The Complete Guide to Transaction Monitoring: Everything to Know

There is a lot of information to digest when it comes to transaction monitoring for AML compliance and beyond. In this guide, we'll take a deep dive into everything you need to know.


In 2021, regulators issued billions of dollars in AML-related fines to financial institutions. However, these institutions could have avoided many of these infringements if their anti-money laundering operations were effective and compliant. Worrisome statistics like this are why transaction monitoring has become a necessary task for risk and compliance teams within the financial industry. 

Because criminals continue to use more advanced tactics to breach security measures, financial services businesses must adopt a process for keeping an eye on suspicious transactions. This, of course, is no simple feat – but it can and must be done to combat the craftiness of today's fraudsters.

Here, you'll find a comprehensive transaction monitoring guide that contains in-depth information about what transaction monitoring is, who needs it, best practices for efficiency, and the different types of software that your business can benefit from, all so you can build a compliant, effective transaction monitoring system for AML. 

So, what is transaction monitoring, and how does it help institutions fight financial crime

Let’s explore.


What Is Transaction Monitoring?

Transaction monitoring is the practice of proactively and reactively identifying outlier events such as payments or business arrangements using rules and data to flag these suspicious transactions for manual review. 

At its core, that act of transaction monitoring is an essential and required practice for organizations that move money on behalf of customers or businesses. It aids in preventing terrorist financing, money laundering, and other malicious financial crimes that cause challenges to security and safety across the globe.

Due to rising rates of money laundering and the implications of related financial crime, governments have cracked down on organizations that aren’t effectively preventing this sort of behavior by passing legislation to hold businesses and people in power at these businesses accountable. 

Those found to be non-compliant with the anti-money laundering regulations are not only heavily fined, but they also must deal with the negative connotations that result from negligence in this arena.

As a result, financial businesses are expected to create robust AML strategies, and over recent years, transaction monitoring has become a significant part of AML operations. 

Here’s an example: suppose you run a bank and you don't have a transaction monitoring plan in place. In that case, it means that suspicious transactions may occur before anyone ever notices, which might cause a noticeable loss in funds from a customer’s account. 

The customer would lose trust in the bank, place blame on the institution, and report the incident to the government and seek retribution. Your bank would be fined, you might be held personally responsible, and your business would likely be in jeopardy as no one would want to bank with you anymore out of fear that the same thing might happen to them.

You can see why it is crucial for businesses that deal with people’s money to have a system for monitoring suspicious transactions in place. 


What Is Transaction Monitoring in AML?

Transaction monitoring in AML is when a business specifically looks at transactions that might indicate money laundering (versus some other form of financial crime). 

It is the responsibility of the business to ensure their services aren’t being abused for cleaning illicit funds, so AML transaction monitoring is used to help the company gain insight into customer purchasing activity.

Typically, compliance analysts will use a set of rules to determine if a transaction might be suspicious. The type of information monitored includes:

  • Deposits made to personal and non-personal bank accounts
  • Money transfers
  • Withdrawals the customers make

Because of the advancement of technology, most companies have begun to depend on automated software to enact these rules. Once set up, the software will analyze transaction information automatically, flagging suspicious transactions for analyst review. 

Such automated solutions help businesses stay compliant with AML regulations much more efficiently than the manual transaction tracking of the past.

Anti-Fraud vs. AML Transaction Monitoring

When it comes to transaction monitoring as a whole, AML transaction monitoring is a very specific use case for the practice. Transactions can be monitored to uncover other types of financial crimes that aren’t necessarily related to money laundering.

Anti-fraud transaction monitoring uses similar processes and concepts, but it applies more broadly to any type of fraud that may occur. Also, the responsibility to mitigate fraud losses typically falls on a different department than AML compliance.

Anti-fraud departments are overseen by CROs (or chief risk officers). In contrast, a CCO (or chief compliance officer) manages the AML transaction monitoring department. While both departments perform similar duties, they are often structured differently.

Both departments determine patterns that lead to fraud and money laundering. Each has a system to investigate and notify the financial institution when red flags alert the system. However, the red flags and rules to generate them can be different.

What Does AML Transaction Monitoring Detect?

As mentioned before, transaction monitoring is a process used by financial organizations to monitor all events associated with customers' accounts. This practice includes monitoring all buying patterns and the money flowing in and out of the accounts.

