Banks spend a large amount of time mapping regulator-provided red flags to detection rules/scenarios, often on a 1-to-1 basis. Every time a regulator or industry body releases a new set of red flags or indicators, a new rule or scenario may be introduced.
While this approach is well-intended, it has resulted in the reactive concept of defensive alerting and, in turn, defensive AML reporting – something which regulators are increasingly highlighting as problematic and time consuming.
What is Defensive Alerting?
Defensive alerting defines the process of producing high volumes of low quality false positive alerts, usually set against a singular red flag. While in combination red flags have immense value to detect risky or anomalous activity, in isolation, they can be less useful.
As a result, this has seen the growth of operational triage teams dealing primarily in the rapid clearance of low-quality alerts at a transactional level, without considering the context of the transaction against a customer’s usual activity or the activity of its peers. For instance, a transaction-focused alert closed as a false positive by a human analyst within five minutes is likely to be meaningless exercise. However, the presence of multiple risks on a single network of customers and/or counterparties is a greater indicator of risk.
Are You Suffering from Defensive Alerting?
Unmanageable numbers of unique detection rules/scenarios, perpetually high alert volumes, short investigation SLAs, and low alert-to-regulatory filling conversion rates are all symptoms of a sub-optimal approach to Anti Money Laundering (AML) transaction monitoring (TM) that is overly focused on rules-based detection.
The Limitations of Defensive Alerting
A defensive alerting approach inadvertently reduces the effectiveness of a bank’s controls due to the “needle in a haystack” approach of alert reviews. Balancing untenable alert volumes against timeframe requirements, both operational and regulatory, means a compromise on quality investigative analysis, thereby introducing risk.
Past attempts to solve this problem have focused on treating the symptoms, including:
- Tuning of alerting parameters and thresholds
- Segmentation of customer base and alerting at a customer level (I.e., creating a smaller haystack)
- Large-scale investigations teams and low resource retention rates
- Applying automation to alert triage, and data gathering activities.
The knock-on effects of defensive alerting are wide-reaching and even impact the ability to retain top talent. Analysts who were originally sold on the premise of fighting financial crime, quickly become disillusioned with their place in process-driven operations – this risks losing the motivated and skilled investigative talent that will be required to detect and uncover complex and often hidden risks, such as those seen in the Russian Laundromat.
However, a manageable and risk focused strategic approach requires a fundamental change in tact. It demands an approach that automates many of the repetitive manual checks, considers the entirety of the potential risk and suspicious activity from multiple internal and external data angles, and importantly, examines and assesses each risk attribute collectively – in other words focusing on context.
Introducing a Contextual Monitoring Approach
Contextual Monitoring is a fresh ‘investigate to detect’ process and signals a more effective means of tackling financial crime and fraud. The Financial Action Task Force (FATF) defines Contextual Monitoring as:
“The ability to join and connect together data from different systems and sources to create context and meaning to identify significant connections and improve accuracy. It employs advanced algorithms which allow more sophisticated scoring and analytical approaches.”
Contextual Monitoring is powered by entity resolution, the process of dynamically connecting and enriching internal and external data to reveal a single view of entities across an organization, and network generation, which maps out relationships to identify new, previously hidden risks faster and more accurately. It brings a shift in focus from alerting on singular transactional red flags to combining multiple risk indicators on a single network, fed into predictive analytics, and followed up by highly skilled investigative staff.
Leveraging Machine Learning Triage to Manage Alert Volumes
Machine Learning and AI (Artificial Intelligence) play key roles in the fight against financial crime – and in a Contextual Monitoring approach. However, there has been an over-focus on the use of predictive analytics within auto-triage models to cover up deficiencies in transaction monitoring.
Triage models themselves can be overly reliant on static data points as features and often replicate rules-based decisioning, creating a misconception of successfully replacing human investigations. However, when you have >95% false-positive alerts, it is not difficult for AI to look as though it is successful at closing alerts.
An approach like Contextual Monitoring would enable data scientists to focus their attention upstream by creating more effective and efficient strategies through the detection of truly anomalous risky behaviour.
How to Uncover the Next Russian Laundromat Using Contextual Monitoring
Do we really expect to uncover the next Russian Laundromat with an out-of-the-box rule based on a single risk data point or red flag?
Taking the Russian Laundromat as an example – those involved were not identified through a single red flag – but through the combined presence of shell companies, the rapid movement of funds and luxury goods, high-risk industries, and suspicious networks.
The process of enriching internal data with external sources and building networks of relationships to identify new, previously hidden risks enhances detection with models that leverage network-based context, which in turn reduce false positives and generate more accurate alerts.
To truly succeed in the fight against financial crime, financial institutions must combine multiple risk indicators on a single network, enabling highly-skilled and empowered teams to investigate genuine risk alerts – and a Contextual Monitoring approach is proving to be the most effective solution.
You may be interested in…

Detecting & Preventing Scams with Advanced Analytics
Find out how banks can detect and prevent the growing problem of scams using advanced analytics – and how scams have evolved since COVID-19.

