Aug 18, 2023
7 min read

The Complete Guide to Transaction Monitoring

Financial institutions, iGaming and crypto businesses have to implement transaction monitoring to stay compliant. Today, we’ll talk about the importance of such solutions, their risks, and best practices.

According to a Federal Trade Commission report, fraud-related losses reached $8.8 billion in 2022, with most occurring after the initial onboarding stage. To prevent this, companies need to use transaction monitoring throughout the customer lifecycle.

Transaction monitoring stops money laundering operations by scanning and analyzing financial data, such as deposits, withdrawals, and velocity of transactions. The process is meant to spot trends and discrepancies that may indicate financial crime.

Transaction monitoring seeks to answer the following questions:

  • Where is money coming from? 
  • Is that a legit originator or source? 
  • Where is the money going? 
  • Is that a legit beneficiary? 
  • Are there suspicious patterns in the overall transaction process? 

To help you answer these questions, we at Sumsub prepared this article. We’ll talk about what transaction monitoring is and how efficient monitoring systems help avoid huge fines.

Who needs transaction monitoring

The simple answer is that any financial institution needs transaction monitoring. This includes, but is not limited to:

  • Banks (Challenger, Neo and Traditional banks)
  • Money lending services (B2B and B2C)
  • Investment firms
  • Transfer companies
  • FinTech companies
  • Crypto exchanges
  • Brokerage firms
  • InsurTech
  • Real estate agents

In general, any business that falls under AML regulations and deals with client transactions should adopt and implement transaction monitoring.

Importance of AML transaction monitoring

Assisting the economy in battling shared threats 

Anti-Money Laundering (AML) regulations require businesses to monitor transactions and report suspicious ones to authorities. This helps companies confronting shared threats, such as terrorism financing.

FATF Recommendation 10, transposed into many local AML laws, requires financial institutions to analyze transactions undertaken throughout the course of a business relationship. The goal is to ensure that transactions are consistent with the institution’s knowledge of the customer, including the source of their funds. Transaction monitoring systems—which we explain in more detail below—can help. 

Compliance with Legal Requirements and Avoiding Fines

Companies need to follow the regulations when it comes to transaction monitoring. Otherwise, they might face huge financial penalties from the regulators. 

Transaction monitoring can be used to detect signs of illegal activities, such as:

  • Money laundering
  • Terrorist financing
  • Fraud (e.g., false insurance claims, chargebacks)
  • Identity theft
  • Drug trafficking
  • Corruption
  • Bribery

To confront the spread of such activities, companies should focus on the following factors when conducting ongoing monitoring:

  • Unusual transaction amounts
  • Unusual series of transactions (e.g., a number of cash credits)
  • Unusual geographic destination or origin of a payment
  • Known threats or typologies

As the number of digital transactions grows every day, so too does the necessity of transaction monitoring. However, without an automated transaction monitoring solution, checking transactions and finding suspicious patterns would be virtually impossible. 

Implementing an automated transaction monitoring solution will allow companies to efficiently monitor unusual financial operations.


Anti-fraud transaction monitoring continuously monitors transactions, detects fraud, and provides regulatory reporting documents to help organizations meet their compliance obligations. It’s done by analyzing user behavior patterns, transaction details, and other signals. 

The monitoring process isn’t limited to financial transactions alone. Other events related to the account’s safety are also analyzed, including logins, password recovery, and more. This provides more data points to determine fraud patterns or other suspicious actions. There are solutions that combine all these data points using artificial intelligence trained to spot suspicious behavior patterns and activities.

Companies can avoid losses related to fraud, investigations, legal proceedings, and consumer refunds by establishing comprehensive anti-fraud transaction monitoring. 

AML transaction monitoring process and regulatory requirements

Batch vs. real-time monitoring

According to the Guidance for the UK financial sector, there are two approaches to transaction monitoring:

  • In real time, which means that monitoring occurs as the transaction takes place, which reduces the risk of breaching sanctions
  • After the transaction takes place (also known as batch or post-transaction monitoring), which can be useful for identifying patterns and trends of criminal activities

In both cases, the goal of monitoring is to identify unusual activities for further investigation.

Utilizing AI to enhance rule-based systems

The human eye is more prone to missing suspicious transactions, especially when dealing with high volumes. Machines, meanwhile, can work continuously with a lesser chance of leaving suspicious activity unnoticed. However, most automated systems still use basic approaches which can lead to an alarming number of false negatives. Still, AI and ML models get better as they get trained with more data and can establish and flag suspicious patterns in almost real-time.

The importance of real-time monitoring and custom rules

Companies should be able to conduct real-time monitoring in order to instantly spot suspicious activities and report them to authorities. Another important feature that an efficient monitoring system should have is custom rules, allowing companies to customize the way that AML policies are implemented.

Setting up AML transaction monitoring process

Steps in establishing an effective AML transaction monitoring process

Whether businesses choose to build their own transaction monitoring system, or instead consider a transaction monitoring solution, they should take the following steps before implementing either option: 

Apply a risk-based approach. Businesses should carry out formal risk assessment of money laundering, terrorist financing, and other financial crimes. The risks vary based on the business’s products, customers profiles, and the nature and frequency of transactions. Once assessed, these risks should form the foundation of a transaction monitoring system. For example, once a business identifies which types of customers present a higher risk of money laundering, they can set a more frequent and intensive ongoing monitoring of their transactions. Move away from a heuristic rules based approach to a risk-based approach, with AI and ML data ingestion and flagging capability.

Establish internal policies. The second step is to create an appropriate mechanism for the oversight, review, and approval of monitoring processes and parameters. Some of these policies may include:

  • Defining responsibilities for the company’s staff members
  • Measuring the effectiveness and relevance of monitoring arrangements
  • Supporting system changes to address evolving money laundering risks

Determine elements of suspicious behavior. Each company establishes red flags that signify suspicious behavior. These red flags depend on the size and nature of each company. Transaction monitoring solutions, therefore, should have the technical ability to such flags and timely notify staff members.

