Transaction monitoring is a must for every financial institution in today’s fast-paced world, but the process itself is often filled with mistakes that can be avoided if the right conditions are applied and implemented in the compliance process.
Transaction monitoring solutions play an important role in the anti-money laundering and countering the financing of terrorism (AML/CFT) programs of financial institutions and other obliged entities, including virtual asset service providers. Read here for a brief introduction to what transaction monitoring is and its role in protecting the institution from financial crime.
However, the European Banking Authority’s very recent report on the ML/TF risks associated with payment institutions worryingly shows that many AML/CFT supervisors have identified a widespread problem in financial institutions of “failure to monitor transactions in a meaningful way <…>, with transaction monitoring systems deficient or not in place at all”.
This deficiency hampers the ability of the financial sector to identify unusual transactions and to report suspicious activity in a timely and accurate manner, as well as to provide good quality suspicious transaction reports (including cases of “defensive reporting” and reporting with serious deficiencies in data accuracy and completeness). As a result, Financial Intelligence Units (FIUs) are burdened with large volumes of data files that need to be processed but provide little or no value in terms of actionable intelligence.
The puzzle of transaction monitoring has long been an issue in the financial marketplace, as there is no foolproof solution for identifying suspicious patterns, while at the same time the expectations of regulators continue to grow.
In order to find out how obliged institutions address the challenges of transaction monitoring, AMLYZE conducted a survey, from December 2022 to February 2023, compiling insights of more than 50 compliance and AML officers, mainly from the EU region.
The survey covered a range of regulated entities, from credit institutions, payment, and e-money institutions to virtual asset service providers. These entities represented a range of sizes, ensuring a comprehensive representation of the transaction monitoring landscape across different sectors and business sizes.
Here are some of the key conclusions from the survey that, if followed, could significantly improve the transaction monitoring process.
- Enterprise-wide risk assessment is often treated as a separate exercise that does not influence the development and implementation of transaction monitoring scenarios and rules.
Do you update your scenarios library after performing your ML/TF own-risk assesment (EWRA)?
More than half of the respondents said that enterprise-wide risk assessment is either not used or only sometimes used to update the transaction monitoring scenario library.
Enterprise-wide risk assessment should be used, inter alia, for customer segmentation, which further facilitates the creation of transaction monitoring rules and scenarios. The results of the enterprise-wide risk assessment should inform the design of transaction monitoring rules and scenarios. By aligning these elements, institutions can ensure that their transaction monitoring efforts are focused on identifying and mitigating the specific risks they face.
Failure to integrate the findings of enterprise-wide risk assessments into monitoring rules and scenarios can lead to inefficiencies and deficiencies in the monitoring process. It can result in a monitoring system that is either too broad, generating excessive false positives, or too narrow, missing relevant suspicious patterns for a particular group of customers to whom the financial institution (or other regulated entity) provides its services.
To address this concern, institutions should establish a robust framework that links the findings of the enterprise-wide risk assessment process with the development of transaction monitoring (addressing the different customer profiles, geographical areas, product types and service channels), including the ongoing enhancement of monitoring considering emerging risks.
- A significant number of respondents do not incorporate continuous testing of monitoring rules and scenarios.
How often do you test and update your monitoring solutions/tools?
It is worrying that more than half of respondents do not have a robust process for ongoing testing and updating of transaction monitoring solutions.
Ongoing transaction monitoring testing is not only a regulatory requirement in certain countries (e.g., Lithuania), but also a critical element in ensuring the effectiveness and efficiency of monitoring rules and scenarios. By regularly assessing and validating the performance of the applied rules and scenarios, institutions can identify gaps, refine rule thresholds, and optimize the transaction monitoring process by reducing the number of rules and scenarios that generate too many false positives.
Institutions should establish a comprehensive framework for continuous testing of transaction monitoring solutions by implementing a schedule and methods for ongoing testing of monitoring rules and scenarios to ensure their effectiveness and efficiency. This may include the use of historical or simulated data to assess the performance of the rules, using methods such as above-the-line, below-the-line to adjust thresholds where necessary.
- Most respondents do not use internal intelligence gathered as part of their transaction monitoring cycle to improve their transaction monitoring process.
Do you use the outcomes of internal investigations for the transactions monitoring scenarios development?
Internal intelligence, such as findings and insights from internal investigations, provides valuable information on emerging risks, modus operandi of money launderers and new typologies that can be incorporated into the monitoring framework. By using internal intelligence, institutions can improve their ability to detect and identify suspicious transactions and adapt to evolving risks.
To address this shortcoming institutions should establish mechanisms to capture and analyze internal intelligence, such as the results of internal investigations or other relevant sources of information. Use these insights to identify patterns, trends, and emerging risks, and incorporate them into the monitoring rules and scenarios.
By implementing all the above measures, institutions can strengthen their transaction monitoring practices, improve detection capabilities, and adapt to emerging risks. It enhances the overall effectiveness of the AML/CFT program and supports the timely and accurate reporting of suspicious transactions.
If you are interested in more results of the survey, please download the full AML Readiness report here.
