From defective, to detection: How to improve your account and transaction monitoring systems

The detection of suspicious activity through effective account and transaction monitoring (AM/TM) systems is a key control in achieving the legal requirements to manage money laundering and terrorism financing (ML/TF) risk.

Reporting entities face several common challenges in the design and ongoing maintenance of AM/TM systems, including the ability to analyse complex data and operational inefficiencies created through large volumes of false positive transaction alerts. Throw in the risk of enforcement action for account and transaction monitoring control weaknesses and there has never been more pressure for reporting entities - especially financial institutions - to get this right.

Here are some practical solutions to each of the common challenges.

Maintaining an effective account and transaction monitoring system

Ensuring transaction scenarios and thresholds are appropriately calibrated on an ongoing basis is particularly challenging. This is compounded by the scarcity of employees with the necessary technical data management and analytical skills required to conduct effective assessments and refinements of systems.

Data accuracy and completeness is a crucial part of the ongoing effectiveness of account and transaction monitoring. This includes the interaction with upstream and downstream applications, including core banking platforms, case management systems and management information systems.

Put simply - have you assessed that all applicable products and services are finding their way to the appropriate system rules and scenarios? Is there accurate and complete information contained within reports that will be extracted for reporting purposes?

Developing a strong AML/CFT culture

The best controls and processes are only as good as the mindset of the employees who are charged with executing them appropriately. Reporting entities need to constantly train, monitor, identify weaknesses, remediate, reinforce protocols, and re-monitor to raise risk awareness and develop a strong AML/CFT culture.

A practical means of achieving this can be through an effective, independent, quality assurance (QA) programme supporting the first line of defence. For a QA programme to be effective, it should be sufficiently independent, and have appropriate reporting lines to escalate issues. It should also be risk-focused, varying the frequency and intensity of monitoring to the level of risk identified and the organisation’s risk appetite. This allows timely identification of weaknesses, proper understanding of cause (e.g. lack of training, process failure, individual error), and effective remediation.

A mature QA loop can promote the desired AML/CFT mindset and ethical standards among employees. While more resources may be required in the initial phase to change existing processes and mindsets, constant feedback, senior management attention and focus on high-risk areas should eventually mature to significant exception-based reporting, enhancing the continuous improvement of the account and transaction monitoring framework.

Outsourcing

Good governance and strong oversight of any outsourced function is required to ensure that an outsourced service provider (OSP) performs the service to the standards required by the reporting entity's policies and procedures.

Selecting an OSP to be involved in any aspect of the AM/TM system should have a strong emphasis on the OSP’s entity-level controls, information technology and service level controls. Prior to outsourcing, it is critical that the reporting entity has developed well-calibrated risk-based scenarios that are tailored for its purposes, and can be used in an OSP’s system, rather than using only  ‘off the shelf’ or generic sets of rules.

Strong policies and procedures on the handling of alerts should be documented, as well as a QA programme that is capable of identifying any weaknesses in the functions being outsourced. An effective management reporting framework should be established to provide senior management with effective oversight of the outsourced function.

With robust controls and governance, outsourcing has the potential to bring about material cost reductions, increased efficiency and more effective identification of suspicious activity. Most importantly, it can free up the highly skilled and often scarce financial crime and compliance people resources, enabling them to focus on higher-risk transactions and activities.

Effective investigations

Another common challenge is ensuring the quality, accuracy and consistency of the handling of alerts generated from AM/TM systems. The need for a properly defined, documented and consistent investigative process to resolve alerts would seem self-evident, but it is surprising how often the need to invest in both their capability and capacity in this area is overlooked or ‘not prioritised’.

As a starting point, reporting entities should ensure that staff involved in the review of account and transaction monitoring alerts are adequately skilled and experienced to identify and assess suspicious activity and make appropriate decisions for escalation or reporting.

To enable this it is useful to  specify a list of minimum standards required when investigating an alert, such as requiring the analyst to document their comparison of triggered transactions against the expected activity identified in the KYC profile. An analyst’s documentation of their investigation should also address the ML/TF typology triggered: a well mapped and risk-based calibrated AM/TM system will allow the analyst to target the typology that the triggered scenario(s) is designed to pick up.

With minimum standards of investigation established, reporting entities may consider implementing scorecards to gauge the completeness and accuracy of investigations conducted on each alert. Detailed management information and trend analysis on these scorecards can measure quality at an individual or functional level, inform targeted training needs by individual or topic and measure the effectiveness of any training delivered.

Effective senior management oversight

The reporting and escalation of significant risk matters to senior management is essential, including reporting account and transaction monitoring statistics on the quality and timeliness of alerts, such as ageing statistics with pre-determined risk levels.

By way of example, where management’s risk appetite for the clearance of alerts is 20 days from the alert generation date, an unresolved alert age of 15-19 days may not yet be an operational failure, but will represent an increased risk of exceeding the predetermined 20 days, and hence pre-determined risk appetite.

An effective management reporting framework will provide senior management with timely and actionable information, allowing proactive adjustments to be made before risks become issues and ensuring that senior management comply with their obligations under the Act. It will also assist in the development of a strong AML/CFT culture across the financial institution and ensure that the AM/TM system is not a ‘set and forget’ process.  

In summary:

Significant regulatory scrutiny and the ever-increasing sophistication of criminal techniques used to facilitate financial crimes, creates additional pressures on reporting entities to maintain and enhance AM/TM systems in order to prevent, detect and report suspicious activity as it occurs. An effective, end-to-end account and transaction monitoring framework is vital in achieving this.

A comprehensive, end-to-end approach that uplifts systems and technology but also promotes the better use of resource time are all crucial parts in the overall effectiveness of any AM/TM system.

Contact us

Stephen Drain

Partner, Auckland, PwC New Zealand

+64 21 196 2500

Email

Michael Leightley

Director, Auckland, PwC New Zealand

+64 21 262 9727

Email

Follow us