Financial institutions, iGaming and crypto businesses have to implement transaction monitoring to stay compliant. Today, we’ll talk about the importance of such solutions, their risks, and best practices.
According to a Federal Trade Commission report, fraud-related losses reached $8.8 billion in 2022, with most occurring after the initial onboarding stage. To prevent this, companies need to use transaction monitoring throughout the customer lifecycle.
Transaction monitoring stops money laundering operations by scanning and analyzing financial data, such as deposits, withdrawals, and velocity of transactions. The process is meant to spot trends and discrepancies that may indicate financial crime.
Transaction monitoring seeks to answer the following questions:
To help you answer these questions, we at Sumsub prepared this article. We’ll talk about what transaction monitoring is and how efficient monitoring systems help avoid huge fines.
The simple answer is that any financial institution needs transaction monitoring. This includes, but is not limited to:
In general, any business that falls under AML regulations and deals with client transactions should adopt and implement transaction monitoring.
Anti-Money Laundering (AML) regulations require businesses to monitor transactions and report suspicious ones to authorities. This helps companies confronting shared threats, such as terrorism financing.
|FATF Recommendation 10, transposed into many local AML laws, requires financial institutions to analyze transactions undertaken throughout the course of a business relationship. The goal is to ensure that transactions are consistent with the institution’s knowledge of the customer, including the source of their funds. Transaction monitoring systems—which we explain in more detail below—can help.|
Companies need to follow the regulations when it comes to transaction monitoring. Otherwise, they might face huge financial penalties from the regulators.
Transaction monitoring can be used to detect signs of illegal activities, such as:
To confront the spread of such activities, companies should focus on the following factors when conducting ongoing monitoring:
As the number of digital transactions grows every day, so too does the necessity of transaction monitoring. However, without an automated transaction monitoring solution, checking transactions and finding suspicious patterns would be virtually impossible.
Implementing an automated transaction monitoring solution will allow companies to efficiently monitor unusual financial operations.
Anti-fraud transaction monitoring continuously monitors transactions, detects fraud, and provides regulatory reporting documents to help organizations meet their compliance obligations. It’s done by analyzing user behavior patterns, transaction details, and other signals.
The monitoring process isn’t limited to financial transactions alone. Other events related to the account’s safety are also analyzed, including logins, password recovery, and more. This provides more data points to determine fraud patterns or other suspicious actions. There are solutions that combine all these data points using artificial intelligence trained to spot suspicious behavior patterns and activities.
Companies can avoid losses related to fraud, investigations, legal proceedings, and consumer refunds by establishing comprehensive anti-fraud transaction monitoring.
According to the Guidance for the UK financial sector, there are two approaches to transaction monitoring:
In both cases, the goal of monitoring is to identify unusual activities for further investigation.
The human eye is more prone to missing suspicious transactions, especially when dealing with high volumes. Machines, meanwhile, can work continuously with a lesser chance of leaving suspicious activity unnoticed. However, most automated systems still use basic approaches which can lead to an alarming number of false negatives. Still, AI and ML models get better as they get trained with more data and can establish and flag suspicious patterns in almost real-time.
Companies should be able to conduct real-time monitoring in order to instantly spot suspicious activities and report them to authorities. Another important feature that an efficient monitoring system should have is custom rules, allowing companies to customize the way that AML policies are implemented.
Whether businesses choose to build their own transaction monitoring system, or instead consider a transaction monitoring solution, they should take the following steps before implementing either option:
Apply a risk-based approach. Businesses should carry out formal risk assessment of money laundering, terrorist financing, and other financial crimes. The risks vary based on the business’s products, customers profiles, and the nature and frequency of transactions. Once assessed, these risks should form the foundation of a transaction monitoring system. For example, once a business identifies which types of customers present a higher risk of money laundering, they can set a more frequent and intensive ongoing monitoring of their transactions. Move away from a heuristic rules based approach to a risk-based approach, with AI and ML data ingestion and flagging capability.
Establish internal policies. The second step is to create an appropriate mechanism for the oversight, review, and approval of monitoring processes and parameters. Some of these policies may include:
Determine elements of suspicious behavior. Each company establishes red flags that signify suspicious behavior. These red flags depend on the size and nature of each company. Transaction monitoring solutions, therefore, should have the technical ability to such flags and timely notify staff members.
