Transaction monitoring refers to the monitoring of customer transactions, such as transfers, deposits and withdrawals, in real time or after they have been processed by a bank or financial institution. Transaction monitoring is an important part of a robust financial crime compliance programme: not only does it help to detect patterns of suspicious behaviour, it also provides a complete view of customers’ activity, including customer risk levels and predictions of future behaviour.
Just like in Philip K. Dick’s “The Minority Report” novel, transaction monitoring, among other things, uses predictive mechanisms to detect and prevent crime before it happens by uncovering “red flags” in the past transactions and analysing the patterns in customer data. Unlike in the dystopian universe, Salv uses dynamic rules-based transaction monitoring with multiple conditions to identify bad behaviour and minimise risks to your business.
Your approach to transaction monitoring should include the development and implementation of comprehensive transaction monitoring rules that cover all risks specific to your industry and your business. This blog aims to give you a better understanding of transaction monitoring rules: how you can create, change, and test transaction monitoring rules, relieve pressure on your compliance team, and take your transaction monitoring to the next level. With Salv, you can do all of this – and more.
Before we go any further, let’s cover the basics of transaction monitoring.
What is transaction monitoring?
Definition of transaction monitoring
Transaction monitoring helps organisations to recognise and understand patterns of potentially criminal behaviour, stop suspicious payments, or analyse them post-payment. Different types of transaction monitoring are used to improve the accuracy and speed of the enhanced due diligence (EDD) process, detect and prevent fraud, and analyse transactional data to detect money laundering.
Types of transaction monitoring
- Real-time transaction monitoring allows you to detect crime when it happens, and block suspicious payments in real time. This type of transaction monitoring is particularly valuable in detecting and preventing fraud.
- Post-event transaction monitoring is used in less critical situations, where the payments don’t raise immediate alarm. In post-event transaction monitoring, completed payments are compared against money laundering typologies in order to uncover hidden patterns.
- Periodic transaction monitoring is used to check historical customer data to better understand patterns and irregularities in the customer behaviour. Salv generates data aggregations for weekly or monthly transactional behaviour samples.
Who benefits from transaction monitoring
Transaction monitoring is a mandatory process for any organisation that must be supervised for money laundering purposes. In addition to the obvious, such as banks and financial institutions, the list includes money services businesses (MSBs), payment service providers (PSPs), virtual asset service providers (VASPs), digital banks, including neobanks and challenger banks, and many more.
Institutional risk assessment and individual customer risk profiles must be taken into account in order to meet anti-money laundering (AML) and counter-terrorist financing (CFT) requirements and fulfill monitoring and reporting obligations. In its guidance for a risk-based approach for the banking sector, Financial Action Task Force (FATF) recommends that a bank should have a monitoring system in place that is adequate with respect to its size, its activities and complexity as well as the risks present in the bank.
You don’t have to stand alone against financial crime. Improve the quality of suspicious activity reports (SARs) and reduce investigation time with fincrime intelligence sharing.
Why is transaction monitoring important?
Challenges in the existing transaction monitoring landscape

Financial criminals are fast: they have the latest technology, unlimited freedom and resources to stay one step ahead of law enforcement efforts. Compliance teams need more time to investigate and prevent money laundering, more often than not, they are understaffed, bogged down by innumerable regulations. But that’s not all there is to it. When it comes to transaction monitoring, organisations face even greater challenges, in part due to:
- Outdated legacy solutions. At some point in the past, existing legacy solutions were ahead of their time. Now they are more like dinosaurs who somehow survived the asteroid crash. Outdated legacy solutions do the bare minimum to tick the boxes and keep organisations afloat. Placing blind trust in an antiquated legacy system can put you in danger of inaccurate regulatory reporting and constant, costly maintenance.
- False positive alerts. It’s not a secret that poor-quality data, together with inaccurate transaction monitoring rules will likely produce a large number of false positive alerts. Organisations who go down that path are faced with two options: hire large teams to keep up with the growing workload, or choose transaction monitoring software to minimise operational risk and keep compliance costs in check.
-
Operational costs. Faced with a growing number of false positives, you need someone to resolve the alerts and clear the alert backlog. Increasing headcount, in turn, drives up the costs, triggering a vicious circle that is difficult to escape. It’s not always easy to understand and calculate your compliance costs. A while ago, we wrote a blog on how to measure your AML costs.
-
Regulatory consequences. In a fast-paced regulatory environment, it’s important to learn how to navigate through the maze of rules and regulations. Growing numbers of generated alerts require more manual effort to investigate and clear the backlogs, which often comes with a compromise on quality. Shortcomings in your financial crime compliance programme may lead to irreversible consequences for your organisation. In this time and age, regulators want more than compliance. They want you to fight crime. But how can you measure your crime-fighting effectiveness?
- Customer friction. Customer friction is dangerous. Unless you create a smooth, frictionless experience for your customers, there is always a risk of losing them to one of your competitors. You don’t want your transactions to be routinely suspended for money laundering checks, and neither do your customers. Focusing on your customers’ safety and convenience is essential to increasing customer satisfaction, trust and loyalty.
Balancing the challenges of maintaining compliance and fighting financial crime, while providing the best experience for your customers will give you more meaningful control over your organisation. But if you really want to stop crime from happening and catch criminals when it does happen, your compliance team must have access to the latest tools and technology.
The role of transaction monitoring systems