After establishing internal policies, companies will be able to define which transaction monitoring solution is more suitable.

Companies change over time and so should their transaction monitoring tools. So, if a company feels comfortable using a manual approach at first, they may switch to an automated solution after experiencing growth.

Conducting a comprehensive risk assessment

Customer risk assessments analyze information collected during onboarding to assign a particular risk level to the customer. These risk levels can be based on country of origin (low, medium, and high-risk countries, for example) or any other factor relevant to the company—for instance, age, nature and intended purpose of the business relationship, etc. 

Based on these risk assessments, companies then determine the type of Customer Due Diligence that should be applied. If risk is determined to be low, Simplified Due Diligence (SDD) can be applied. If higher risk is assessed, Enhanced Due Diligence (EDD) may be required, which means asking for additional information or documents during onboarding or conducting transactions, such as source of funds or wealth, etc. 

CDD consists of the following measures:

  • Customer identification and verification
  • Identification and verification of the beneficial owner (when working with businesses)
  • Assessment of the purpose and intended nature of the business relationship
  • Implementation of ongoing monitoring (keeping information and documentation up to date)

Automated AML transaction monitoring

Transaction monitoring challenges

Criminals are constantly coming up with new threats, which means that companies need to keep up the tempo. Here are some of the current pitfalls of transaction monitoring:

  • Too many false positives
  • More regulations lead to complex rules
  • Balancing between strong protection and conversion rates
  • Combining different vendors into one system 
  • Poor casework delegation and low quality inspection tools, leading to missed cases, incorrect decisions, and wasted time.

While it’s impossible to solve all of these problems, choosing an efficient transaction monitoring solution provider can ease up the burden and maximize the potential of the system.

Automation for handling large transaction volumes

Automated transactions monitor user actions in real-time, which saves company resources. Meanwhile, only some suspicious cases are assigned to the compliance team. Sometimes, a combination of both is necessary, especially in firms with a high volume of transactions.

Internal logic and rules for automated monitoring

Based on the Guidance for the UK financial sector, monitoring systems must:
Flag unusual transactions and/or activities for further examinationPromptly submit such cases for review by the right person(s)Take appropriate action on the findings of any further examination

If failing to perform transaction monitoring, companies risk being penalized by authorities, in addition to proliferating illegal activity. Therefore, when choosing a transaction monitoring provider, companies should have a set of requirements that would fit them.

To choose a suitable transaction monitoring solution, businesses may ask providers the following questions:

  • How does the solution enable companies to implement a risk-based approach to customers and transactions? 
  • What are the money laundering/terrorist financing typologies that the system addresses?
  • How quickly can new typologies be implemented in the system?
  • How can the solution be tested prior to activation in the system?
  • Is the vendor able to cover the entire lifecycle to ensure vendor consolidation? Does the data stay put with as few third-party vendors as possible?

This isn’t the complete list of questions, as each list will be unique for a company. However, it provides an understanding of what a company should look for when choosing a transaction monitoring provider.

Transaction monitoring solutions allow users to see detailed information for each transaction, the rules or risk factors are used to calculate the risk score, and report the transaction if necessary. To maximize the benefits and minimize the cost of transaction monitoring tools, companies can look for the following features in the solutions.

Suitability for your business. Choose a solution that suits your risk-based approach and fits different types of customers and transactions. 

Ease of integration. Look for solutions that are easy to set up. These can be solutions with no-code rules settings or those that provide technical support for integration, etc. For example, Sumsub’s solution can be fully integrated in 3-4 weeks.

Suspicious activity reports

Firms are obligated to file suspicious activity reports when illegal activity has taken place or when suspicious activity has met the relevant reporting threshold (which varies from country to country). A quick and easy suspicious activity reporting tool is a must-have. This makes it easier to inform regulators about risky activities indicative of money laundering, tax evasion, fraud, and other financial crimes. 

Businesses can also consider using one provider for the entire customer lifecycle, from the onboarding stage to transaction monitoring and reporting. This improves customer management, enabling the company to detect bad actors while improving the user experience for good ones.

It is prohibited to inform anyone involved in a flagged transaction that a Suspicious Activity Report (SAR) has been filed. SARs must only be provided to law enforcement when required. If an employee suspects money laundering, AML violations, or a suspicious transaction, they should report it to their manager or AML compliance officer. If a SAR is deemed necessary, it must be kept for a specific number of years along with any supporting documentation. Sumsub will soon provide customers with the ability to automate SAR filing in a few clicks on the dashboard.

Suggested read: The Complete Guide to Suspicious Activity Reporting


  • How does the transaction monitoring process work?

    Any regulated business is obligated to have transaction monitoring in place. The best solutions ensure that monitoring is integral to the entire verification flow, meaning that user, business, and transaction verification are connected. This way, you can use every single available data point to assess users, risks, and suspicious patterns. The structure of a transaction monitoring solution typically consists of the following steps:

    • Transaction data transferring
    • Detecting suspicious activity
    • Reporting

  • What are the red flags of transaction monitoring?

    To confront the spread of illegal activities, companies should focus on the following factors when conducting ongoing monitoring:

    • Unusual transaction amounts
    • Unusual series of transactions (e.g., a number of cash credits)
    • Unusual geographic destination or origin of a payment
    • Known threats or typologies

  • What is the transaction monitoring system in AML?

    Transaction monitoring is an ongoing security process that helps companies detect suspicious transactions. Transaction monitoring software spots unusual patterns and reviews dubious transfers and transactions made in digital or fiat currencies.

See Sumsub in action