Here's more information about what AML transaction monitoring detects. 


Money Laundering

Money laundering is when a person secures a sum of money through illegal activities, then takes several actions to hide where the money originally came from. Money laundering is used in large-scale crimes such as fraud rings, drug trafficking, and terrorism.

When money is obtained through money laundering, the money is considered "dirty." However, when it's laundered, this is the act of making money clean for use again.

We can break this process down into three stages: placement, layering, and integration.

First, the criminal takes the 'dirty' money and places it within a financial institution (placement). They will then use several bookkeeping techniques to cover up the infiltration of the dirty money (layering). Then, once the money has successfully made it into the financial account, it's withdrawn and used for other illegal activities (integration). 

If depositing the money into a financial institution isn't going to work, the option of using a shell company presents itself.

A shell company is a business that is seen as legitimate and operational on paper, but is primarily used as a cover for illicit activities. Criminals might also choose to use the money to invest in assets that they can sell later, like cars, real estate, or yachts.

Terrorist Financing

Terrorist financing is the act of providing financial support to terrorist individuals. When you take time to review the money laundering laws of most places, there are also details incorporated about ways to fight terrorism financing.

Institutions have gone as far as to create a list of organizations that are being monitored on an ongoing basis for terrorist activity. In addition, each country has its list of organizations it deems as terrorist threats. 

For instance, the Financial Action Task Force (FATF) Blacklist is a list of countries deemed non-cooperative in the global effort to fight against financial crimes such as money laundering and financial terrorism. 

This list is created with the hope that it will encourage countries to create and sustain better financial regulations and establish a universal set of AML/CFT standards. 

Fraud

Fraud is when one or more parties intentionally deceive another party. There are several types of fraud, including wire and securities fraud.

When it comes to finances, specifically, fraud can occur through:

  • Identity theft to gain access to a person's finances
  • False insurance claims to receive an insurance payout
  • Dump schemes

Transaction monitoring tools are in place to prevent fraudulent activities like these from occurring. 

Drug Trafficking

The drug traffic market is currently worth between $426 and $652 billion, becoming a growing problem. Drug trafficking encompasses everything that has to do with drugs, from manufacturing to selling them.

Several laws are in place that carry hefty fines and prohibit drug trafficking, but it continues to plague several parts of the world and is a leading reason why criminals need to launder their money.

Bribery

Bribery is when someone offers another person money to influence a decision they're going to make or persuade them to alter a situation. In many cases, bribery happens so that some truth isn't uncovered, such as evidence in a court case, but it also occurs when two parties can equally benefit, leaving the organization as the victim.

Transaction monitoring software can be used to detect instances of bribery as there are specific indicators that can signify bribery like:

  • Abnormal payments in cash or lavish gifts being given/received
  • Excessive expensing of payments 
  • An individual insisting on working with specific contractors or vendors
  • Agreeing on vendor contracts that are not favorable to the organization

Corruption

When people in higher positions exhibit bad behavior and make poor decisions based on dishonesty, it's known as corruption. 

Corruption usually occurs in several forms, including:

  • Under the table bribes
  • Accepting bribes
  • Accepting gifts to make certain decisions
  • Laundering of funds

Identity Theft

Identity theft can happen if someone gains access to another person's bank account. A fraudster could collect personal information about the account holder, such as their name, social security number, and credit card number.

They can attempt several things from there, like making changes to their bank accounts, transferring money out of the account into a different account, or using the credit card to make purchases.

If there is a sign of identity theft and abnormal purchasing behaviors within a personal account, transaction monitoring alerts should notify the financial institution of what's happening.

Depending on the bank notification settings the account owner has set, it should go through a transaction monitoring process to notify them.

Transaction Screening vs. Transaction Monitoring

While transaction screening and transaction monitoring might sound like the same thing, there are some notable differences. First, transaction screening makes it easier to screen transactions in real-time without delaying the overall payment process.

For example, some financial institutions will text an account holder to confirm they're purchasing before attempting to block the account. This is helpful and ensures the client can finish their purchase without contacting the bank for help.

Another benefit of using transaction screening is customizing it to monitor your department's red flags. This makes it easier to monitor accounts without missing a beat.

