The next elements in your operational AML/CTF toolkit are AML/CTF Screenings and Monitoring. It again very much depends on the country’s jurisdiction if it is limited to financial institutions and extended to other businesses and organizations. At least the FATF has made it part of their recommendations to have effective systems to monitor their customers’ activities and ensure ongoing compliance as part of the ongoing customer due diligence.
AML/CTF Screenings and Monitoring
Banks and other financial institutions can use anti-money laundering (AML) transaction monitoring software to monitor customer transactions for risk on a daily or real-time basis. By combining this data with analysis of customers’ historical data and account profiles, the software can provide financial institutions with a “whole picture” analysis of a customer’s profile, risk levels, and predicted future activity, as well as generate reports and create alerts to suspicious activity. Cash deposits and withdrawals, wire transfers, and ACH activity are all examples of transactions that can be monitored.
Sanctions screening, blacklist screening, and customer profiling can all be included in AML transaction monitoring solutions. The analysis is obtained primarily to meet various anti-money laundering (AML) and counter-terrorist financing (CFT) requirements, as well as to file Suspicious Activity Reports (SARs) and fulfill other reporting obligations. Certain regulators around the world have made transaction monitoring a specific regulatory requirement, such as Part 504 in New York State and the 4th Money Laundering Directive in Europe for high risk relationships.
AML/CTF Screening Definition
Let’s start looking at what AML/CTF Screening does. First of all, AML/CTF Screening is also somewhat part of the customer due diligence program.
When you are onboarding a new customer, you want to research certain background information about him, as we have discussed already. For example, if your about-to-be customer has been linked to money laundering or was even convicted in the past, you want to know this. You also want to know if he qualifies as a PEP and is listed on global sanctions or AML watchlists.
The AML/CTF Screening engine is usually also made part of the ongoing customer due diligence. The engine is set to continuously screen the entire customer base so that the organization can be aware of any potential changes. For example, suppose a customer of your organization is suddenly elected into a high political position. In that case, you want to be aware of this. But also, if a customer of yours is involved in a financial crime or other adverse media reports, give a reason for suspicion. The AML/CTF Screening engine would then trigger something which is called an “Alert”.
This is a notification from the system to the operator that a potential change has occurred for one of their customers. The operator must then review this alert and see if there are grounds for it. The alert can be a false positive, which means that the system has made an error. This happens quite often in sanctions and watchlist screening because there are quite a few people in the world with similar or identical names. But in case the alert is a true positive, and the suspicion has some legitimate grounds to it, an event-driven review is triggered. Now, this is a means of due diligence outside of the regular cycle.
Let’s take an example; you have a customer in the form of a legal entity. Based on your risk-scoring methodology, this customer has a moderate AML risk. Based on this, you will apply regular customer due diligence and review the customer’s information for the next time in three years. Now suddenly, your AML/CTF Screening engine generates an alert. You look at it and see that there is adverse media reporting showing that your customer has been involved in a large money laundering scandal.
Even though your organization’s name is not used, the media reporting says that the customer has abused products and services for money laundering similar to those that your organization offers. In addition to causing you a racing heart, this now triggers an event-driven review. Instead of reviewing the customer for next time in three years, you have to do it immediately. Let’s assume for the sake of this example that you found no grounds whatsoever that might be a potential indication for money laundering and that after re-reading the media reporting, you find it to be highly speculative and the sources not trustworthy.
However, during your customer review, you find that the customer has shifted his geographical business focus to another country. This has caused your risk scoring engine to assign the customer a new risk score. The customer now has a low risk. After completing the customer review, he gets back in the regular review cycle. Due to the decreased money laundering risk, you’ll now have to review this particular customer only in 5 years.
AML/CTF Monitoring Definition
So, the second thing in terms of ongoing customer due diligence is AML/CTF Monitoring. Again, it very much depends on your jurisdictions if your organization is legally required to have an AML/CTF Monitoring engine in place. Still, for most jurisdictions, this mainly applies to banks and financial institutions.
AML activity or transaction monitoring allows banks and other financial institutions to monitor customer transactions daily or in real-time for risk. By combining this information with analysis of customers’ historical information and account profile, the software can provide financial institutions with a “whole picture” analysis of a customer’s profile, risk levels, and predicted future activity. The transactions monitored can include cash deposits and withdrawals, wire transfers, and other activities.
AML activity and transaction monitoring’s objective is to identify suspicious customer transactions, including unusually large transactions, complex transactions, and unexpected patterns of transactions that don’t seem to have a legitimate purpose.
Your transaction monitoring program can be manual or automated depending on your business or organization’s type, size, and complexity.
Know the questions is what your AML activity and transaction monitoring program should include. Here are three examples for you which commonly occur practice:
- Firstly, the transaction monitoring program should recognize different forms of money laundering and the types of transactions customers might use to conceal it. For example, your program should alert you when customers make large cash deposits into one account and then transfer it electronically to other unrelated accounts.
- Secondly, the program should monitor customers who behave suspiciously when conducting transactions or whose transactions suggest suspicious behavior.
- Thirdly, the program should track a customer’s transaction history, so it’s easier to spot and flag any unusual activity and compare the ongoing transaction activities of customers to certain risky types of transactions or patterns of transactions.
Just like for the AML/CTF Screening software, You must make sure your monitoring system alerts you to unusual, large, or complex transactions or patterns of transactions. This can be by your employees being aware and vigilant, or you can use automated systems.
What makes a transaction large or unusual will depend on your business or organization’s size and the services you offer. It will also depend on the types of customers and transaction activities you normally deal with.
Suppose your monitoring program identifies suspicious customer transactions or behavior. In that case, you must, first of all, apply your event-driven customer due diligence. Eventually, you must also consider making a suspicious activity or suspicious transaction report.
In general, a risk-based approach requires financial institutions to employ intensive measures (such as enhanced due diligence) to manage risk for higher-risk clients or scenarios, whereas simplified measures may be permitted for lower-risk clients or scenarios, and where there is no suspicion of money laundering or terrorist financing.
Countries and institutions must take appropriate steps to identify and assess the risks of money laundering and terrorist financing for various market segments, intermediaries, and products on an ongoing basis in order to apply a risk-based approach. Recognizing that the nature and extent of AML/CFT controls will depend on a number of factors is consistent with the concept of a risk-based approach.