Jan 01, 2024
9 min read

The Complete Guide to Transaction Monitoring

Financial institutions, iGaming and crypto businesses have to implement transaction monitoring to stay compliant. Today, we’ll talk about the importance of such solutions, their risks, and best practices.

According to a Federal Trade Commission report, fraud-related losses reached $8.8 billion in 2022, with most occurring after the initial onboarding stage. To prevent this, companies need to use transaction monitoring throughout the customer lifecycle.

Transaction monitoring stops money laundering operations by scanning and analyzing financial data, such as deposits, withdrawals, and velocity of transactions. The process is meant to spot trends and discrepancies that may indicate financial crime.

Transaction monitoring seeks to answer the following questions:

  • Where is money coming from? 
  • Is that a legit originator or source? 
  • Where is the money going? 
  • Is that a legit beneficiary? 
  • Are there suspicious patterns in the overall transaction process? 

To help you answer these questions, we at Sumsub prepared this article. We’ll talk about what transaction monitoring is and how efficient monitoring systems help avoid huge fines.

Who needs transaction monitoring

The simple answer is that any financial institution needs transaction monitoring. This includes, but is not limited to:

  • Banks (Challenger, Neo and Traditional banks)
  • Money lending services (B2B and B2C)
  • Investment firms
  • Transfer companies
  • FinTech companies
  • Crypto exchanges
  • Brokerage firms
  • InsurTech
  • Real estate agents

In general, any business that falls under AML regulations and deals with client transactions should adopt and implement transaction monitoring.

Importance of AML transaction monitoring

Assisting the economy in battling shared threats 

Anti-Money Laundering (AML) regulations require businesses to monitor transactions and report suspicious ones to authorities. This helps companies confronting shared threats, such as terrorism financing.

FATF Recommendation 10, transposed into many local AML laws, requires financial institutions to analyze transactions undertaken throughout the course of a business relationship. The goal is to ensure that transactions are consistent with the institution’s knowledge of the customer, including the source of their funds. Transaction monitoring systems—which we explain in more detail below—can help. 

Companies need to follow the regulations when it comes to transaction monitoring. Otherwise, they might face huge financial penalties from the regulators. 

Transaction monitoring can be used to detect signs of illegal activities, such as:

  • Money laundering
  • Terrorist financing
  • Fraud (e.g., false insurance claims, chargebacks)
  • Identity theft
  • Drug trafficking
  • Corruption
  • Bribery

To confront the spread of such activities, companies should focus on the following factors when conducting ongoing monitoring:

  • Unusual transaction amounts
  • Unusual series of transactions (e.g., a number of cash credits)
  • Unusual geographic destination or origin of a payment
  • Known threats or typologies

As the number of digital transactions grows every day, so too does the necessity of transaction monitoring. However, without an automated transaction monitoring solution, checking transactions and finding suspicious patterns would be virtually impossible. 

Implementing an automated transaction monitoring solution will allow companies to efficiently monitor unusual financial operations.

Anti-Fraud

Anti-fraud transaction monitoring continuously monitors transactions, detects fraud, and provides regulatory reporting documents to help organizations meet their compliance obligations. It’s done by analyzing user behavior patterns, transaction details, and other signals. 

The monitoring process isn’t limited to financial transactions alone. Other events related to the account’s safety are also analyzed, including logins, password recovery, and more. This provides more data points to determine fraud patterns or other suspicious actions. There are solutions that combine all these data points using artificial intelligence trained to spot suspicious behavior patterns and activities.

Companies can avoid losses related to fraud, investigations, legal proceedings, and consumer refunds by establishing comprehensive anti-fraud transaction monitoring. 

AML transaction monitoring process and regulatory requirements

Batch vs. real-time monitoring

According to the Guidance for the UK financial sector, there are two approaches to transaction monitoring:

  • In real time, which means that monitoring occurs as the transaction takes place, which reduces the risk of breaching sanctions
  • After the transaction takes place (also known as batch or post-transaction monitoring), which can be useful for identifying patterns and trends of criminal activities

In both cases, the goal of monitoring is to identify unusual activities for further investigation.

Utilizing AI to enhance rule-based systems

The human eye is more prone to missing suspicious transactions, especially when dealing with high volumes. Machines, meanwhile, can work continuously with a lesser chance of leaving suspicious activity unnoticed. However, most automated systems still use basic approaches which can lead to an alarming number of false negatives. Still, AI and ML models get better as they get trained with more data and can establish and flag suspicious patterns in almost real-time.

The importance of real-time monitoring and custom rules

Companies should be able to conduct real-time monitoring in order to instantly spot suspicious activities and report them to authorities. Another important feature that an efficient monitoring system should have is custom rules, allowing companies to customize the way that AML policies are implemented.

Setting up AML transaction monitoring process

Steps in establishing an effective AML transaction monitoring process

Whether businesses choose to build their own transaction monitoring system, or instead consider a transaction monitoring solution, they should take the following steps before implementing either option: 

Apply a risk-based approach. Businesses should carry out formal risk assessment of money laundering, terrorist financing, and other financial crimes. The risks vary based on the business’s products, customers profiles, and the nature and frequency of transactions. Once assessed, these risks should form the foundation of a transaction monitoring system. For example, once a business identifies which types of customers present a higher risk of money laundering, they can set a more frequent and intensive ongoing monitoring of their transactions. Move away from a heuristic rules based approach to a risk-based approach, with AI and ML data ingestion and flagging capability.

