4.5. Transaction Monitoring
As required by Article 7 of the AML-CFT Decision and Paragraph 16.24 of the Standards, LEH must continuously monitor all their transactions to ensure that the transactions conducted are consistent with the information they have about the customer, their type of activity and the risks they pose, including, when necessary, the source of funds. Transaction monitoring systems allow the LEH to monitor the transactions made by their customers in real-time and/or on a daily basis. All LEH should have a form of transaction monitoring system in place in order to monitor for any suspicious transactions to and from customers. Failure to have such a system in place may not only cost a LEH its reputation, but also lead to large fines and other penalties.
Transaction monitoring is distinct from the ongoing monitoring discussed in section 4.4.1. Both are required, but the purpose of transaction monitoring is not primarily to update the customer risk profile but to detect and investigate transactions that may need to be reported to the FIU because they are potentially related to illicit activity. While CDD review (as discussed in section 4.4.1) may take place once a year, transaction monitoring occurs in real time and is thus able to support prompt reporting to the FIU after the transaction takes place.
Under Article 4.2 (a) of the AML-CFT Decision and Paragraph 16.24.1 of the Standards, Transaction monitoring must be commensurate with the risk posed by the LEH’s size, scale, complexity, the nature and volume of its Exchange Business, the nature of its customer base, and the geographic areas in which it operates. The transaction monitoring system used by a LEH, whether automated or manual, must be able to flag unusual movements of funds or transactions for further analysis. Rules and parameters must take account of ML/FT typologies in the Exchange Houses sector.
When the monitoring system generates an alert, it must be investigated and either escalated or otherwise dispositioned in a timely fashion in order to support prompt reporting to the FIU. Transaction monitoring systems should create an audit trail of all activity related to alert generation, investigation, and disposition to have a clear understanding of the activity, and potentially report it to the relevant authorities.
For more details and information, please refer to the CBUAE Guidance for Licensed Financial Institutions on Transaction Monitoring Screening and Sanction screening9.
9 Available at https://www.centralbank.ae/en/cbuae-amlcft.
4.5.1. Indicative Risk Factors Associated with Transactions
The following is an indicative and non-exhaustive list of risk factors associated with transactions10.
• Customer’s behavior at point of origination: o Customer structures transaction in an apparent attempt to break up amounts to stay under any applicable CDD threshold to avoid reporting or other requirements. o Customer attempts a transaction, but given he or she would likely be subject to the CDD monitoring, cancels transaction to avoid reporting or other requirements. o Transaction is unnecessarily complex with no apparent business or lawful purpose o Number or value of transactions is inconsistent with financial standing or occupation, or outside the normal course of business of the customer in light of the information provided by the customer when conducting the transaction or during subsequent contact. o Customer offers a bribe or a tip, or is willing to pay unusual fees to have transactions conducted. o Customer has vague knowledge about amount of money involved in the transaction. o Customer makes unusual enquiries, threatens or tries to convince employees to avoid reporting. o Customer sends money internationally and then expects to receive an equal incoming transfer or vice versa. o Customer transfers money to illegal online gambling sites. Email addresses containing gambling references or transfers to countries with large numbers of internet gambling sites. o Customer wires money to higher-risk jurisdiction/country/corridor. o Customer transfers money to claim lottery or prize winnings o Customer transfers money to someone met only online or appears to have no familial relationship with the receiver and no explanation forthcoming for the transfer.
• Activity detected during monitoring (in many of these scenarios the customer’s activity may be apparent both during point-of-sale interaction and back-end transaction monitoring): o Transfers to the same person from different individuals or to different persons from the same individual with no reasonable explanation. o Unusually large aggregate wire transfers or high volume or frequency of transactions with no logical or apparent reason. o Customer uses aliases, nominees or a variety of different addresses. o Customers whose concentration ratio of transfers made to a jurisdiction is notably higher than what is to be expected considering overall customer base. o Customer transfers/receives funds from persons involved in criminal activities as per the information available. o A network of customers using shared contact information (such as address, telephone or e-mail) where such sharing is not normal or reasonably justifiable.
• Transactions received: o Transactions that are not accompanied by the required originator or beneficiary information. o Additional customer or transactional information was requested from an ordering counterparty but not received. o Large number of transactions received at once or over a certain period of time which do not seem to match the recipient’s usual past pattern. 10 FATF: Guidance-RBA-money-value-transfer-services.pdf (fatf-gafi.org)