In our work as consultants, we’re often brought into firms at a critical point, when there’s a Transaction Monitoring (TM) issue that can no longer be ignored. Sometimes it’s regulatory scrutiny, and other times, it’s an internal recognition that the current setup simply isn’t fit for purpose.
The outcomes of not doing Transaction Monitoring properly can be painful, as we’ve recently seen in the UK and the EU, with fines being levied for example on Starling, Revolut and Rabobank, and of course accompanying remediation.
We always begin an assignment with a key question:
“Can we please see your Transaction Monitoring Risk Assessment (TMRA)?”
The TMRA, or TM Control Assessment, as it’s sometimes also known, is the cornerstone of an effective Transaction Monitoring framework, and therefore also how the firm operationalises its activities in this important area. More often than not, the responses we see include “We don’t have one”, or “Oh, that hasn’t been dusted off in ages”, or “What is one of those?”. Those answers usually tell us everything we need to know.
The TMRA is far more than a regulatory box-tick. It’s a bespoke assessment of how a firm’s actual products and client base could be exploited by bad actors, whether that’s for money laundering, terrorist financing, cyber-crime, or even nuclear proliferation. The outcome is a definition of the inherent risk based on the realities of the business model.
From that inherent risk assessment, one needs to map every existing control to the relevant risks that have been identified. This is where the real clarity emerges. The outcome of that mapping process typically highlights:
The mapping, once completed, provides a clear picture of the residual risk, and a more realistic view of how well the Transaction Monitoring environment is functioning, and how effective it is.
Creating or updating the TMRA, with a robust control-to-risk mapping, is the essential first step in any meaningful Transaction Monitoring remediation programme. It defines the current state, in terms that are practical, defensible, and understandable to both senior leadership and regulators. It also shows the potential future state, following a targeted remediation programme.
Once this baseline is established and shared with key stakeholders, such as the Chief Risk Officer, the Money Laundering Reporting Officer, and other senior stakeholders, firms are typically faced with a choice. We occasionally have situations where a firm prefers to draw a line under the work undertaken, thank us for our time, and remind us of the NDAs that we have been operating under. More often, though, most firms recognise the opportunity to make things better, do the right thing, and set themselves up for success.
That’s when a firm can move forward, defining, refining, and implementing targeted controls to improve governance and embed procedures that mitigate risks, keeping the firm safe. The Transaction Monitoring framework is now in step with the evolving risk landscape and stays that way.
Those firms are also, without exception, a pleasure to work with. When you get it right, you save time and money, and deploying some of the latest AI capabilities can really drive efficiency and effectiveness. AI models learn to identify patterns and behaviours that traditional rules-based systems might miss, leading to more accurate and timely detection of potential financial crime. This includes pattern recognition, real-time monitoring, the ability to manage multiple data points simultaneously, automation and alert prioritisation, and visualisation of issues earlier. Two client case studies are highlighted below, along with the outcomes achieved.
Case Study 1: We supported one of the UK’s leading Challenger banks in establishing their TMRA, redesigning their Transaction Monitoring approach, completing a gap analysis, and undertaking rule creation and rule tuning, leading to improved capability and better outcomes. Over a 2-month period, we were then able to identify 64,000 false positives that could be removed from the workflows, translating to an annualised cost saving of c£5m. In addition, we identified thousands of additional man-hours of efficiency measures that could be implemented into the live processes, reducing staff pressures and saving costs. We delivered a 10x plus financial outcome for the client vis-à-vis our costs, in addition to the regulatory confidence, reduction in reputational risk, and better long-term capability that was now operational.
Case Study 2: We supported a Global Payments Firm through a Financial Crime regulatory review. This was a broad remit, where one element related to their Transaction Monitoring systems and controls. We redesigned their TMRA, implemented new tools and capabilities, including AI capability, and performed a remediation of historic activity. This resulted in the Firm’s TM systems and controls passing the regulatory test, enabling the Firm to operate their updated TM solution with 50% less people, 10 times faster, and with increased confidence over the accuracy of outcomes, with all historic issues resolved.
We look forward to constructive discussions during and after the conference with delegates, whether that be Transaction Monitoring or more broader financial crime topics, and how firms can implement appropriate Transaction Monitoring frameworks, tools, parameters, and capabilities, to achieve efficient and effective outcomes, without breaking the bank.
Simon Davis is Chairman of Brighter Consultancy, and will be speaking at the conference on 7th May.