Transaction Monitoring in Banks: An Expert Perspective for BaaS Banks
Banking-as-a-Service (BaaS) is transforming the financial landscape. Sponsor banks now manage multiple fintech partners, each with unique products, customer types, and risk profiles. While this creates incredible opportunities to grow deposits, it also introduces complexity, and legacy systems used for transaction monitoring in banks simply aren’t equipped for the modern BaaS model.
Here’s a practical guide for sponsor banks navigating this challenge, based on real-world insights from Sarah Beth’s experience working with banks and fintechs across BaaS programs.
1. The Limits of Legacy Systems for Transaction Monitoring in Banks
Traditional transaction monitoring platforms were designed for predictable patterns in retail banking. They work well for standard checking and savings accounts, but struggle with the modern Banking-as-a-Service model, where:
- Banks support multiple fintechs with varying products (teen debit cards, retirement accounts, cross-border payments, etc.).
- Transactions are smaller, faster, and more diverse, often across multiple channels.
- Fraudsters exploit predictable rules in legacy systems, knowing that thresholds and alerts remain static.
The result? Teams are inundated with false positives, overworked, and forced to manually reconcile thousands of alerts. This creates operational risk and reduces the effectiveness of transaction monitoring in banks.
2. Why Thinking Like a Criminal Changes Everything
Aside from technology, the single most important shift for a sponsor bank is mindset. To stay ahead of fraudsters, your team must anticipate exploits by asking how a criminal might use a fintech product. For example, how could someone misuse a teen debit card or a cross-border payment platform?
Your team must also own the risk by taking accountability for threats, even those several layers removed from your core operations. Also, you must conduct informal pen testing by simulating how bad actors might exploit your fintech partners’ platforms to identify vulnerabilities early.
Once your team adopts this mindset, it becomes easier to prioritize risks and make smarter technology decisions.
3. Why Adaptive Monitoring Tools Work Better in BaaS
AI-enhanced transaction monitoring platforms like Unit21 allow banks to:
- Deploy Multi-Conditional Rules: Banks can create no-code rules tailored to each fintech partner’s product and risk profile.
- Tune Rules Dynamically: AI can recommend adjustments to thresholds, reducing false positives without compromising regulatory compliance.
- React Quickly to Emerging Fraud Typologies: As new risks arise, your system can adapt faster than legacy platforms.
Modern tools reduce operational complexity, allowing overworked AML teams to monitor effectively without feeling overwhelmed.
4. Customize Rules for Each Fintech Partner
One-size-fits-all rules don’t work in BaaS. Consider:
- Behavioral Differences: Cross-border payments may have seasonal spikes during holidays, while teen debit card activity follows different patterns.
- Risk Profiles: Retirement accounts have distinct risks compared to international money transfer platforms.
- Data Points: Collect detailed information specific to each fintech product, like transaction notes, jurisdiction, user demographics, and more.
Custom rules improve accuracy, lower false positives, and give your team confidence in their monitoring.
5. Collaborate Closely With Fintechs
The strongest BaaS monitoring programs are not siloed, but they are collaborative by design. What works best is when sponsor banks share control planes with fintechs, allowing the fintech to provide real-time insights on customer behavior.
They should also maintain open communication to quickly address anomalies and educate fintechs on potential exploits and banking compliance requirements. This collaboration ensures that alerts are meaningful, actionable, and based on the most accurate data available.
6. Early Warning Signs to Look for in BaaS Programs
Some indicators that your bank may need to upgrade monitoring systems include:
- Accepting Alert Growth and False Positives as Inevitable: If your team views inefficiency as unavoidable, it’s time for change.
- Lack of Program-Level Segmentation: Treating all fintech partners or products the same way leads to blind spots.
- Data Gaps: If you don’t have dedicated data resources or proper data collection, scaling a BaaS program will be difficult.
- Limited SAR Experience: Teams unfamiliar with filing SARs beyond fraud or structuring may be unprepared for complex risks like human trafficking or cross-border crime.
These gaps early set the stage for a successful transition to modern monitoring when addressed.
7. Take Incremental Steps (Baby Steps Matter)
Transitioning from legacy to modern systems doesn’t have to be an immediate rip-and-replace. Practical first steps include:
- Conduct the “Criminal Mindset” Exercise: Identify how products could be exploited.
- Segment Your Fintech Programs: Prioritize high-risk partners for closer monitoring.
- Pilot Modern Rules: Implement AI-driven, multi-conditional rules on one or two fintechs before scaling.
- Educate Your Team and Board: Ensure executives understand why a new AML technology is necessary and how it mitigates risk.
Even small, targeted changes build confidence, reduce overwhelm, and improve oversight.
8. Regulatory Considerations
Even as regulatory focus ebbs and flows, banks remain fully responsible for their transaction monitoring programs. Examiners continue to respond positively to strong, well-documented collaboration between sponsor banks and fintech partners, especially when ownership is clear and customer behavior is well understood.
It’s also critical to look beyond the exam cycle. DOJ enforcement and sanctions exposure carry real criminal consequences, regardless of supervisory emphasis. Clear documentation of decisions, controls, and risk mitigation not only supports regulator conversations but also gives boards confidence that risk is being actively managed rather than deferred.
A Practical Path Forward for BaaS Banks
Banking-as-a-Service introduces speed and scale that traditional transaction monitoring in banks wasn’t designed to manage.
The banks that succeed are the ones that anticipate misuse, tailor controls to fintech partners, and use data to improve visibility without overwhelming their teams. Progress doesn’t require a rip-and-replace, but it does require tools built for how money moves today.
If you’re ready to reduce false positives, strengthen oversight, and scale your BaaS program with confidence, request a demo to see how modern transaction monitoring in banks can support smarter decisions and more resilient compliance.
Trisha Kothari is the co-founder and Chairman of Unit21, a solution that proactively mitigates risks tied to money laundering, fraud, and other illicit activities. Trisha is driven by a powerful mission to empower the fight against financial crimes. Her professional journey, deeply rooted in engineering and product management, includes significant roles at companies such as Google, LinkedIn, and Affirm. During her tenure as an early engineer and product manager at Affirm, Trisha gained firsthand insight into the gross inefficiency and siloed ways that AML and Fraud operated. This experience served as a catalyst for her to develop innovative AML and Fraud solutions that Unit21 now offers today.
After leaving Affirm in 2018, Trisha joined South Park Commons, a community of builders, tinkerers, and domain experts. There, she met her co-founder and began tinkering with the concept of Unit21. Follow Trisha on LinkedIn, where she usually discusses new regulatory changes to be aware of, reacts to industry trends, and shares Unit21 product enhancements.