Establish internal policies. The second step is to create an appropriate mechanism for the oversight, review, and approval of monitoring processes and parameters. Some of these policies may include:

  • Defining responsibilities for the company’s staff members
  • Measuring the effectiveness and relevance of monitoring arrangements
  • Supporting system changes to address evolving money laundering risks

Determine elements of suspicious behavior. Each company establishes red flags that signify suspicious behavior. These red flags depend on the size and nature of each company. Transaction monitoring solutions, therefore, should have the technical ability to such flags and timely notify staff members.

After establishing internal policies, companies will be able to define which transaction monitoring solution is more suitable.

Companies change over time and so should their transaction monitoring tools. So, if a company feels comfortable using a manual approach at first, they may switch to an automated solution after experiencing growth.

Conducting a comprehensive risk assessment

Customer risk assessments analyze information collected during onboarding to assign a particular risk level to the customer. These risk levels can be based on country of origin (low, medium, and high-risk countries, for example) or any other factor relevant to the company—for instance, age, nature and intended purpose of the business relationship, etc. 

Based on these risk assessments, companies then determine the type of Customer Due Diligence that should be applied. If risk is determined to be low, Simplified Due Diligence (SDD) can be applied. If higher risk is assessed, Enhanced Due Diligence (EDD) may be required, which means asking for additional information or documents during onboarding or conducting transactions, such as source of funds or wealth, etc. 

CDD consists of the following measures:

  • Customer identification and verification
  • Identification and verification of the beneficial owner (when working with businesses)
  • Assessment of the purpose and intended nature of the business relationship
  • Implementation of ongoing monitoring (keeping information and documentation up to date)

Automated AML transaction monitoring

Transaction monitoring challenges

Criminals are constantly coming up with new threats, which means that companies need to keep up the tempo. Here are some of the current pitfalls of transaction monitoring:

  • Too many false positives
  • More regulations lead to complex rules
  • Balancing between strong protection and conversion rates
  • Combining different vendors into one system 
  • Poor casework delegation and low quality inspection tools, leading to missed cases, incorrect decisions, and wasted time.

While it’s impossible to solve all of these problems, choosing an efficient transaction monitoring solution provider can ease up the burden and maximize the potential of the system.

Automation for handling large transaction volumes

Automated transactions monitor user actions in real-time, which saves company resources. Meanwhile, only some suspicious cases are assigned to the compliance team. Sometimes, a combination of both is necessary, especially in firms with a high volume of transactions.

Internal logic and rules for automated monitoring

Based on the Guidance for the UK financial sector, monitoring systems must:
Flag unusual transactions and/or activities for further examinationPromptly submit such cases for review by the right person(s)Take appropriate action on the findings of any further examination

If failing to perform transaction monitoring, companies risk being penalized by authorities, in addition to proliferating illegal activity. Therefore, when choosing a transaction monitoring provider, companies should have a set of requirements that would fit them.

To choose a suitable transaction monitoring solution, businesses may ask providers the following questions:

  • How does the solution enable companies to implement a risk-based approach to customers and transactions? 
  • What are the money laundering/terrorist financing typologies that the system addresses?
  • How quickly can new typologies be implemented in the system?
  • How can the solution be tested prior to activation in the system?
  • Is the vendor able to cover the entire lifecycle to ensure vendor consolidation? Does the data stay put with as few third-party vendors as possible?

This isn’t the complete list of questions, as each list will be unique for a company. However, it provides an understanding of what a company should look for when choosing a transaction monitoring provider.

Transaction monitoring solutions allow users to see detailed information for each transaction, the rules or risk factors are used to calculate the risk score, and report the transaction if necessary. To maximize the benefits and minimize the cost of transaction monitoring tools, companies can look for the following features in the solutions.

Suitability for your business. Choose a solution that suits your risk-based approach and fits different types of customers and transactions. 

Ease of integration. Look for solutions that are easy to set up. These can be solutions with no-code rules settings or those that provide technical support for integration, etc. For example, Sumsub’s solution can be fully integrated in 3-4 weeks.

The impact of transaction monitoring on revenue

Countries keep implementing stricter rules, making transaction monitoring mandatory for many businesses. As a result, companies start spending a bigger chunk of their revenue on transaction monitoring. In 2022 alone, the global transaction monitoring market was worth $8.4 billion, and experts believe that the number will grow up to $34 billion by the end of this year. 

While transaction monitoring expenses increase, so are the financial penalties for non-compliance. Banks and other financial institutions were fined almost $5 billion in 2022, highlighting the importance of compliance with regulations in preventing fines and fraud. 

Advanced Transaction Monitoring Masterclass

How do you stay ahead in a world where professional crime syndicates can bypass every system, process, and countermeasure designed to keep financial transactions legitimate?

