AML Transaction Monitoring: Challenges and opportunities - Financial Services

Aml_cover_1_

Banks are required to monitor transactions to detect suspicious transactions linked to possible money laundering, as mandated in Art. 20 of the FINMA AML Ordinance. Increasingly insurance companies are doing the same and implementing AML Transaction Monitoring (TM) as part of their anti-financial crime procedures. However, despite substantial investments in anti-money-laundering (AML) measures, many financial institutions struggle with inefficient transaction monitoring (TM).

Common problems we observe are:

  1. High number of false positives affecting efficiency: A large number of generated alerts are closed as false positives. This drives up operational costs unnecessarily and leads to resources being wasted on investigating non-criminal activities.
  2. A lack of effectiveness, as AML scenario selection is not risk-based: Many scenarios/rules are implemented because they are available in a vendor solution but without a solid foundation in an AML risk assessment, leading to under-monitoring in some areas and over-monitoring in others.
  3. Overwhelming complexity: Modern AML TM solutions offer a myriad of adjustable parameters, and without a systematic approach the complexity can be overwhelming, as a result of which firms use factory settings which are usually not optimal for their specific circumstances.

In this blog mini-series we want to shed some light on these common problems and suggest how anti-money laundering transaction monitoring might be improved.

Elements of an AML Transaction Monitoring systems
To understand where some of the difficulties in AML TM originate, it is useful to begin by looking at the elements in a TM system.

Aml_pic_1_

Figure 1 Elements of an AML Transaction Monitoring system

The foundation for TM should be the AML risk assessment taking into account the products offered, the client base, geographical footprint and channels for interacting with clients. Industry standard TM systems use rules (also called scenarios) which generate an alert when certain conditions are met, for example if the sum of all transactions into an account over the course of a month from countries considered high risk is above a threshold amount of X.

Most rules will have a monetary threshold above which an alert is triggered, often combined with additional conditions (such as the country risk rating, as in the example above). The parameters also depend on client segmentation, for example distinguishing between retail customers, medium-size enterprises or large corporates, for which very different transaction behaviour is expected. Another relevant factor is the customer risk rating.

When an alert for a customer or account is generated, it is handed over to a case management system where an AML officer will review it and decide whether the alert warrants further investigation or whether it should be closed, as not being suspicious. Transactions and clients for which an alert leads to a concrete suspicion of money laundering are reported to the relevant authority as part of a Suspicious Activity Report (SAR). The interplay between all these elements is complex, and a detailed Target Operating Model is a necessary foundation for a successful AML Transaction Monitoring programme.

Typical issues in AML TM
While the individual elements of a rule-based AML TM system may appear simple, there are many issues which can lead to frustration.

  • Lack of client segmentation: The absence of tailored client segmentation can result in certain client groups, such as retail versus corporate, being either under-monitored or over-monitored. This lack of differentiation impairs the effectiveness and efficiency of transaction monitoring, as it fails to account for the unique risk profiles associated with different types of clients.
  • Disconnect between AML risk assessment and TM processes: A lack of alignment between AML risk assessment, scenarios, and the products covered leads to either under-monitoring or over-monitoring of money laundering risks. This increases both regulatory and reputational risks, as it fails to provide a comprehensive and accurate assessment of potential threats.
  • Disconnect between transaction monitoring and the underlying business activity: A lack of synchronisation between transaction monitoring and actual underlying business activities can lead to a misinterpretation of transaction risks.
  • Inability to respond rapidly to changing money laundering risks: Inflexible systems and processes cause slow response times to emerging risks or regulatory changes. This inability to adapt quickly undermines the effectiveness of transaction monitoring and increases vulnerability to evolving threats.
  • Unclear data mapping: The rationales for the inclusion or exclusion of transaction types are often not well documented, leaving key stakeholders unaware of what is actually being monitored. This lack of clarity impedes transparency and understanding, reducing the overall effectiveness of the transaction monitoring process.
  • Peer-driven scenario implementation: Some scenarios are adopted merely because peer organisations use them, rather than being based on specific risk analysis or to address particular risks. This undermines the effectiveness of transaction monitoring by failing to tailor scenarios to the unique risk profile of the organisation.
  • Lost in complexity: An in-depth business knowledge and system expertise is needed to find the right balance between too many and too few adjustable parameters when setting up monitoring scenarios. A wrong choice may lead to monitoring being either too rigid or having too many parameters, with the risk of excessive complexity.
  • Non-data driven calibration: TM thresholds and scenarios are often not calibrated based on data. Each financial institution should set their thresholds based on the typical transactional behaviour of their various client segments, in order to detect suspicious transactions efficiently. Inefficiencies lead to an excessive number of false positive results, driving up costs and wasting resources.
  • Tunnel-vision due to vendor out-of-the-box solutions: Considering only the list of rules provided by a vendor solution as potential answer to each identified AML TM risk leads to a narrowing of vision. Other means to address a certain risk may be missed.

In the following parts of this blog series on AML transaction monitoring, we will discuss how financial institutions can optimise their transaction monitoring to increase effectiveness and reduce costs.

Key contact


1madansathe

Madan Sathe, Partner, Forensic & Financial Crime

Madan is a Partner in the Risk, Regulatory & Forensic Practice at Deloitte Switzerland. He has over 12 years of experience in investigation and financial crime including extensive data analytics and technology experience. He started his career at a Big 4 in Switzerland with a major focus on financial services clients (banking, insurance clients) and the life science industry. During his career he built and lead a forensic data analytics practice and advised major financial services clients in the area of financial crime compliance and investigation around the topics of data, artificial intelligence and technology.

Email | LinkedIn 

Karlruloff_1

Karl Ruloff, Director, Forensic & Financial Crime

Karl Ruloff is a Director in the Deloitte’s Swiss Risk, Regulatory & Forensic Practice. He supports his clients in protecting themselves and their clients from financial crime and staying compliant with regulatory expectations. Karl has more than 20 years of experience in the professional and financial services industries in risk, compliance and technology roles. Karl’s focus is on the use of data, technology and artificial intelligence for financial crime compliance and risk management. He has an academic background in engineering and economics.

Email | LinkedIn 

Oliverstory_1

Oliver Story, Senior Manager, Forensic & Financial Crime

Oliver Story is a Senior Manager in Deloitte's Swiss Risk, Regulatory & Forensic Practice. He has specialised in Financial Crime for over 12 years either as a consultant or working in industry. Oliver’s focus has been on ensuring robust compliance that protects the business and far exceeds industry average performance by connecting siloed processes – all while reducing the cost of compliance. Oliver has a rare and exceptional blend of FCC, Technology and Data expertise. He leverages these strengths to identify weaknesses in existing process, economic improvements, and value that can created or cost savings for clients in both forensic assignments and advisory work.

Email | LinkedIn 


Konradschwenke1

Konrad Schwenke, Senior Manager, Forensic & Financial Crime

Konrad Schwenke is a Senior Manager in the Risk, Regulatory & Forensic Practice of Deloitte. He supports his clients with questions at the interface of electronic data & compliance. He advised clients on the prevention of fraud and financial crime and supported his clients during and after incidents, covering investigation and remediation actions with a focus on data-related aspects. He studied physics and holds a doctorate degree from ETH Zurich.

Email | LinkedIn 

Comments

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Categories

!-- OneTrust Cookies Settings button start -->