Making AML Alert Analysis More Effective

In financial services, the main functions of an AML Department are to identify, investigate, and report suspicious activity. This process usually begins with either an automated alert from the AML system or with a referral of potentially suspicious activity from an employee which is entered into the AML system as an alert. Regardless of how it began, the alert must be analyzed, investigated, decisioned, and ultimately filed if suspicious. When this process is performed timely and accurately, it is considered effective. 

To investigate and report on suspicious activity effectively, the individual working the alert must have a thorough understanding of two important elements of the alert: the individuals or businesses involved in the alert (the “Who”), and the transactional activity contained in the alert (the “What”). 

Since most AML systems have always identified the transactions along with the alert, the transactional analysis used to be the relatively easy part because the information was readily available, and the KYC on the individuals or businesses involved in the alert was the more difficult part because the information was scarce. This means that, a decade or so ago, most of the effort spent on working alerts was about the What (analyzing the transactional activity because it was available) and not necessarily about the Who.  

What Changed? The Shifting AML Landscape 

Over the past five years, with advances in CDD/KYC and negative news scanning systems, information on individuals and businesses has become much more plentiful, leading to a more thorough understanding of the individuals or businesses involved in an alert (including counterparties). The information is often gathered via an automated bot and provided to the investigator along with the transactions. Without a doubt, the Who part of investigating an alert has become more efficient and effective over time.  

Emerging Risk: Over-Reliance on KYC Automation 

Because the KYC part has become more automated (and thus easier), AML staff now face the risk that working an alert will become more about the Who, and less about the What, which could cause some suspicious activity to go unnoticed. Missing suspicious activity can lead to a less effective program. Transactional analysis is also an area where, as of today, a skilled and experienced individual still needs to review and investigate the activity. Yes, systems can use analytics to make this process easier, but the investigation and decision-making still reside with an individual in the AML department. Current artificial intelligence technology is not yet sufficient to replace a human’s ability to investigate transactions and make decisions regarding whether the activity is suspicious or not.  

Why Transactional Analysis Is Still Essential 

To have an effective program, AML Officers working alerts need to be sure to devote adequate resources—their time and talent—to the transactional analysis and investigation stages of the alert. This means that those who are working suspicious activity alerts must have the time and experience to understand the story the transactions are trying to tell. It’s good that more KYC information is available to them now than in the past, but having that information available doesn’t make up for truly analyzing and investigating the transactional activity that triggered the alert to begin with. Alert write-ups that fill most of the narrative describing the individuals and businesses (and counterparties) involved in the transactional activity, yet have scarcely any information at all about what the transactions were, the magnitude of the transactions, the type of transactions, or how they differ from normal activity, might not be telling the whole story. 

AML Officers strive to have an AML program that reliably identifies, investigates, and reports suspicious activity. When designing the alert-working function, be sure to focus as much attention on the What as you do on the Who by ensuring the transactional activity is thoroughly investigated and described in the alert documentation. 

Bates Group offers comprehensive advisory services to a wide range of financial institutions, MSBs, and Fintechs. We provide AML/CFT compliance program support, including Independent Reviews and Risk Assessments, Technology and Systems Reviews, and Custom Compliance Training.