Sumsub answers this question with an exclusive course led by industry experts, so you can equip yourself with the advanced tactics required to achieve AML and anti-fraud excellence. The course begins on Feb 20, 2024. RSVP your seat today.

Case management

To maximize the benefits of transaction monitoring, companies need to ensure they can pay more attention to specific users. 

That’s why we recommend a solution with the following functionality:

  • Analytics
  • Casework login
  • Scalability

To learn more about the specifics of transaction monitoring in the EU and the UK, download our 2023 guide.

Suspicious activity reports

Firms are obligated to file suspicious activity reports when illegal activity has taken place (or when suspicious activity has met the relevant reporting threshold, which varies from country to country). Therefore, a quick and easy suspicious activity reporting tool is a must-have. This makes it easier to inform regulators about risky activities indicative of money laundering, tax evasion, fraud, and other financial crimes. 

Businesses can also consider using one provider for the entire customer lifecycle, from the onboarding stage to transaction monitoring and reporting. This improves customer management, enabling the company to detect bad actors while improving the user experience for good ones.

It is prohibited to inform anyone involved in a flagged transaction that a Suspicious Activity Report (SAR) has been filed. SARs must only be provided to law enforcement when required. If an employee suspects money laundering, AML violations, or a suspicious transaction, they should report it to their manager or AML compliance officer. If a SAR is deemed necessary, it must be kept for a specific number of years along with any supporting documentation. Sumsub will soon provide customers with the ability to automate SAR filing in a few clicks on the dashboard.

Internal logic and rules for automated monitoring

Based on the Guidance for the UK Financial Sector, monitoring systems must:

  • Flag unusual transactions and/or activities for further examination
  • Promptly submit such cases for review by the right person(s)
  • Take appropriate action on the findings of any further examination

If they fail to perform transaction monitoring, companies risk penalization by authorities and the proliferation of illegal activity. 

To choose a suitable transaction monitoring solution, businesses may ask providers the following questions:

  • How does the solution enable companies to implement a risk-based approach to customers and transactions? 
  • What are the money laundering/terrorist financing typologies that the system addresses?
  • How quickly can new typologies be implemented in the system?
  • How can the solution be tested prior to activation in the system?
  • Is the vendor able to cover the entire lifecycle to ensure vendor consolidation? Is the data passed to as few third-party vendors as possible?

This isn’t a complete list of questions, but a good place to start. 

To maximize the benefits and minimize the cost of transaction monitoring tools, companies are recommended to look for the following features.

Checklist: how to choose a transaction monitoring solution

When it comes to picking the right transaction monitoring vendor, the best solution has every check you need available in one flow. Below are features that set apart highly effective verification platforms from the rest:

One solution for the entire customer lifecycle

Choose a platform that combines user, business, and transaction monitoring to increase team efficiency, as well as reduce costs and time spent managing multiple providers.

Case management

User-friendly case management capabilities will spur collaboration among team members, including assigning cases, leaving comments, and logging all actions.

Compliance and risk management tools

Onboarding, monitoring, case management, investigation, and reporting capabilities should be available. There will be a moment when reporting is necessary and it’s best to have everything ready by then.


Rules based on historical data

Advanced rule creation based on historical data will help you create complex rules and mix multiple rules together. This way, you can improve fraud protection significantly.

Real-time and post-transaction monitoring

Both monitoring modes help detect fraud and uncover suspicious patterns easily.

Quick integration

Fast integration, no-code rule customization, and rule templates save time and help you screen users faster. A dry-run mode for rule testing on historical data will help you see how screening works before starting live monitoring.

Industry expertise

A provider’s learned expertise will help approach tough situations and jurisdictions effectively.

If companies don’t monitor transactions, they run the risk of money laundering, fraud, and other crime occurring on their platforms. That’s why governments have been tightening their AML regulations.

Download our report to learn more about regulations concerning transaction monitoring, how to build a proper flow, and why Sumsub would be your best solution.

Download the report

FAQ

  • How does the transaction monitoring process work?

    Any regulated business is obligated to have transaction monitoring in place. The best solutions ensure that monitoring is integral to the entire verification flow, meaning that user, business, and transaction verification are connected. This way, you can use every single available data point to assess users, risks, and suspicious patterns. The structure of a transaction monitoring solution typically consists of the following steps:

    • Transaction data transferring
    • Detecting suspicious activity
    • Reporting

  • What are the red flags of transaction monitoring?

    To confront the spread of illegal activities, companies should focus on the following factors when conducting ongoing monitoring:

    • Unusual transaction amounts
    • Unusual series of transactions (e.g., a number of cash credits)
    • Unusual geographic destination or origin of a payment
    • Known threats or typologies

  • What is the transaction monitoring system in AML?

    Transaction monitoring is an ongoing security process that helps companies detect suspicious transactions. Transaction monitoring software spots unusual patterns and reviews dubious transfers and transactions made in digital or fiat currencies.

Subscribe to continue reading

Enter your email address to get access to the full article

By providing your email you consent to receiving our newsletter. For further information please see ourPrivacy Notice

AIAMLAutomationFinancial InstitutionsFraud PreventionReportingRisk-Based ApproachSuspicious ActivityTransaction MonitoringVideo