Something we said? Don’t leave just yet!

For more information about latest events, news and insights, leave us your email address below.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form
Dismiss
Getting the basics right - rule building for more effective transaction monitoring
Nick Portalski
July 6, 2020

Rules form the foundation for transaction monitoring

Monitoring financial transactions to identify activity linked to money-laundering or terrorist financing is a key obligation for regulated financial firms.

In a world where there are 539 billion non-cash payments per year, pinpointing suspicious behaviours is increasingly difficult.  

Many transaction monitoring (TM) approaches rely on using rules which, conceptually, are clear and easy to understand.  

However, rules are also often over- or under- inclusive, fragile and unable to adapt quickly to changes -   whether they are new financial crime techniques or broader shocks such as the Covid-19 pandemic.  

Now, more than ever, regulated firms need to consider their ability to effectively monitor financial crime in increasingly complex and dynamic circumstances.

See how rule building features in our "5 Things to Look for in a Transaction Monitoring Solution".

The Problem with Rules

Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) regulations mandate that regulated firms must monitor and report suspicious financial activity.  

Failing to comply with these regulations can result in significant fines and reduces law enforcement’s ability to catch bad actors. Regulated firms must, therefore, have robust frameworks and systems in place to enable them to identify suspect behaviour.

Regulators understand rules-based transaction monitoring, which is an established practice and is straightforward to monitor and audit.  

However, to keep up with increasing transaction volumes and the tendency of criminals to continually adapt their money laundering techniques, transaction monitoring rules are becoming more complex and less effective.  

Financial crime typologies change frequently, but the speed at which rules are usually updated is far slower. Inflexibility in rules leads to poor transaction monitoring and arises for three key reasons:

1. Fixed out-of-the-box rules

Software vendors supplying rules-based transaction monitoring products often include a set of pre-configured rules.  

Although lists and threshold values can be changed, new rule types cannot be created by end-users.  If an organisation wants to add bespoke rules, it can take many months and require a software upgrade to implement them. If you know that’s likely to be the case, there is little incentive to change things and inertia sets in.  

2. Calibration in live systems takes time and carries risk

Calibrating rules is a fine art. It is a balancing act between producing too many false positives (which require significant human review) and too many false negatives (when suspicious transactions may go undetected).  

Changing a live system carries risk.  It is cumbersome to implement a separate test system with regular data refreshes, simply to try out some rule tweaks.  Which means it simply doesn’t happen.

 Consequently, it is difficult to understand the impact of rule changes before they are deployed; creating more inertia within the organisation.

3. Lack of customer data

Historically, transaction monitoring systems have not had connectivity with other compliance systems such as client screening or Know Your Customer (KYC) systems.  As such, TM systems may be operating in isolation, purely looking at the transactions.  

However, organisations hold a wealth of other information about their customers, or can gather such data from third party intelligence sources. This data can be used to tailor rules and improve TM significantly.  

The challenge is two-fold - first getting this data into a rigid TM system is difficult, and second, inflexible rules make it difficult to use anyway. As a result, most firms choose to ignore this as a data priority.

Replace rules with artificial intelligence

Some may see these drawbacks as an argument (or an opportunity) for getting rid of rules altogether.  Others have argued that some of the current AI projects exist simply to deal with this lack of customer insight within TM systems.  

At Napier, we know that both rules and AI are necessary components of an effective AML strategy.  Each approach can be most effective in different circumstances and they also complement each other well (a topic for a different blog).  

Rules are not going away; organisations simply need to be much more agile in how they create and use them.

Creating Better Rules

So how can regulated firms improve their use of rules and adapt them more quickly to changing circumstances?  

Napier’s products include a couple of approaches that firms might wish to explore:

1. Create your own rules

Compliance teams usually know what rules they’d like to implement.  

They are probably adept at using Excel to look through data.  But for the reasons above, they find it difficult to get those rules into the system.  

Maybe it’s not possible with the solution they have.  Maybe it requires coding in some sort of script and that isn’t their skill.  Neither of these make it impossible - they just need a system that allows them to create rules without coding and without software upgrades.  

Giving compliance teams the ability to define their own rules in a controlled way is important; no-one should be allowed to simply change live rules in a production system.  Which brings us neatly to…  

2. Build and change rules in a sandbox

Experimentation within a sandbox environment can significantly improve the flexibility and adaptability of rules for transaction monitoring.  

The sandbox is a testing area in the system that allows organisations to build new rules or change existing ones. It allows users to test rules on automatically created copies of subsets of live data.  

New rules can be fine-tuned in the sandbox until their performance is optimised, at which point an authorised user (e.g. the firm’s compliance officer) can turn them on for use in the live system at a click of a button.

Having the ability to run ‘what-if scenarios’, change thresholds immediately and see their impact allows regulated firms to take control of their transaction monitoring rules, and become more agile to changing circumstances.  

New rules shouldn’t be implemented without justification and a controlled process.  Using a sandbox provides empirical evidence to senior management and regulators as to why a rule change was made, or why a whole new rule was created.

3. Using rules alongside Machine Learning and AI

Rules are good for dealing with known scenarios and detecting known patterns of behaviour. Unfortunately, criminals also understand these rules and will work hard to find a way around them. This is where technologies like artificial intelligence enter the picture. Machine learning models can identify anomalies and patterns of behaviour that are outside the norm.  

In a scenario where, for example, a customer conducts several foreign exchange transactions at unusual times of the day, but this activity doesn’t trigger existing rules or raise an alert; a machine learning model would identify these transactions as anomalous.  

Following an investigation (if this is found to be suspicious), a new rule can be created, fine-tuned using the sandbox and deployed quickly to detect similar cases in the future.  

Machine Learning can also provide additional insights to the compliance team to help them understand why rules may have triggered without reason to be suspicious.

There are patterns and relationships that are hard to spot by humans but can be fundamental to detecting suspicious behaviour.  

Let’s take a money laundering technique called “Cuckoo smurfing” which has been on the rise during the Covid-19 pandemic. Say a drug dealer needs to send $10,000 abroad to their boss. The criminals can (with the right skills and inside help) hijack a similar transaction that is happening between two legitimate accounts – for instance an overseas student who is receiving money from his/her parents. These payments are then re-routed, so the drug dealer’s money ends up in the student’s account, and the parents end up paying the drug dealer’s boss – in the hope to avoid detection.

There is a high chance such a transaction would go un-noticed (the student receives the same amount as usual). But a proactive AI system continuously analysing patterns, would notice that the student’s network is different and would flag the behaviour as unusual.  

If then a human confirms that this activity is indeed suspicious, the AI could proactively recommend a way to change the rules to catch this behaviour systematically in the future.

Being able to make use of both the sandbox and AI to add flexibility to rules and make them more effective requires firms to think differently about their approach to fighting financial crime.  

Data, and understanding how it can be used, as well as its limitations are obviously critical. More importantly, though, is an appetite for being more in control, more agile and therefore more able to respond quickly to inevitable changes in criminal behaviour and beyond.

Learn more

If you would like to learn more on how our systems can help you build rules, improving your transaction monitoring processes, please do not hesitate to contact us to speak with an expert or request a demo of our cutting-edge systems.

Nick has extensive leadership experience in designing and delivering enterprise products using multiple technologies. Having worked in successful FinTech start-ups and enjoyed global responsibilities with IBM, his expertise lies in taking concepts from embryonic vision through to advanced end products.