The foundation of all transaction monitoring is the FI’s Enterprise-Wide Risk Assessment (“ERA”). The level of risk associated with each transaction type offered by an FI should always trace back to its ERA. This means that the ERA should delineate in a clear manner the following: 1) all transaction types the FI offers, and 2) the inherent money laundering risk associated with those transaction types. Institutions are constantly modifying money laundering risk associated with transactions on a continuous basis. Is your institution’s ERA comprehensive and up to date in its identification of transaction risk?
Next, the FI should evaluate whether the money laundering risk evident in its ERA is being effectively covered by a corresponding transaction monitoring rule in place. Different transaction types pose different types of risks to an FI. For example, the risk posed by international wire transfers is not necessarily going to mirror the risk posed by domestic cash transactions. Monitoring rules should be precisely designed to target the risk specific to the transaction type in question. Let’s illustrate the aforementioned top-down approach by first exploring an institution’s money laundering threat/risk environment.
The following types of money laundering threats/risks are typical to the financial system or an FI — 1) illicit financial threats, 2) international money laundering operations, 3) domestic money laundering operations, and 4) Bank Secrecy Act (“BSA”) violations and tax evasion. Illicit financial threats typically include terrorist financing and funding, weapons of mass destruction (“WMD”) proliferation activities, and often include foreign terrorist organizations (“FTOs”) and nation-state actors. International money laundering operations typically include organized crime, human and drug trafficking and smuggling organizations and transnational criminal organizations (“TCOs”). Domestic money laundering operations typically involve white collar and organized criminal gang activities. Violation of the BSA and tax evasion typically involve unreported cash and/or income.
Once your institution is knowledgeable of its money laundering threat/risk environment, the next step is to extract corresponding money laundering typologies that will serve as the foundation for your transaction monitoring rules. Illicit financial threats are evident through terrorist financing/funding activities. International money laundering operations are effectuated through cross-border activities. Domestic money laundering operations are performed through obfuscation activities. BSA violations and tax evasion are typically seen through structuring, smurfing, mule, and bulk cash activities.
The third step is to identify which transactions identified in the ERA process correspond to the following aforementioned typologies — 1) cross-border activity; 2) obfuscation activity; and 3) structuring, smurfing, mule, and bulk cash activities. Following this step, you should ensure that a rule is in place for each transaction type to effectively detect the typology associated with that transaction type. And finally, you should frequently tune your rules and run them out in a test environment to ensure they are operating efficiently. The aforementioned moving you into the qualitative and quantitative analytical review of the tuning and optimization exercise.
If your rules have not been functioning optimally, it might be time to tune your current existing rule set and/or start from scratch. Our methodical approach is designed to ensure that your transaction monitoring rules are effective and provide targeted money laundering risk coverage, preventing your institution from exposure to facilitating illicit activities.