One common transaction monitoring issue is that high-risk transactions will go through if not appropriately flagged, but this isn't the case with transaction screening. Unusual or high-risk transactions will become blocked pending confirmation from the customer.

Transaction screening ensures that fraud is caught before considerable damage affects the customer.


Why Is Transaction Monitoring Important?

Transaction monitoring solutions are essential because the world is becoming more digitally advanced. Because of this, several financial crimes, such as money laundering, are increasing.

Many companies are turning to online payment methods to streamline the customer experience and make things easier. This means there is less cash being used and more payments made by credit card.

Because of the increase in digital payments, transaction monitoring is more important than ever since there's such a large volume to review daily. Without transaction monitoring, financial crime would explode.


Who Needs Transaction Monitoring?

Any company that is considered a mover of money is required by law to take the necessary steps to protect customers from security breaches, fraud, and other forms of financial crime. Read on to learn more about each type of business and what it means.

Money Services

Money services are businesses that either convert or transmit money. This term was created to encompass other financial institutions outside of banks.

Depending on the jurisdiction of the MSB, there will be different jurisdiction rules that these businesses must follow. MSB services are overseen by local regulators and must remain within compliance with these areas at all times.

Most MSB's provide services in areas with no other financial institutions, such as a bank, to help people with their money. 

They are provided inside of places like:

  • Grocery stores
  • Pharmacy stores
  • Convenience stores
  • Drugstores

If the area is small enough, it could also mean their services inside the local post office.


Traditional Banks

While banks are commonly known for being the place where people deposit their money, make withdrawals, and transfer funds, several other services are offered. For example, if someone is looking into buying a home, they can speak with their bank about being approved for a mortgage.

Banks also offer customers the ability to apply for different forms of insurance, such as vehicle or home insurance. In addition, they provide loyal members various opportunities to bundle their insurance all in one place at a discount.

If the banking institution of your choice cannot offer you lending services, they will point you in the direction of some of their partners who will help you with this. Because banks hold an essential role in the economy's stability, they're held to strict regulations.

Even with these regulations, banks take on a considerable amount of risk. One form of risk is credit risk when someone borrows money from them and doesn't pay it back as agreed upon.

Another type of risk is market risk, which is when the value of the bank's investment and trading portfolio decreases based on market changes that have taken place. 

Other forms of risk taken on by banks include:

  • Reputational
  • Operational
  • Liquidity
  • Macroeconomic 


Money Transfer Companies

Have you ever needed to send money to someone? If so, the chances are you did it using a money transfer service.

The most common money transfer is sending funds from one person to another domestically.

International money transfer is sending funds to someone that lives in another country. When you pay for a money transfer, fees are associated with sending money.

Most companies will require you to provide your information and the information of the person picking it up to reduce the risk of it being given to the wrong person. For example, if a money transfer isn't picked up within a specific time, the funds are returned to the person who sent the funds.


Financial Services

Financial services are when economic features are provided to individuals and businesses. 

Several financial institutions fall under this title, including finance companies or finance lenders.

Financial services allow individuals and businesses to obtain the various financial goods they need.

For example, if you accept payments from people, you might offer the ability to pay with credit/debit cards or give people the chance to make money transfers electronically.

FinTechs

“FinTech” stands for financial technology, and it is when financial services are delivered using technology instead of the traditional methods. 

Examples of financial technology are the increased features offered on smartphones that allow people to do things like deposit checks or invest in stocks. This has all been done to make things more easily accessible to the public. 

The growth of this industry is due to the opportunity it offers to smaller players in the space. With the adoption of financial technology, FinTech companies can compete on the same playing field as traditional banks and financial institutions. 

While many FinTech companies are credited with disrupting the finance industry, there is still the opportunity for traditional banks to partner with these brands for their own benefit. The relationship between FinTechs and the banks that sponsor them is a budding area of interest for many established businesses looking to expand their offerings in new ways. 

Often referred to as neobanks, unlike the traditional banking model that has been around for centuries, these businesses are a new breed of financial services company where most, if not all, of the business is done online. 

These digital-first banking platforms offer a seamless online experience and low-cost (sometimes no cost) services, and typically specialize in specific financial products, like savings and checking accounts. 

Chime, Varo Bank, and Current are all examples of neobanks.