Combatting the Rising Risk of Buy Now, Pay Later Fraud
Discover how you can overcome the fight against BNPL fraud with context, by leveraging the power of advanced analytics technology.

Contextual Monitoring: The New Standard for FinCrime and Fraud Detection and Investigations
As the cracks in the traditional approaches to financial crime and fraud detection and investigation deepen, a period of seismic disruption is underway – and Contextual Monitoring is at its forefront. Learn more about Quantexa’s innovative contextual monitoring platform, Syneo – designed to disrupt the current AML landscape by offering a new ‘investigate to detect’ approach based on actionable intelligence.

Quantexa Syneo Revolutionizes Risk Detection To Enable 80% Faster Investigations
Quantexa has launched the latest version of its Contextual Monitoring and Investigations solution, Syneo, to set a new revolutionary standard in Financial Crime & Fraud detection and investigation.

Contextual Monitoring for Money Laundering Risk Within Financial Markets
FCA’s recent report observed that a contextual monitoring approach can help organizations improve their risk detection capabilities – and here’s why.

Fraud Detection & Prevention: Contextual Monitoring for Investigators
Following the FinCEN Files leak of confidential suspicious activity reports, this article looks at how technology and data can enhance AML investigations and improve financial crime detection.
Related Solutions

Tax Authorities
Reduce the tax gap, identify fraud and non-compliance, and operate as efficiently as possible with limited resources.

Anti-money laundering
Reveal hidden risks and detect criminal activity faster. Reduce false positives to manage the cost of compliance. And improve investigations to make faster and more consistent decisions at scale.

Customs Agencies & Border Control
Contextual Decision Intelligence enables faster decisions, increased revenue collection and enhanced compliance. The Quantexa platform enables Customs and Border agency teams to analyze data successfully, automate and accelerate decision-making, and achieve improved results.

Fraud
Identify potentially fraudulent activity by looking at people or transactions in isolation. Understand the context surrounding the organizations you do business with to make fast, accurate decisions.

Fraud, Waste & Abuse
Empower your team with the best tools available for today’s challenges to identify and prevent fraud, waste and abuse with contextual decision intelligence software.

Credit Risk
Understand your customers, their business structures and supply chains. Make better lending decisions, faster. And support digital risk transformation.

Customer Intelligence
Generate a complete view of the context around your customers and prospects to build better relationships, reduce attrition and find hidden opportunities.

Revolutionize Your Financial Crime and Fraud Detection

Investigations
Enhance the efficiency, effectiveness and consistency of your operational and complex investigations to empower your teams to expose and understand risk faster.

Master Data Management
Connect all data—internal and third party—to create a joined-up, contextual view of all the relationships between your customers and every other domain.

Compliance
See how we help to reduce costs and improve coverage for financial crime compliance.

CDO
See how our platform uses contextual analysis to turn data into a high value asset.

CIO
See how our platform uses financial crime technology to enhance your existing IT ecosystem.

Healthcare
Reduce the tax gap, identify fraud and non-compliance, and operate as efficiently as possible with limited resources.

Contextual Monitoring
Reveal hidden risks and detect criminal activity faster. Reduce false positives to manage the cost of compliance. And improve investigations to make faster and more consistent decisions at scale.

Unified CRM Solution

Know Your Customer
Reduce significant manual effort across onboarding, refreshes and remediation. Automate checks, implement continuous monitoring, and focus on contextual decision making.

Growth and Retention

Contextual Engagement
Generate a complete view of the context around your customers and prospects to build better relationships, reduce attrition and find hidden opportunities.

Data Management
Connect all data—internal and third party—to create a joined-up, contextual view of all the relationships between your customers and every other domain.

Connected Customer View
Generate a complete view of the context around your customers and prospects to build better relationships, reduce attrition and find hidden opportunities.