Data Monitoring

Data monitoring in anti-fraud and AML is sometimes referred to simply as fraud monitoring. It involves real-time analysis of financial transactions and other related events for signs that fraud may be happening. This creates alerts that can later be manually reviewed for suspicious activity.

‍

Fraud monitoring and detection is closely related to Know Your Transaction. This is the process of analyzing transactions for signs of suspicious activity. It’s a critical step in identifying and stopping financial crimes like fraud or money laundering, but it doesn’t always tell the full story.

‍

Without taking into account contextual activity surrounding transactions, KYT may accidentally label a transaction as suspicious when it really isn’t (i.e. false positive). Or worse, it may clear a transaction that later turns out to be related to financial crime (i.e. false negative).

‍

Both of these scenarios can hurt a financial institution in several ways. These include:

‍

• More manual reviews: Having a high false positive rate can force an FI to waste time and other resources looking into alerts that, upon closer inspection, didn’t actually warrant manual investigation.
• Victimization by criminals: On the other hand, missing suspicious transactions that end up being part of financial crime can cost a financial institution significantly, leading to fines, penalties, and even reputational damage.
• Decreased customer satisfaction and trust: A high false positive rate can also frustrate an FI’s customers, as they won’t like having to repeatedly resolve incidents where their transactions are incorrectly flagged as suspicious. On the other hand, news that financial crime happened at an FI because it failed to catch suspicious transactions can also erode its customers’ faith in its ability to protect and manage their money.
• Penalties from regulators: If FIs are bogged down by too many manual suspicious activity reviews (likely due to false positives), they may miss deadlines for filing suspicious activity reports and be penalized by regulatory agencies. And if fraud or money laundering happens on their watch, they may also be penalized if regulators determine that they didn’t have sufficient measures in place to prevent it.

‍

Adding data monitoring to the mix helps to avoid these problems by increasing the accuracy with which true positives are identified. This minimizes false positives and false negatives, improving efficiency and saving team members valuable time.

‍

Data monitoring software works similarly to KYT systems. The main difference is that it takes extra information into account that adds context to transactions, thereby making it easier to tell if a deal is suspicious or not.

‍

Here’s a general framework for how it operates.

‍

‍

1. Gather Customer Transaction and Activity Data

Like with transaction fraud monitoring, data monitoring will extract and analyze transaction information that’s relevant to the deal’s risk level. But it will also gather and look at other factors that can point to a transaction being suspicious when it wouldn’t otherwise seem so (or vice-versa). This can include the following information about participants:

‍

• IP addresses: Where they’re geographically located, even if they’re online.
• Device or browser fingerprints: What hardware or web browsing software they’re using.
• Digital footprints: Other traces of their online activity, which can indicate how they behave and are identified elsewhere online.
• Behavior analysis: What kinds of financial transactions they usually make.
• Velocity check: How rapidly they are attempting to make separate financial transactions.

‍

‍

2. Make Decisions Built on a Rules Engine

The information gathered in the first step is then fed into a rules engine. This is a program that manages rulesets which, based on the information they receive, determine how likely a transaction is to be risky and why (or vice-versa). 

‍

Based on the level and nature of a transaction’s risk, a rules engine may be able to automatically take simple actions to block it—and possibly even restrict the participants’ further activity.

‍

‍

3. Trigger Alerts for Suspicious Activity

If the rules engine deems a transaction’s risk profile to be sufficiently high-risk and complex, it can trigger an alert. This lets anti-fraud professionals know there is something suspicious about the transaction, and they may need to look into it manually. This could include asking a participant for additional information or ID verification, generating a report about the transaction, and so on.

‍

‍

4. Escalate Cases for Investigation

Data monitoring tools can look at contextual activity surrounding a transaction, in addition to data about the transaction itself. So if anti-fraud professionals see something really out of place, they can perform link analysis to get a wide-angle view of the environment surrounding a transaction.

‍

They may be able to spot patterns and relationships between transactions, their participants, and their circumstances that point to broader suspicious conduct. Then they can begin in-depth investigations to potentially find evidence of larger-scale financial crime.

‍

Not all data monitoring solutions are created equal. Some have certain features that can provide a real boost to an FI’s anti-fraud and AML efforts. These are a few to look for:

‍

• Real-time data monitoring: Ideally, contextual information regarding a transaction should start being analyzed as soon as the transaction is initiated. This allows for taking action on overly-risky transactions—including stopping them if necessary—before they get too far along and become difficult to reverse.
• Rule-based decision-making: Handling transaction monitoring completely manually is terribly inefficient, if not impossible in today’s fast-paced digital world. Data monitoring services should be able to use rulesets to automate how certain classes and tiers of risky transactions are handled.
• Customizable rules engine: It’s useful for an FI’s compliance team to be able to customize a fraud monitoring service’s rulesets. This lets them more accurately target the most common types of alerts an FI encounters. It also allows for more precise control over how these alerts are handled, in line with the FI’s risk appetite.
• Alert scoring and prioritization: Alert scoring allows for assessing the relative risk levels of transactions, based on their inherent and contextual characteristics, and then organizing them based on these values. This lets compliance teams prioritize looking into the alerts that are most likely true positives.
• Data visualization: It’s difficult to draw connections between pieces of data about and surrounding a possibly-suspicious transaction when they’re represented in a spreadsheet. Fraud monitoring tools that offer link (or network) analysis make it much easier to spot patterns that could indicate suspicious activity.
• Automated reporting: Fraud monitoring systems that can automatically slot information from a case into templated reports, and then send them out, are great for at least two reasons. One is that reports get sent to the authorities faster, so incidents can be acted on quicker. Another is that more reports get created with less need for manual work, which helps an FI keep its compliance operations more transparent for both internal and external auditing.

‍

‍

‍

Unit21’s Fraud Monitoring Solution Goes Beyond the Transaction

Unit21’s Transaction Monitoring is actually a data monitoring system. It looks at not just transaction data itself, but also relevant data from a wide variety of credible sources. It also features customizable rulesets, visual link analysis tools, system analytics and testing functions, and more.

‍

See how it works in practice by booking a demo with us today.

‍

‍