveness of transaction monitoring by failing to tailor scenarios to the unique risk profile of the organisation.
• Lost in complexity: An in-depth business knowledge and system expertise is needed to find the right balance between too many and too few adjustable parameters when setting up monitoring scenarios. A wrong choice may lead to monitoring being either too rigid or having too many parameters, with the risk of excessive complexity.
• Non-data driven calibration: TM thresholds and scenarios are often not calibrated based on data. Each financial institution should set their thresholds based on the typical transactional behaviour of their various client segments, in order to detect suspicious transactions efficiently. Inefficiencies lead to an excessive number of false positive results, driving up costs and wasting resources.
• Tunnel-vision due to vendor out-of-the-box solutions: Considering only the list of rules provided by a vendor solution as potential answer to each identified AML TM risk leads to a narrowing of vision. Other means to address a certain risk may be missed.

In the following parts of this blog series on AML transaction monitoring, we will discuss how financial institutions can optimise their transaction monitoring to increase effectiveness and reduce costs.
 

Authors

• Dr. Madan Sathe, Partner, Forensic & Financial Crime
• Dr. Karl Ruloff, Director, Forensic & Financial Crime
• Oliver Story, Senior Manager, Forensic & Financial Crime
• Konrad Schwenke, Senior Manager, Forensic & Financial Crime