Understanding False Positives in Transaction Monitoring

As part of their regulatory compliance requirements, financial institutions like neobanks and fintechs need to create and implement risk-based anti-money laundering (AML) programs to fight money laundering and terrorism financing. After conducting risk assessments on their customers, financial institutions should ensure that appropriate monitoring and screening procedures are in place to notify them when those customers engage in suspicious behavior that may be indicative of money laundering or terrorism financing.

However, an AML alert does not always indicate the presence of a financial crime. The sensitivity of transaction monitoring and screening measures often means that financial institutions have to deal with a significant amount of false-positive AML alerts in their efforts to detect genuine criminal activity.

In this blog post, we'll explain what false positives are and how they can affect businesses' everyday operations.

A compliance challenge

False positives pose a compliance challenge for financial institutions all around the world. However, while false positive alerts are a significant cost and efficiency drain, organizations usually cannot afford to reduce the sensitivity of their monitoring and screening measures due to the financial, reputational, and even criminal penalties that they face if they fail to meet their regulatory obligations. False positives can also hurt the customer experience and make it harder for organizations to handle real cases of money laundering in the fight against financial crime around the world.

Every compliance team should make it a priority to cut down on false positives while keeping AML transaction monitoring and screening as accurate and effective as possible. As a result, financial institutions should understand how false positives occur and what solutions may help lower false positive rates.

What are false positives, and why do they occur?

During monitoring and screening, if a normal transaction is mistakenly flagged as suspicious, this is called a "false positive." This means that the transaction was wrongly labeled as suspicious and risky.

Due to the parameters of transaction monitoring and screening measures, some normal customer behaviors that aren't suspicious may look like they are. A customer who makes many bank transfers from different banks to different destinations on the same day, for example, may trigger an AML alert even though their transactional behavior is legitimate for business reasons. Similarly, certain international naming patterns can result in very similar names for different customers, causing sanctions screening measures to wrongly associate them with names on sanctions lists.

By definition, a "transaction" is anything that denotes a completed agreement between a buyer and a seller where money is exchanged for goods, services, or financial assets. Transaction monitoring systems are deployed to detect these difficult-to-identify behavioral red flags automatically.

Now, what happens when these behavioral red flags are not what they seem after further investigation?

However, false positives are inevitable. In reality, financial institutions have to make rules that are broad and cause more alerts so they don't miss something legitimate by accident.

This means that there will eventually be alerts for transactions that aren't actually suspicious, and with no context, both legal and illegal transactions are directed to the financial institution's AML alert review procedure for manual assessment.

False positives vs false negatives

As was already said, false positives are legal transactions that are flagged by transaction monitoring systems as being illegal.

On the other hand, false negatives are illegal transactions that get through without setting off the AML alert assessment procedure.

So, the system ignores these real attempts to launder money, which is a clear flaw that could lead to losses and compliance problems in the future.

High false-positive and/or false-negative rates are a big worry for the AML compliance program of any financial institution.

Implications of high false positive rates

Consider the following scenario: The implemented rule-based transaction monitoring system is configured to suspend all transactions worth $100,000 or more for AML review.

Then, to catch criminals who use "structuring" techniques, an extra rule is added that requires AML alerts on transactions just below this threshold, such as those over $95,000. If ten transactions are suspended and eight of them are false positives, your false-positive rate is 80% (8/10 * 100). If three false positives occur, your false-positive rate is 30%.

A false-positive rate demonstrates the effectiveness of the AML transaction monitoring systems and strategies that have been put in place.

Unfortunately, the following are implications that financial institutions with high transaction monitoring false-positive rates would face:

  • Costly manual reviews

          Administratively and financially, a high false-positive rate costs an organization a lot.

Where a case turns out to be a false positive, these expended resources are considered wasted.

As a result, an increased number of false positives means more wasted resources, which can have a long-term negative impact on the financial institution.

  • Negative customer experience

Even though wasting internal resources on investigations that lead nowhere is bad for a financial institution's operational budget, the damage that false positives do to customer relationships is even worse for the bottom line.

When a business flags or suspends good customers over and over again for AML investigations, the business risks losing them.

Nobody likes to be treated like a criminal, and false allegations can severely harm an organization's brand.

  • Time lapses

According to FinCEN files from 2011 to 2017, large financial institutions required an average of 166 days to file SARs on suspicious transactions.

If your false-positive rate is high, it means that you do a lot of these AML case management tasks and could miss deadlines for reporting.

Given that reporting requirements are just 30 days after suspicious activities begin and an additional 30 days of investigation if suspects are unknown, meeting these deadlines is almost impossible.

Even more astounding is the fact that 95% of these reports were false positives.

How to reduce and achieve a tolerable false positive rate?

While it may not be possible to totally remove them, a number of ways may be beneficial in assisting financial institutions in lowering their false-positive rates.

A high false-positive rate is unpleasant, but so is a low false-positive rate.

As a result, every compliance team needs to strike a balance. So, how do you get a tolerable false-positive rate?

  • Properly organize data

Properly organizing data involves ensuring that every piece of information gathered for analysis is unique. One of the most common reasons for false positives could be fixed by putting customer names in a better order, for example.

Instead of pulling full names for an individual as a single unit, these names can be structurally pulled as first names, middle names, last names, and even titles.

Individual identities are better defined as a result, and the number of people matched with those on sanctions lists or recognized as having high-risk profiles is reduced.

  • Implement a risk-based approach

With a risk-based approach to AML transaction monitoring, entities' risk profiles are made so that rules can be monitored and put into place effectively.

By creating a risk profile, you can narrow the scope of data considered relevant for      the AML alert review process while also intelligently reducing the number of false positives without risking a higher false-negative rate.

  • Use an effective AML transaction monitoring system

An ineffective transaction monitoring process results in a high false-positive rate. Transactions are often channeled through transaction monitoring platforms with ordinary rule-based systems, and no context is provided while they are monitored.

This is why all transactions matching regulatory thresholds continue to be flagged for review.

Flagright and other advanced systems provide complex risk-based transaction monitoring scenarios and dynamic rules that can be easily created, tested, and activated to meet a wide range of use cases.

Our world-class real-time transaction monitoring tool supports configuring risk-based thresholds and actions for each rule based on customer risk profiles and segments, so as to make risk-based decisions while reducing redundant workload for operational and compliance teams.

In conclusion

Many organizations find it difficult to meet AML compliance requirements. With rules and regulations changing and evolving all the time, it is critical for financial institutions and compliance professionals to understand how to minimize false positives in AML compliance to guarantee that effort and resources are focused on an efficient and successful AML compliance program.

At Flagright, we provide an all-in-one AML compliance platform for neobanks and fintechs. Using a no-code platform, we provide real-time transaction monitoring, risk profiling, advisory services, KYC/KYB orchestration, sanctions screening, and blockchain analytics.

Contact us here to schedule a free demo.