Zencos has merged with Executive Information Systems (EIS)
Free Strategy Consultation
Zencos Icon


Contact Us


A 5-part Guide to Improving Your AML Scenarios Today

Financial Crimes

Calvin Crase



Improving Your Scenarios

All financial institutions are required to carry out what is called transaction monitoring. Transaction monitoring refers to the monitoring of customer transactions, which includes assessing historical/current customer information and interactions to provide a complete picture of customer activity to the analyst. This can include transfers, deposits, and withdrawals. The purpose of doing this is to detect potential money-laundering activity.

The process of transaction monitoring results in the creation of alerts. Each of these alerts must then be investigated by an analyst to determine if the behavior is potentially illicit activity (true positive) or a false positive. If it is a true positive, then the bank must submit formal documentation called a suspicious activity report (SAR) against this person or entity.

There are five domains related to transaction monitoring that are most important for being compliant with banking regulations. Improvements in these areas will also increase your operational efficiency and therefore keep costs down.

  1. Scenario Duplication/Productivity
  2. Customer Due Diliegence (CDD)/Know-Your-Customer (KYC)/Enhanced Due Diligence (EDD)/Customer Risk Ranking (CRR)
  3. Watchlist Screening (OFAC)
  4. Emerging Typologies
  5. Entity Resolution

Productivity of Scenarios

Every transaction monitoring scenario that a financial institution has active in their environment must be managed and tuned by a model risk governance team. Every alert that gets generated must be investigated by an analyst. This takes time, technology and effort.

The goal in this context ought then to be to minimize the number of separate scenarios and the extent to which scenarios are monitoring overlapping behavior. This can be accomplished by using a correlation matrix.

An additional consideration is with respect to scenario productivity. Suppose you have a scenario that is over-alerting and none of the alerts are translating into SARs. Your firm should consider whether the behavior being monitored is in fact appropriate. Consider conducting scenario tuning or adjusting the logic in your scenario.

You Need to Adopt and Implement the Following Programs: CDD/KYC/EDD/CRR

It’s useful to think of the follow bullet points as being within a broader CDD framework and as existing within your monitoring and compliance systems:

It’s useful to think of these different bullet points as being within a broader CDD framework and as existing within your monitoring and compliance systems. The banks’ relationship with a customer begins with KYC. This is when certain forms of identification are provided to prove just who the customer is and what their relationship will be to the bank. This information is leveraged to build what is called a ‘risk profile’ for this entity.

Once a person has been on boarded and opened an account, should that account be determined to pose a heightened risk, these accounts should be subjected to enhanced due diligence (EDD).

Customer risk scoring is the result of both the initial on boarding process as well as an ongoing process. These processes will look at each customer and scores them with a value based on how risky this customer is determined to be. It’s required that there be some defensible model in place at financial institution for this customer risk score.

You Should Use Watchlist Screening (OFAC)

Screening your transactions to determine if they involve a person or persons deemed by the US government as needing to be denied or debarred is a necessary task for financial institutions?

You also need to be able to screen your transactions to determine if any of the countries where you customers are engaging in business or transferring money to are on a sanctions list.

Having a dedicated scenario (or a few working together) to flag for these kinds of behaviors is recommended. Typically any amount of activity or any kind of activity that would be in violation of this you would want to generate an alert. It doesn’t generally make sense to include this with other kinds of logic in your scenarios.

You Need to Stay Up to Date on Emerging Typologies

In the Anti Money Laundering (AML)/Combatting the Financing of Terrorism (CFT) context, the term “typologies” refers to the various techniques used to launder money or finance terrorism according to the International Monetary Fund. As compliance divisions at financial institution build more robust compliance divisions, money launderers are forced to use increasingly complex mechanisms to launder funds.

One way to stay up to date on emerging typologies is to keep abreast to reports published by the FinCEN and the Financial Action Task Force, which frequently issue reports on typologies. Another method is to tailor an approach using unsupervised and supervised machine learning techniques to assess how different behaviors may become positively associated with potentially illicit activity that your scenarios are not currently monitoring.

You Should Be Using Entity Resolution

Entity resolution is important for detecting money laundering because often individuals who are attempting to launder money will go to great lengths to conceal their identity. They may spell their name differently, use relatives’ names, and change addresses as well as other methods. Entity resolution is an invaluable component of the KYC process. Entity resolution also streamlines processes facilitating banks to share data with other banks without handing over secure customer data. Sharing this knowledge in a secure way with other banks allows both institutions to cross-reference to determine if there is critical overlap or differences with customers or other information when conducting investigations.

Additionally, entity resolution can prevent an entity from alerting several times on either the same or different scenarios. If a financial institution has an ineffective entity resolution system, then that means an individual could be present in their system several times. When monitoring transactions you could have increased alerts being generated in addition to potentially hampering investigations with lost data points when determining to submit a SAR.

While the five points discussed above are not necessarily exhaustive if you follow them you stand a much greater likelihood of lowering costs associated to compliance due to increased productivity and efficiency among analysts.