Impact of COVID-19 on Transaction Monitoring

COVID-19 is one of the most significant global challenges to affect people and the economy since the global financial crisis in 2008. Governments in nearly all continents have introduced a number of lockdown and social distancing measures to curb the spread of the pandemic.

Whilst we adjust to the new normal, unfortunately there will be those who look to exploit gaps and weaknesses in Anti-Money Laundering (“AML”) and Counter Terrorist Financing (“CTF”) systems within Financial Institutions (“FI’s”), as the focus within FIs shifts towards managing risks in the current climate. As new Money Laundering (“ML”) /Terrorist Financing (“TF”), risks start to emerge, FI’s need to remain vigilant to ensure they continue to effectively mitigate these risks.

Challenges and trends

Public social distancing obligations and guidelines are translating into various effects on FI’s. Some challenges and trends that FI’s TM systems and controls may face are:

  • Changes in predicate offences - resulting in an outdated risk assessment
  • Cash intensive business are impacted - money mules and their handlers change in profile and approaches as traditional based channels are closed
  • Staff may be tempted to cut corners on internal controls – in order to secure business
  • On-premise solutions will become more vulnerable – on-site IT and operational staff are disrupted by direct medical incidents, additional care responsibilities and disruption to usual patterns of work

As criminals look to exploit the COVID-19 pandemic, predicate offences will change, particularly as we see an increase of external fraud, such as phishing schemes, fundraising for fake charities, counterfeit medicines and fraudulent investment opportunities. This creates new risk typologies, which need to be identified and mitigated, potentially rendering a FI’s detailed risk assessment and typologies that underpin an effective Transaction Monitoring (“TM”) solution, out of date.

With the reduction in legitimate trade, particularly in traditional channels such as cash intensive businesses, the ability for criminals to disguise illicit funds within legitimate funds has become limited. Organised criminal gangs are now on the hunt for new money mules, turning to those with established profiles who have recently been made redundant and have an immediate need for income, whilst adapting to peer to peer and other mobile payment channels.

Business will also be tougher to win and retain, as businesses seek to replace lost revenue with reduced economic activity and potential disruption to operational capabilities. This can lead to staff being tempted to cut corners where Due Diligence (“DD”) standards are weaker in order to reduce workload and on-board customers quicker. This has a direct impact on the TM system’s ability to identify suspicious activity if the FI does not understand who their customers are and what their expected activity is.

Over the last few years, many FI’s have explored and in some cases migrated to cloud based/hosted TM solutions. On-premise TM solutions may become more vulnerable to project issues and inefficiencies, due to support teams being re-focussed on other areas, working from home in a new distributed way, staff sickness, staff caring for others and restrictions on travel and gatherings for both IT, Financial Crime and operational resources. At the same time, there will be a need to re-tune and optimise TM solutions to changing customer behaviour patterns, activity levels and new risk typologies.


Whilst FI’s are navigating through these unprecedented times, there are a number of actions that should be considered when protecting their business from criminals who want to use the pandemic for their own gain.

Review TM scenarios/rules to reflect the “new normal” to ensure you are not being inundated by alerts of people who have deviated significantly in behaviour, such as where payment flows have changed significantly due to re-configured supply chains. However, businesses that would be expected to have a decline but do not show signs of decline, could be an indication of potential laundering or other suspicious activities. A FI should be mindful that alert volumes will spike significantly, as industries begin to re-open, which as well as the current period of reduced activity may make historical profiling rules unreliable or ineffective.

Take the time to measure effectiveness, appropriateness and efficiency of existing controls against an updated risk assessment. By having an updated risk assessment, a FI can truly test if their risk-based approach (“RBA”) can mitigate the most prevalent risks and align resource to the highest risk areas. At the same time regulators are increasingly savvy as to what good looks like in TM and will expect to see a clear link between risk typologies and the control framework.

Reflect on technology used/strategy to prevent, monitor and detect financial crime. A key challenge for FI’s managing their regulatory obligations is finding the balance between risk management and efficiency/effectiveness through innovation. With some current TM solutions set to expire and the move to “cloud first” or “cloud only” strategies well established there is an opportunity to consider cloud based and hosted solutions from traditional and new vendors.

Build resilience in alert processing by driving expertise into earlier decisioning to effectively manage backlogs. Automation will provide the greatest direct benefit to a FI where there are manual time intensive tasks such as additional data capture, alert triage and L1 reviews of TM alerts.

During times of uncertainty, clear communication is integral. It should be reiterated to staff that managing financial crime risk cannot be relaxed in times of crisis and the appropriate process and procedures are more important than ever. This should be driven from senior managers to set the “tone from the top”.

The ability to adjust TM frameworks rapidly also provides an opportunity for a FI to enhance their business capability whilst adopting increased speed and agility. This will position the FI to cope with future economic crises, as well as other less expected pandemics.

Did you find this useful?