Lending Companies

A lending company disperses loans to people for various needs in simple terms. For example, if you're looking to purchase a home, you'd speak with a lender about borrowing money from their financial institution.

Before you receive the funds, you need to purchase your home. Then, you'll sign an agreement of a monthly payment you will make back to the member until it's been paid back. The contract will also outline the penalties of not making payments.

Most lending contracts have requirements that must be met by the applicant, which could increase or decrease the interest rate applied to the overall amount.


Exchanges

According to Investopia, an exchange is “a marketplace where securities, commodities, derivatives and other financial instruments are traded. The core function of an exchange is to ensure fair and orderly trading and the efficient dissemination of price information for any securities trading on that exchange.” 

Exchanges give governments, companies, and more a place to sell securities to the public.

When most people think of an exchange, the stock exchange might come to mind. On the stock exchange, organizations can sell parts of their companies to people who want to invest in them through the exchange. The company's value will determine the cost of exchange shares that people want to purchase.

If you're considering investing, but you don't wish to pay the current price of the organization's securities, you can place the stock on your watchlist and wait until it drops to a fair amount.

There are also exchanges that deal with cryptocurrencies where people can purchase and sell their digital assets. As a relatively new development in the financial services space, crypto exchanges were only recently added to the scope of FinCEN.


Cryptocurrencies

In recent years, cryptocurrency has become popular, and rightfully so. Cryptocurrencies are a conglomerate of binary data that can be used as digital exchange.

When you purchase a cryptocurrency, this information is stored in an online file known as a ledger. These ledgers feature several layers of cryptography to protect the person's assets that have purchased them.

If you decide to make a purchase online instead of using your actual money, you can opt to use your cryptocurrency as collateral until your payment has been made. Once these crypto coins have been put up for collateral, you're provided authority over the designated tokens.


Brokerages

A brokerage is a middleman when buying and selling securities on behalf of the person they work for. This means the client doesn't have to study trends and wait for the optimal time to sell and buy stocks.

Brokerages don't just provide exchange services; they also help with securing a loan if needed and investing/purchasing pieces of real estate. 

The broker will bring together the buyer and seller and work with both until the transaction is complete.


Insurance Companies

You never know what can happen in life, and that's why people need insurance. There are several types of insurance, from health, to dental, to car insurance.

Insurance companies provide their clients with coverage of their different needs. Insurance companies create policies and will pay out claims if they meet the requirements of their insurance claim policy.

When you obtain insurance through a provider, they take on the risk that correlates to the policies they've written. The insurance company will assess the risk of specific sectors and provide applicants with various premiums they can choose from.

For example, when you receive health insurance, you will have coverage for doctor's visits and hospital stays. However, there is something known as a co-pay that will need to be paid on your part before the insurance company will step in and play its part.

This works when you have a procedure performed; the doctor's office will submit an invoice to your insurance company on your behalf. The insurance company will send back information on the portion of the bill they'll cover.

From there, the doctor's office will contact you or send you an invoice detailing the remaining balance that you are responsible for paying.

Legal Professionals

Legal professionals are people that have gone to school and studied law. After they've taken time to explore various forms of law, they will begin to apply what they've learned in multiple legal settings.

There are several types of legal professionals, including:

  • Paralegals
  • Business lawyers
  • Traffic lawyer
  • Immigration Lawyer
  • Judges
  • Divorce lawyer

Each has its duties that help the legal system continue to thrive and work the way it's supposed to. Finances play a part in the legal system because people have to be paid for the jobs they do.

Also, those that come through the legal system have to pay fines as determined by the judge overseeing their case. For example, if someone is found guilty of identity fraud, they may be ordered to serve some time in jail and pay a portion of what they stile back to the victim.


How Does it Work? AML Transaction Monitoring Process

Risk Assessment

The first step in creating an AML compliance program is performing a risk assessment. How are current and new customers handled?

What features are you offering to customers, and what is the risk associated with each one?

It's crucial to have a deep understanding of the risks you take on as a financial institution to ensure you provide adequate coverage for these risks.

If your institution is willing to take on higher levels of risk, it's essential to determine which areas you're willing to do this in. A few AML areas that needed to be reviewed included transaction activity and products and services offered.

