Transaction Monitoring Rules – Best Practice Guide

What is Transaction Monitoring?

Transaction monitoring is the continuous monitoring of customer transactions for suspicious activity. This includes the monitoring of transfers, deposits, and withdrawals.

Transaction monitoring is thus a part of the anti-money laundering and counter-terrorist financing controls to be carried out.

What are Transaction Monitoring Rules?

Rules play a major role in transaction monitoring. They can be used to determine whether a transaction should be proceeded with or flagged for more in-depth review by an AML analyst and other compliance professionals.

In general, rule-based monitoring compares customer activity against fixed thresholds or patterns to determine if it is unusual.

The basic logic is: If condition A or B applies to this transaction/account, then issue an alert to the compliance officer for review.

Transaction Monitoring Rules Examples

High Risk Countries

This rule refers to high-risk jurisdictions that are countries with significant strategic deficiencies in their anti-money laundering and counter-terrorist financing regulations/measures.

Thus, a AML rules could be:

• Alert on all transactions over $20,000 coming from a high risk country.
• Alert on all accounts that transact more than $60,000 in one week.

Unusually High Transactions

This rule identifies parties with unusually high payment transaction volumes. This rule is appropriate for a peer-to-peer payment network where funds may be withdrawn to an external account.

High increase in total transaction volume

This rule describes a significant increase in the value of outgoing transactions compared to the last average. It looks for recently operating parties whose transaction value is significantly higher than the 7-day moving average.

Suspicious Activity

This rule defines actions that deviate from the person’s standard behavior. This could indicate an account takeover or an externally influenced transaction.

Examples are:

• Alert on an account with < $300 in the account at the beginning and end of the day but that transacts over $50,000 during the day.
• Alert on a business that repeatedly transacts > $30,000 in a 4-hour window.

Profile Change Before Large Amount Transaction

This rule triggers an alert when a customer changes their personal information just before a large transaction. This could indicate an account takeover or possible “layering” activity to disguise the path of funds.

High transactions from a new user

This rule refers to a high volume of transactions from new users. Merchants find that a high percentage of their activity comes from new accounts, which is a potential warning sign of money laundering or traditional fraud.

Thus, AML rules could be:

• Alert on an account that has only existed for 2 days but has already transacted a total of $50,000.
• Alert on an transaction that is the first one of a new account and is higher than $15,000.

What should be considered while creating AML Monitoring Rules?

Rules may sound relatively simple, but there is a lot to consider. We have compiled the most important aspects below.

Storytelling

Stories are a great technique for writing rules. That’s because they help them understand, in simple language, exactly the kind of behavior you’re looking for.

Thus, try to think in terms of human behavior rather than convoluted conditions.

Accurate and yet simplified Transaction Monitoring Rules

The rules should generate as few false positive warnings as possible. In other words, identify as few transactions as possible as warnings that are not actually warnings. For this, it is important that the rules are precisely defined.

Here is a simple example: If every transaction from an account in a high-risk country is flagged because there might be a money laundering threat behind it, you would get an unimaginably long list of cases. All transactions from the countries. But if you add a second condition, like the threshold amount of $30,000, then the number decreases significantly. The warnings will be minimized to the real risks. After all, a transaction with, say, $5 is most likely not going to carry any risks….

On the other hand, keep the rule simple as well. It’s better to have two separate rules than one rule that covers an overly complex use case.

Understanding the data

It is important to know what data you have available. For example, you cannot implement a rule for high-risk countries if you do not have the countries in your data.

Testing Transaction Monitoring Rules

Rules that have been newly created should first be tested in the test instance. Only then should they be used in the production instance. In other words, only after you have determined that they work during testing. This results in less risk that you are responsible for wrong results due to incorrectly defined rules.

Updating Transaction Monitoring Rules

Care must be taken to ensure that the rules are always up to date. The rules may need to be updated because there have been changes in regulations or in the typical behavior in money laundering.

It is important to note: The entire compliance department should be aware of the newly added rules.

How to control Transaction Monitoring Rules?

A combination of qualitative and quantitative approaches is required to control the rules for effectiveness and efficiency.

• Regular communication: There should be regular discussion of the planning and development of new rules as well as existing rules. Have observations been made, such as regarding patterns in reported warnings? These might indicate a new rule that makes sense. Or does a rule produce frequent false positives? This may lead to the necessary elimination or adjustment of a rule if it is a general problem.
• False positive rate: As already mentioned, these are the false alerts. It is important to control this performance indicator. Because if the value is high, the rules need to be adjusted. The goal should be to keep the value low.
• Rules statistics: Even simple statistics can provide a lot of insight. For example, looking at the number of alerts generated for each rule and comparing them over a period can tell you whether the rule continues to function correctly. In addition, trend analysis can give reasons to change thresholds or introduce new rules.

How does DX Compliance help with Transaction Monitoring Rules?

DX Compliance is a software-as-a-service (SaaS) and provides a full Real-Time Transaction Monitoring Solution through different combined technologies. DX aims to help achieve regulatory AML compliance by empowering compliance people in AML. We use technology to help complete their workload with greater speed, reduced costs and allowing the people to focus on the tasks at hand and let us take care of the technological solution. For more information, reach out to us here.

DX Compliance Transaction Monitoring Platform provides a no-code rules engine unlimited scenarios that of course can be fully customized and configured and changed anytime. This is so powerful because AML & Compliance professionals can directly change and optimize Transaction Monitoring Rules and typologies anytime. It allows you to create edit or delete rules in a matter of minutes.

How to create a rule in the DX Compliance Transaction Monitoring Solution?

Creating a rule is very easy due to the user-friendly interface. The rule can be quickly named and created in the provided field with operators as help.

For the rules you can then determine how high risk is associated with it. Are people or companies that fall under it low or high risk? You can decide that for yourself.In addition, these rules can be created for certain groups such as Generic, swift, trade, SEPA.

Curious?

Please contact our experts!