The emergence of New Technologies in the payment space, open banking and cryptocurrencies have all paved the way for the need for new technology innovation in the monitoring of transactions.

The need to upgrade to new technologies such as AI and Machine Learning for the monitoring of transactions to efficiently mitigate the organization’s AML risk remains a top priority for financial Institutions (FIs). The investment in new technologies used within the anti-money laundering (AML) space have been increasing year on year by FIs.

Regulators expect firms to be able to show not only that they have a system in place to monitor transactions, but they must also be able to prove that it is effective. The regulations have created a shift from quantity of alerts being generated to quality of alerts generated from the system. This is a significant move away from the approach of looking at technology to merely reduce the number of alerts.

Whether an organizations is planning on developing and implementing an In-House AML Transaction Monitoring (TM) System or whether they are planning to purchase vendor sourced AML Technologies, the below factors must be considered:

Understanding Data: A critical part of TM is the data volume and data quality.

  • Data volume should flag if the system being implemented would be capable of handling the data volumes. The system also needs to be validated to understand any bottlenecks which may arise if there are significant changes in volumes.

  • Data Quality is an important part of transaction monitoring since feeding the wrong information or missing information may create inaccurate results; For Example- A Scenario created to monitor transactions for Politically Exposed Persons (PEP) customers where the data element representing the PEP Flag has not been loaded would not generate an alert in this case.

  • Data Sources – The AML TM system must be capable of accepting information from various source systems. It is important to implement a system which can operate with different data formats. The people who implement the system should analyse the different source systems within the FI and be capable of extracting information which is necessary from different data sources and create a metadata extract from the consolidated information.

Technology Infrastructure –A lot of cost is involved in the setup and operation of a monitoring solution; hence, it is important that the solution should be able to interact and operate seamlessly with the existing infrastructure of the FI. The AML TM system should be able to connect to other systems such as KYC system and product processors to obtain data and for providing an enterprise wide risk coverage.

Scenario Selection: A FI should focus in choosing the right scenarios which would help to mitigate the risks from the products & transactions. The scenarios selected should cover the common red flags of money laundering and other financial crimes, such as fraud, for that specific product. The scenarios selected should be documented and discussed with the vendor and the expected outcome of the scenarios should be clearly described to the vendor.

Threshold setting & Tuning: The initial threshold setting for the scenarios selected is a vital step when implementing an AML TM system. This step should help to prove that the monitoring is more focussed on the quality of alerts generated by the system. The initial thresholds are set after analysing the data in detail.

Creation of customer segments – This is done by grouping customers based on products offered, area of business, geographical location etc. The customer segmentation enables the compliance team to set thresholds based on the behaviour exhibited by each customer segment

Initial Threshold Setting: The initial set of thresholds are created by the in-house compliance team or by the vendor implementation team by using advanced statistical techniques and by analysing the kind of transactions exhibited for a considerable period of time (e.g. 2 yrs.) by each customer segment and considering the risk levels of the customers. It is possible for the same scenario to have different thresholds based on risk level and customer segment. A low threshold value is set for the customer segment with risk level -High to enable enhanced monitoring to be performed. The initial threshold setting is a combination of mathematical calculations and a risk-based approach.

Threshold Tuning: The thresholds created in the initial threshold setting exercise is now applied to the scenarios and then alerts are produced in a dry run or a calibration environment. The first set of alerts created are analysed for quality, correctness (to check the scenario is picking the right alerts), quantity (if the right number of alerts are generated and the scenario is not generating too many false positives). Above the line and Below the line testing is to be performed to confirm that there is no unusual activity in the sample of customers whose transaction values are below the thresholds and for customers whose transaction values are above the thresholds.

Ongoing Threshold monitoring and Tuning: Once the threshold tuning phase has been completed and the scenarios have been introduced into production/live environment, we would need to conduct a periodic testing to assess the thresholds and the quality of alerts being generated. It may also happen that the behaviour of some customer segments has changed in response to outer environment conditions (markets, political situations etc) which may warrant a threshold monitoring and tuning process.

How Lysis can support in selecting and implementing an AML TM System:

Our Risk and Compliance professionals are familiar with most well-known vendor provided AML TM Systems. We can help to:

  • Understand AML risk and assist the implementation team in ensuring adequate coverage of products/services, transaction types and customer types from a monitoring perspective.

  • Analyse the customer base and transactions to effectively segment the customers and assist with the initial threshold setting.

  • Provide advanced statistical analysis to set the initial threshold values based on customer segments and risk levels.

  • Revising or fine tuning the thresholds by analysing existing alert quality, escalations produced by the scenario and making suggestions for improving thresholds for future needs or for implementing new scenarios based on changes in customer behaviour

  • Creating a methodology and approach by working with the AML Transaction Monitoring Team, Compliance Team, Technology Team and the Internal Audit Function to effectively perform the threshold testing, alert sampling study and scenario analysis and documenting them to be shared with regulators.

For more information please contact info@lysisfinancial.com


By Vanitha Vinayak, Consultant at Lysis Group