AML Transaction Monitoring False Positive Alarms

Nowadays, companies are subject to some AML compliance laws to reduce money laundering activities. Companies pay fines if these laws are not followed. More and more companies are using financial technologies such as Transaction Monitoring to monitor their customers' possible money laundering and terrorist financing activities and to comply with AML laws.


What Are Positive False Alarms?


AML Transaction monitoring is software that monitors financial transactions to identify potential money laundering practices. Transaction monitoring systems can increase a financial institution's ability to detect suspicious activity faster and more effectively. In financial transactions, Transaction Monitoring marks the transaction or group of transactions as a warning when any customer performs a possible transaction, and these alarms should be considered for further investigation. Not all suspicious alerts created by Transaction Monitoring may be actual risk alarms. These alarms are called False Positive Alarms. A human researcher should then review each alarm. Suspicious Activity Report (SAR) files are generated for these alerts, but creating a SAR report for False Positive Alarms is unnecessary, so False Positive is an inefficient alert for financial institutions.


Here's an example to understand False Positives: If a customer makes cash withdrawals at the same or multiple branches per day, AML transaction monitoring systems view this activity as a possible cash withdrawal and alert financial institutions with various alarms. This activity seems suspicious and potentially illegal, but it may not be the case. Transaction Monitoring reports this behavior as suspicious behavior, but it becomes a False Positive Alarms if that is not the case. If high-risk behavior occurs in these activities, a SAR file will be created for this customer.


What Does SAR Mean?


As mentioned above, the Suspicious Activity Report (SAR) is created when Transaction Monitoring detects high-risk behavior. Every customer with risky activity will be reviewed frequently. If the transaction that seems suspicious has repeated more than once, financial institutions may break the relationship with such customers. More than one SAR is created for such customers, which may be of interest to law enforcement. In this case, it will most likely cause law enforcement to form a subpoena for records and documents, and processes such as questioning for suspects will also be involved. This process will take longer and take time. If a SAR file is created for False Positive transactions created by Transaction Monitoring, financial institutions will both have to spend money and waste time.


Why Are There False Positive Alarms?


Conventional Transaction Monitoring (TM) has a significant technical barrier that causes False Positive Alarms. TM relies on human behavior, the complexity of transactional networks, or simple models. The event has a simple view of tracking the rule divided into just a few dimensions to question the rule. It would be better to explain this situation by giving an example. The rule in TM can be to mark all transactions as suspect if they are between $ 10,000 and $ 11,000 within a given time frame. For example, if different customers made a $ 10,500 cash withdrawal for the same day, these customers seem to have the same risk because the transaction is the same, so ten of these transactions are marked as suspicious. But since only one is a really suspicious transaction, the rest is 90% False Positive. As a result, False Positive Alarms are very high because customers often experience such transactions.


Reduce False Positivity Alarms


We mentioned that False Positive Alarms are annoying for financial institutions. Can financial institutions reduce False Positive Alarms? The best way to scan transactions for suspicious activity is always to view the activity holistically. All pieces of a puzzle must be identified and taken into account to identify suspicious activity. Financial institutions reduce the number of alerts generated by TM software by implementing risk-based monitoring. So, if machine learning is implemented correctly; it can solve these problems for AML teams. False Positive Alarms can be reduced by creating a customer risk profile and alert risk scoring. We can briefly explain the realization of customer risk estimation using Machine Learning: Customer age, customer risk, country risk, average customer balance, any risk potential, the number of customer accounts can be checked. It can also be checked if the customers are on the Scan Lists and Adverse Media. Low, medium, and high-risk scoring should be done to estimate customer risk. As a result, Machine Learning can be used to reduce False Positive Alarms.



Our AML Transaction Monitoring tool provides solutions to strengthen AML compliance of businesses from every industry. With dynamic rules and scenarios, sandbox testing environment, real-time alarms, powerful alarm management, risk-based scorecards, and many advanced features, you can make your AML control processes automatic and efficient, so you can protect your business from potential financial crime risks and regulatory penalties. You can contact us for detailed information about our AML Transaction Monitoring tool.




  Discover our improved AML Transaction Monitoring Software 

Previous Post
Disclosure and Implementation of 5AMLD
Next Post
Red Flag Indicators for AML-CFT