Quantexa

What is Transaction Monitoring in AML & Why Does it Matter?

Transaction monitoring is pivotal part of financial risk management. This guide explains what transaction monitoring is, how it works, and how organizations can get started on their journey to implementing an effective transaction monitoring solution.

Brian Ferro
Brian FerroAML Solutions Manager
Jul 31st, 2024
15 min read

What is transaction monitoring in Anti-money laundering (AML) ?

what is Transaction Monitoring in AML

The process of monitoring transactions that occur through institutions for suspicious patterns of activity that are indicative of money laundering or other financial crimes. Typically, these institutions include banks, casinos, insurers, and other money service organizations.  

Analysts will use a set of transaction monitoring rules to determine if a transaction is deemed suspicious. These activities will usually include:  

  • Money transfers 

  • Deposits made to personal and non-personal bank accounts  

  • Customer withdrawals  

As organizations have revolutionized, transaction monitoring has become more automated.   

What is the AML transaction monitoring process?  

  • 1. Transaction monitoring system logs every transaction activity

  • 2. It feeds the data through the risk rules

  • 3. If the data triggers a flag, the software alerts the organization

  • 4. The analyst would investigate the flagged transaction for suspicious activity

A transaction monitoring process will depend on a number of key factors. While regulators do not provide specific guidance on the process, there are a number of key elements we have listed below that should be included.

Block img

Risk assessment  

A risk assessment sits upstream of any transaction monitoring program at the bank. What the risk assessment will do is take a look at the bank’s book of business to determine who their customers are and what types of products are offered to their customers. Doing so will give guidance on the type of expected activity the bank should anticipate.  

As part of this, the risk assessment will look at the entire AML program – KYC, transaction monitoring, Sanctions, etc - to look at any gaps or deficiencies. This can also include model validation and data governance.  

Block img

Determine what is considered suspicious behavior  

Suspicious behavior is by and large determined by regional regulators, from which many can in turn be found to be based on the FATF 40 recommendations. Regulators will task institutions with having policies in place to look for activity that is consistent with various criminal acts via ‘red flags’. These red flags are specific transaction types or movement of funds that could be indicative of certain predicate criminal activity.  

Block img

Create transaction monitoring rules and alerts

Taking the red flags mentioned above, traditional transaction monitoring solutions have rules that will look for a specific, or series of, transactions that fit within a certain time period and meet a monetary threshold. These rules can be simple or complex with many ‘and/or’ factors added to them. Often these rules are a one size fits all to an institution's larger book of business and may result in a high rate of false positives. However, by looking at the overall context of activity and allowing for granular scoring with entity and transactional types can a higher rate of productive alerts be generated.  

Solutions are used to automate the task of reviewing transactional activity that takes place within certain thresholds over a period of time. These thresholds are the basis for rules or scenarios deployed by institutions that are indicative of suspicious behavior associated with concealing the source of illicit funds. The identified activity is then flagged via an alert which in turn is reviewed during an investigation to confirm whether the activity is suspicious or not.  

Why is transaction monitoring necessary?  

Transaction monitoring is pivotal part of financial risk management that requires keeping a check on the transactions that occur within a financial system. The goal of this process is to recognize suspicious patterns, comply with regulatory requirements and mitigate potential risks. As the primary line of defense against financial crimes such as money laundering, fraud, and terrorist financing, transaction monitoring plays a critical role in protecting the integrity of financial institutions.

Transaction Monitoring stats

Why is transaction monitoring essential for AML regulatory compliance?

Financial institutions are required by regulators across the globe to have systems in place to monitor and detect activity that is consistent with money laundering. Their purpose is to identify and prevent money laundering from entering legitimate financial systems. This keeps these systems stable in a world where it’s easier than ever to move money between accounts and countries.  In doing so, institutions help safeguard the exploitation of the financial system by criminals, making it harder for them to profit from their illegal schemes. 

Intelligence-led Investigations

Reduce false positives. Automate and augment investigations and visualize hidden connections. Lower the cost of compliance with more confidence in your coverage.
Intelligence-led Investigations

What are examples of AML transaction monitoring systems?