After taking the risk assessment, it's time to start creating the AML policies and procedures that your institution will abide by. These policies need to be as detailed as possible to reduce the chances of anything slipping through the cracks.

If you're unsure of where to start creating your policies, some organizations out there provide a template you can work off. Some key points to remember as you complete your policy manual are:

  • There should be procedures to cover onboarding customers and activity investigation
  • Monitoring controls that report back to the local regulator
  • Ongoing review processes
  • New products should be in line with the goal of the business

Determine What Suspicious Behavior Looks Like

Once you have completed the initial risk assessment, the next step is to define what should be flagged for review. 

There are a few components of suspicious activity that your institution needs to identify to do the job correctly. First, there are several forms of suspicious behavior, including large sums of money being transferred from one bank account to another.

If the account holder suddenly makes a transaction that they wouldn’t usually make, this could be deemed suspicious because it doesn't follow the transaction behavior the customer is known for.

If a large or unusual amount of deposits is made into another account, this could indicate suspicious behavior. 

Other forms of suspicious behavior include:

  • Avoiding the requirements of record-keeping
  • Several transaction bursts in a short time
  • Transactions that the account isn't used for

Your transaction monitoring system should be in tune with alerting when these behaviors have been identified. Once a member of the team has been notified, they can then reach out to the customer and walk them through the next steps in the process to get their account back on track.


Create Transaction Monitoring Rules and Alerts

Below you'll find information about regulations and examples that should be followed at all times when it comes to AML transaction monitoring.

Remember that you won't know which rules to use if you haven’t completed an in-depth risk assessment beforehand.

AML Transaction Monitoring Rules Examples

The first examples of AML transaction monitoring tools and rules include structuring over time. 

For example, when transactions are split into smaller groups, it is easier for them to avoid the requirements in place for reporting purposes.

If this is a rule you implement, there will be a cap on the monetary amount that transactions will need to fall under. Your team will review all transactions within a designated period when they fall under this.

This is just one of the many rules you might consider implementing; here are some others.


Optimize Rules Over Time

Rules need to be optimized over time because, if not, they won’t be as effective at addressing the nuances that can occur after large sets of data have been analyzed. 

As more transactions are monitored, more learnings can occur. As a result, the rules can become more specific in order to flag more true positives with greater precision.


Create Cases and Perform Investigations

When suspicious transactions are flagged in the system, an analyst can create a case once a manual review determines the activity to actually be suspicious and worthy of investigation. 

These investigations are held by case managers responsible for taking the necessary steps to figure out what happened and who is accountable should money laundering be uncovered. 


File Suspicious Activity Reports

After the suspicious activity has been identified and an investigation has taken place, the outcome of the investigation must be reported to FinCEN using a SAR under the BSA or Bank Secrecy Act of 1970

Case management tools like Unit21 make this process easy by offering automated reporting. Otherwise, case managers must spend many hours manually writing and filing the reports.

Ongoing Maintenance of the AML Monitoring System

Once the AML transaction monitoring system is in place, there will be times when changes need to be made to ensure it withstands future risks. To do this, take some time to review your policy and update it accordingly.

You need to do this to ensure all your policies remain aligned with compliance regulations. Over time there are chances that new risk areas will emerge, and this is why it's essential to perform risk assessments continuously.

If you don't perform these assessments, you won't know where changes need to be made to protect your institution. If there are ongoing issues or violations, the procedures need to be adjusted accordingly.

As maintenance is performed, you can collaborate with other departments and conduct an internal audit of all company areas. Lastly, don't forget to take time to educate all members of staff. At the end of the day, having an uneducated staff is not an acceptable reason for being found in non-compliance.


3 Common Issues Associated with AML Transaction Monitoring

While several benefits come with AML transaction monitoring, there are also challenges. One issue is when a company uses an off-the-shelf system instead of taking the time to choose one that will work appropriately for the company's needs as they grow and evolve.

Here are some other common issues associated with AML transaction monitoring that can be exacerbated by implementing the wrong approach.


1. False Positives

The number of cases flagged by a transaction monitoring solution that do not meet the criteria for review.

According to a recent global study, 57% of the total cost of compliance with financial crime-related regulations is labor, amounting to $103 billion. This is due, in part, to the fact that more and more analysts are needed to review the increasing volume of alerts from transaction monitoring.

