Eastnets and ARQ recently organized a thought leadership discussion with Malta's FIAU on Real-time Transactions Monitoring in Malta.
In April 2023, the Maltese Financial Intelligence Analysis Unit (FIAU) issued a Guidance Note on transaction monitoring obligations. Eastnets and ARQ thought this would be a great time to open discussions around real-time monitoring challenges and solutions. In the webinar held on June 9, 2023, panelists from Eastnets, ARQ, and FIAU, Malta presented interesting and vigorous points around the many issues that financial institutions have in complying with regulations and how AI can help to meet the complex nature of modern financial transactions.
Here, Eastnets presents some of the key points made during the discussion.
The challenges of real-time monitoring
The FIAU guidance note says this about real-time monitoring: ”the main aspect of on-going monitoring is that of scrutinising unusual, anomalous and suspicious transactions detected through the systemic and continuous review of customers’ transactions.”
At this point, Jeremy Mercieca Abela of the FIAU picked up. Jeremy presented the case for recognizing the importance of pre and post-transaction monitoring if scrutiny is to be effective. However, the challenge is, which transactions do you review? Jeremy said that most regulators do not expect "subject persons" to review all transactions in real-time but focus on transactions that are identified as unusual, suspicious, or higher risk.
How holistic is real-time monitoring?
Jeremey explained that he has noticed during compliance assessment that some subject persons are attempting to incorporate elements of real-time monitoring, but this is often limited to sanctions list screening. This was noted as being only a fraction of what was needed for pre-transaction monitoring.
Intelligence-led pre-transaction monitoring
Intelligence-led real-time transaction monitoring is made whole by applying transaction monitoring rules on a most-appropriate basis, using an "aggregated view ."For example, a focus should be on high-risk transactions or high-risk customers. A business profile should set a baseline to identify risk and initiate pre-transaction monitoring. But this must be done intelligently, for example, a large transaction may be normal for one customer but unusual for another.
The gray areas in transaction monitoring regulation
Manfred Galdes of ARQ Group pointed out a major issue in the compliance space. Manfred noted that pre-transaction monitoring is often discretionary and dependent on the organization's size and customer type. Manfred said of regulatory guidance that it remains "extremely vague." However, he pointed out that regulator expectations are crystallizing, but uncertainty is causing issues in the industry. The core issue is in the differentiation between what is best practice and what is legally binding. Regulatory rules are generic. This challenge is met by understanding the "how and when" of transaction monitoring decisions.
Best practices and legal obligations
The panel next discussed the notion of what best practice is and what should be applied in certain situations while remaining under the legal obligations of a regulation. On the subject of the FIAU’s guidance, Manfred noted that “norms are emerging from the guidance notes rather than from the law but there remains room for further improvements.”
Systems that deliver pre-transaction monitoring
The talk moved to systems that can be used to meet pre-transaction monitoring best practices. Manfred told the panel that “systems that can be configured to take into account multiple detection rules and scenarios offer the perfect world where you've got customer profiling, customer risk rating systems, and transaction monitoring systems, all talking efficiently to each other.”
However, Manfred cautioned that banks and financial institutions may have legacy systems and legacy issues with data. Communication across these different systems can be a hurdle to intelligent pre-transaction monitoring.
Aggregated view of customer transactions
An aggregated view of a customer was emphasized during the panel discussion. Manfred offered an example of what this means in real-life “Let's take the example of a bank or a financial institution; my customer has an account in his own name and account with a company where he's a shareholder, and a shared account with his wife.” But aggregated transaction monitoring is challenging to perform.
The notion of customer segmentation
The notion of customer segmentation entered discussion with Jeremey Mercieca Abela of the FIAU, explaining that a customer's portfolio should be segmented to facilitate the implementation of detection rules. Jeremy noted that if this is done correctly, it will be easier to build detection rules to identify the suitable types of transactions for monitoring purposes. He gave an example of segmenting personal and corporate customers and using these categories as a basis for segmenting rules. He also suggested that customer segmentation helps establish risk levels and rules to initiate monitoring.
Which technologies can solve pre-transaction monitoring?
Rasha Abdel Jalil, an expert in Transaction Monitoring at Eastnets, entered the conversation to give insights into how technology can solve issues of pre-transaction monitoring. Rasha focused on several interrelated areas:
False positives: creates inefficiencies in transaction monitoring.
Reliable data: APIs connect data source providers to deliver reliable data on, for example, controlling persons’ shares.
Advanced Link analysis visualization tools: visualizes organizational hierarchy, direct and indirect shareholders, and even hidden and suspicious relationships.
Rasha explained to the panel that an automated transaction monitoring system functions as a data aggregator, as highlighted by Manfred. A centralized data repository also improves investigation efficiency by offering a single knowledge point.
AI-enabled technologies for pre-transaction monitoring
The use of AI in real-time transaction monitoring soon entered the discussion. The role of AI in reducing false positives was acknowledged, with Rasha explaining that AI has reduced false positives by more than 70 percent in some financial institutions. Rasha also pointed out that AI can offer efficiency by automating customer clustering and segmentation. Rasha agreed that a “one size fits all model is no longer efficient.” However, she pointed out a vital ingredient in the application of AI to real-time monitoring is that it must be explainable.
Noting AI used in real-time transaction monitoring, the challenge of bank hesitancy was discussed. It was generally agreed that there is some nervousness around the usage of AI when it comes to AML and compliance monitoring tools. However, the challenges of real-time transaction monitoring mean that conventional transaction monitoring tools could be more effective. Jeremy Mercieca Abela agreed that there will always be some human element involved in transaction monitoring and investigation and that AI adoption will require "explainability and transparency.”
Manfred Galdes offered a resolution to the challenge of hesitancy by stating that explainability is important and that human intervention will always be needed. He emphasized that “AI will definitely narrow down the cases that require human intervention but human intervention will not be entirely replaced.”
Rasha put the panelist’s minds at rest by explaining that new AI models used for real-time transaction monitoring provide a high level of explainability on why a decision was made, what the risk factors are, customer risk levels of the account, and how the decision and recommendations have come about using visualization and link analysis tools. Rasha continued to explain that segmentation tools offer a view of the different segments established by the AI; Rasha confirmed that AI in real-time monitoring is “not a black box anymore.”
Click this link to watch the panelists discuss real-time transaction monitoring in Malta and beyond.