Transaction monitoring solutions span across multiple different lines of business and industries. Insurance, casinos, banking and across specialized occupations such as lawyers, accountants and jewelers. All must adhere to regulations related to monitoring for suspicious transactional patterns. These solutions will look for unexpected activities such as a large volume of cash deposits into an account, or the movement of money in and out of the country for no legitimate business purposes.   

What are the challenges of transaction monitoring? 

icon
Rules engines

The regulatory landscape for KYC has evolved, with updates to existing regulations and the introduction of new standards. Organizations like the Financial Action Task Force (FATF) have influenced global KYC standards, encouraging a risk-based approach and emphasizing the importance of beneficial ownership disclosure.

icon
Behavior profiling

Sudden changes in behavior or lifestyle changes can impact what is anticipated and result in a spike in false positive alerts.

icon
Machine learning

Degradation of models over time can go unnoticed and cause gaps in monitoring.

icon
RPA vendors

Difficulties integrating with legacy solutions and supporting the maintenance of various vendors and solutions in place simultaneously.

How to improve transaction monitoring

Relatively little has changed in the way transaction monitoring has worked over the past 20 years. Rules that were created and built into the first few releases of the industry AML solutions are largely still in place and widely used by many institutions today. While some rules, like those designed to identify structuring are effective, others were much less so, creating high rates of false positives.  

Advancements in transaction monitoring have made it possible to detect patterns of behavior more closely with activity related to specific predicate criminal offenses. This approach removes the need to translate individual transactions into suspicious behaviour by the investigator. Instead, by leveraging both Entity Resolution and Graph Analytics in the monitoring process, a consolidated view of entities and their relationships provides a foundation for a more complete understanding of behaviour.  By connecting parties through relationships, the associated transactional data brings clarity in identifying where transactions originated and where the funds were sent to easily follow the flow of money. Once the network view is generated, layering over typology driven detections generate optimized alerts giving insights into the conductors, volume of activity and direct link to the suspected crime that no other detection method does today. If done correctly, the results could mean a vast reduction in time and effort spent triaging alerts and shifting the focus to the investigation process. 

What makes a good transaction monitoring system?

Those who effectively monitor internal and external data beyond a single transaction to understand the wider network of potential relationships. 

Effective transaction monitoring solutions consider the historical patterns of activity for an entity – either a customer or non-customer – to determine if the activity they conduct can be tied to an illicit event. Solutions need to look at not only the transactions that are conducted but the changes in volume and value over time, where the activity took place and to whom the entities are connected. For instance, is the subject of an investigation conducting activity at the behest of someone else who does not have access to the financial system? Are they trying to hide the source of funds? Where is the money coming from and where is it going?  

As part of identifying risky behavior, a good transaction monitoring solution should also be flexible in how monitoring and detection take place. Every changing regulatory expectation and shift in global political climates can necessitate the need to update or change their coverage. Additionally, there is an expectation to review and update existing scenarios periodically as well to ensure their efficacy and make sure the false positive rate is not increasing over time.  

Quantexa's (New) Contextual Monitoring approach

See full size image here


The diagram on the left represents the traditional approach that most incumbent solutions take to monitoring and detection. These solutions will focus on transactional data, looking for outliers in activity that are consistent with the parameter and thresholds of the existing rules library – therefore identifying activities that only appear to be risky but do not point to any specific criminal activities. Most of these solutions will use the Customer and Account profiles to consolidate alert info at the entity level (based on the pre-established bank profiles). Because these solutions were not designed to consume third party data – negative news, corp. registers, etc. – the enrichment of third party data takes place after the alert has been generated. Doing so at the end puts the emphasis on the analyst to review and make the appropriate decision.  

With the Contextual Monitoring approach employed by Quantexa (right diagram), the third party data is used as an initial stage of the monitoring process to better identify and consolidate entities. These consolidated profiles are then used to create networks seeking out the internal and external risks that are associated with the bank’s customer. Having that foundation allows our scoring models to more accurately assess a customer’s behavior and produce better quality alerts. 

Quantexa's Contextual Monitoring Solution

Discover how Quantexa’s Contextual Monitoring approach is revolutionizing traditional transaction monitoring in this exclusive report by Celent.
Quantexa's Contextual Monitoring Solution

Transaction monitoring FAQs