Transaction Monitoring
The continuous, rule- and analytics-driven surveillance of customer transactions to detect patterns consistent with money laundering, terrorist financing or fraud.
Also known asTMAML monitoring
Definition
Transaction monitoring is the operational backbone of any AML programme: the continuous, automated review of customer transactions against the customer's declared profile and against typology-driven detection scenarios. Alerts feed an investigation queue that triggers further enquiry, EDD, customer-relationship action, and ultimately SAR filing.
Generations of TM systems
- Rule-based - deterministic scenarios; high false-positive rates.
- Risk-tiered rules - same engine, thresholds calibrated by customer-risk segment.
- Network analytics - links across customers, counterparties, devices.
- Supervised ML - alert triage, false-positive reduction.
- Unsupervised / graph ML - typology discovery, peer-group anomalies.
Common scenarios
- Velocity / volume above customer baseline.
- Round-amount transfers.
- Cross-border to high-risk jurisdictions.
- Counterparty risk (mixer, sanctioned wallet, mule cluster).
- Dormant-then-active accounts.
- Rapid in-out within minutes.
Regulatory anchor
FATF Recommendation 10 and Interpretive Note; EU AMLD/AMLR; EBA Guidelines on ML/TF risk factors; BaFin AuA; ACPR AML Guidelines. Supervisors increasingly expect documented model-validation cycles and explicit tuning histories.