All banks are prioritising the Transaction Monitoring alerts, and quite often the age of the alert is the dominant criteria (FIFO – First In First Out), as no bank wants to have (too) old alerts unattended.
There are a few criteria that overrule the FIFO prioritisation, e.g. alerts from TM scenarios focusing on identifying Terrorist Financing are prioritised highest of all alerts, and alerts on high-risk customers are investigated before alerts on medium/low risk customers.
I recommend including the TM alert’s deviation factor to the TM threshold in your prioritisation. The deviation factor is important, because scenarios are built with different thresholds for different customer types to reflect the differences in “normal behaviour”. The threshold is much lower for a teenager than a private banking customer and much lower for an SME than a large Corporate.
However, all TM alerts can be compared equally when using the deviation factor that the individual threshold is breached with.
The logic behind the recommendation is to find the most anomalous behaviour, and it is more unusual/suspicious if any given TM threshold is breached by a factor 10 than with 10%. Therefore, a teenager with a threshold breach of factor 10 should be prioritised higher than the corporate with factor 1,1 – even though the absolute amount on the same scenario for the teenager obviously is lower. Please note that the threshold factor also should impact alert prioritisation across all scenarios.
If an alert is breaching a threshold with a very high factor, I also recommend that TM investigators are required to be even more thorough before concluding if the customers behaviour is either plausible or suspicious.
By structurally using the deviation factors to TM thresholds on both the prioritisation and the depth of the investigation, the bank will provide high quality analysis of the most important SARs to the authorities as timely as possible.
#FCPadvisory #FCP #AML