False positives increase labor expense and distract analysts from promptly focusing on the confirmed cases that require thorough investigation.


2. Assuming That One Size Fits All

Applying a single risk scenario to a broad range of customers or behaviors.

The oversimplification of risk scenarios in AML transaction monitoring can lead to an increase in false positives and less granular tracking.

The lack of detail of a broad scenario can obscure visibility into the actual activity and behavior of the company's or individual's transactions.

It also limits the application of relevant rules to the scenario, leading to potentially missed flags.

3. Having Too Many Scenarios

The opposite of the one-size-fits-all issue, it's possible to have too many risk scenarios in an attempt to catch every suspicious activity.

Over time, as business conditions change, new scenarios are often introduced to address new perceived threats. However, having too many scenarios makes it challenging to maintain context among the scenarios and delineate which scenarios address which activities/behaviors.

Depending on how these new scenarios are scoped and introduced, it can become difficult to manage which scenarios address which threats and how and when analysts should invoke these scenarios. It also increases the risk of duplicate cases being generated from different scenarios for the same threat.

The ability to review scenario effectiveness in context on an ongoing basis is key to ensuring there are no gaps in AML transaction monitoring nor overlap among scenarios that may result in redundant cases.

3 Components of a Successful AML Transaction Monitoring Program

Several components work together to implement a successful AML transaction monitoring program. Here are three concepts to consider.


1. Using a Risk-Based Approach

AML regulators recommend and enforce a risk-based approach for organizations to effectively combat financial crimes. But what does that mean? The easiest way to define it would be to say that an institution using a risk-based approach is an organization that performs AML controls based on the organization's perception of risk and the risk level of its customers.

The risk perception of a company and the risk level of each customer are varied. As a result, it wouldn’t make sense for every organization to apply the same controls to every customer. Therefore, a risk-based approach is broken into two parts - the first being an assessment of risk, and the second being an implementation of a due diligence process that takes into account the risk profile of the customer.

This approach allows for more control when fighting against financial terrorism and aids in reinforcing money laundering procedures and protocol.


2. Continuous Optimization of Rulesets and Workflows

How will you improve your ruleset or workflow? Through the continuous optimization of the AML transaction process. It begins with selecting the proper rules and preparing the data that will fuel the overall transaction process.

The data collected needs to be quality data, but before this can be done, the environment in which the data is collected needs to be built comprehensively. In segmenting your transaction process, you need to either implement or look into upgrading the entire system.

Detection rules can be combined with segmentation practices to ensure you're receiving alerts only on patterns that are at risk for fraud, keeping an eye out for false positives and false negatives as you go. 

Investigations of false positives are a waste of company time and resources. Worse yet, it could mean that true suspicious activity is going undetected. That is why it is critical for rules and workflows to consistently be tracked and measured for effectiveness.

3. Choosing the Right Transaction Monitoring Software

When choosing your transaction monitoring system, the first thing to consider is deployment flexibility. How do you intend to deploy the solution to begin monitoring client transactions?

Will you be using a cloud host? Do you intend to build it internally instead of outsourcing to a vendor?

Another idea to consider is your ability to customize and build your rules. There is no static solution for identifying financial crime; therefore, you need to be able to create dynamic rules that can adapt as criminals and your business evolve, which is what makes Unit21’s transaction monitoring product so powerful.

Transaction Monitoring for Risk and Compliance: Key Takeaways

There is a lot of information to digest when it comes to transaction monitoring for AML compliance and beyond. Here are a few key takeaways to remember:

  • Implementing an effective AML transaction monitoring system is a requirement for businesses that move money. Without one, an organization would not be able to flag suspicious activity or events and could be found in non-compliance, which leads to costly fines.
  • There are a few key components of an effective transaction monitoring system: the ability to flag suspicious activities, adjust rules based on learnings, and identify false positives for accurate reporting.
  • Having the right transaction monitoring platform can drastically improve the performance of AML operations by increasing efficiency and efficacy. If you're looking for a partner that knows the ins and outs of AML transaction monitoring, book a demo with Unit 21 and let us show you how you can reduce false positives, build credibility with regulators, and win in the fight against financial crime.

Let's schedule a time to learn more

Book a Meeting