After establishing internal policies, companies will be able to define which transaction monitoring solution is more suitable.
Companies change over time and so should their transaction monitoring tools. So, if a company feels comfortable using a manual approach at first, they may switch to an automated solution after experiencing growth.
Customer risk assessments analyze information collected during onboarding to assign a particular risk level to the customer. These risk levels can be based on country of origin (low, medium, and high-risk countries, for example) or any other factor relevant to the company—for instance, age, nature and intended purpose of the business relationship, etc.
Based on these risk assessments, companies then determine the type of Customer Due Diligence that should be applied. If risk is determined to be low, Simplified Due Diligence (SDD) can be applied. If higher risk is assessed, Enhanced Due Diligence (EDD) may be required, which means asking for additional information or documents during onboarding or conducting transactions, such as source of funds or wealth, etc.
CDD consists of the following measures:
Criminals are constantly coming up with new threats, which means that companies need to keep up the tempo. Here are some of the current pitfalls of transaction monitoring:
While it’s impossible to solve all of these problems, choosing an efficient transaction monitoring solution provider can ease up the burden and maximize the potential of the system.
Automated transactions monitor user actions in real-time, which saves company resources. Meanwhile, only some suspicious cases are assigned to the compliance team. Sometimes, a combination of both is necessary, especially in firms with a high volume of transactions.
|Based on the Guidance for the UK financial sector, monitoring systems must:|
Flag unusual transactions and/or activities for further examinationPromptly submit such cases for review by the right person(s)Take appropriate action on the findings of any further examination
If failing to perform transaction monitoring, companies risk being penalized by authorities, in addition to proliferating illegal activity. Therefore, when choosing a transaction monitoring provider, companies should have a set of requirements that would fit them.
To choose a suitable transaction monitoring solution, businesses may ask providers the following questions:
This isn’t the complete list of questions, as each list will be unique for a company. However, it provides an understanding of what a company should look for when choosing a transaction monitoring provider.
Transaction monitoring solutions allow users to see detailed information for each transaction, the rules or risk factors are used to calculate the risk score, and report the transaction if necessary. To maximize the benefits and minimize the cost of transaction monitoring tools, companies can look for the following features in the solutions.
Suitability for your business. Choose a solution that suits your risk-based approach and fits different types of customers and transactions.
Ease of integration. Look for solutions that are easy to set up. These can be solutions with no-code rules settings or those that provide technical support for integration, etc. For example, Sumsub’s solution can be fully integrated in 3-4 weeks.
Firms are obligated to file suspicious activity reports when illegal activity has taken place or when suspicious activity has met the relevant reporting threshold (which varies from country to country). A quick and easy suspicious activity reporting tool is a must-have. This makes it easier to inform regulators about risky activities indicative of money laundering, tax evasion, fraud, and other financial crimes.
Businesses can also consider using one provider for the entire customer lifecycle, from the onboarding stage to transaction monitoring and reporting. This improves customer management, enabling the company to detect bad actors while improving the user experience for good ones.
It is prohibited to inform anyone involved in a flagged transaction that a Suspicious Activity Report (SAR) has been filed. SARs must only be provided to law enforcement when required. If an employee suspects money laundering, AML violations, or a suspicious transaction, they should report it to their manager or AML compliance officer. If a SAR is deemed necessary, it must be kept for a specific number of years along with any supporting documentation. Sumsub will soon provide customers with the ability to automate SAR filing in a few clicks on the dashboard.
Suggested read: The Complete Guide to Suspicious Activity Reporting
Any regulated business is obligated to have transaction monitoring in place. The best solutions ensure that monitoring is integral to the entire verification flow, meaning that user, business, and transaction verification are connected. This way, you can use every single available data point to assess users, risks, and suspicious patterns. The structure of a transaction monitoring solution typically consists of the following steps:
To confront the spread of illegal activities, companies should focus on the following factors when conducting ongoing monitoring:
Transaction monitoring is an ongoing security process that helps companies detect suspicious transactions. Transaction monitoring software spots unusual patterns and reviews dubious transfers and transactions made in digital or fiat currencies.