Transaction monitoring is more about detection and less about prevention: you can’t prevent crime without detecting it. Informed transaction monitoring choices must be a cornerstone of your financial crime compliance programme. With an effective transaction monitoring system in place, you can:
- Identify patterns in transactional data. You can track the changes in customer behaviour by examining the scope of generated alerts within a certain period of time.
- Review transaction monitoring rules and fine-tune them. You can change the rules if they generate too many or too few alerts, or don’t generate any alerts at all.
- Update transaction monitoring rules quickly. Regulators expect banks and financial institutions to conduct periodic typology assessments and update the existing rules.
- Set the thresholds for higher-risk customers. Get a complete overview of your customers’ transactional behaviour and be in control to stop suspicious activity as soon as you spot it.
The key to a successful transaction monitoring system is to constantly monitor, keep track and respond to the threats your organisation and your customers face. You must be aware of the industry-specific risks, identify the weak points in your systems and processes, including your product’s potential vulnerabilities – in order to overcome them. This will provide you with valuable information and insights, and guide you to create effective and efficient transaction monitoring rules to capture all possible risks and threats and stay on top of your game.
We are stronger when we are together. The key findings from the AML Bridge Estonia pilot show that collaborative crime-fighting is not only possible but essential.
What are transaction monitoring rules?
Definition of transaction monitoring rules
Many organisations use transaction monitoring to simply tick the boxes. But if you really want to tackle money laundering and financial crime, you need to build your own library of transaction monitoring rules. Your rules must cover specific money laundering typologies and target your organisation’s particular risks and vulnerabilities. Whether you are an early-stage startup or an established enterprise, Salv can help you to quickly set up and upgrade your transaction monitoring system. See our transaction monitoring rules in action.
Transaction monitoring rules focus on capturing suspicious patterns in deposits made to personal and business accounts, as well as money transfers and withdrawals. When set up properly, transaction monitoring rules run through the aggregated transactional data, flagging suspicious transactions for analyst review. With transaction monitoring rules, you can do so much more than just tick the boxes. You can really fight financial crime and win.
What you can do with transaction monitoring rules

With transaction monitoring rules that accurately capture your organisation’s known and potential risks, you can:
- Develop a deeper understanding of the key risks to your customers and your business, and establish patterns of suspicious behaviour.
- Analyse the logic to capture the known and potential risks, and create transaction monitoring rules that follow that logic. Validate the rule syntax.
- Test your transaction monitoring rules on historical data before switching them on. Increase effectiveness over time.
- Adjust your transaction monitoring rules to increase true positive alerts, and detect new and emerging patterns of risk.
- Achieve regulatory compliance, give confidence to your customers and partners.
Benefits of transaction monitoring rules
Extensive transaction monitoring rules that encompass a range of complex scenarios can work wonders to bring down the number of false positives, detect patterns of crime, and reduce the workload for your compliance team. Transaction monitoring rules act as a safety net giving you the confidence to stand your ground and fight crime more effectively: you can track irregularities in your customers’ behaviour, as well as their customers’ and counterparties’ transactional history. With Salv, you can create custom rules from scratch with zero engineering effort.
Counterparty data is not usually available to organisations, but Salv collects it automatically. This is how counterparty monitoring works at Salv.
Unlike artificial intelligence (AI) and machine learning (ML), transaction monitoring rules are very easy to understand and implement, because they rely on the logic that is hard-coded to specific transactional patterns based on the known money laundering typologies. With dynamic rules-based transaction monitoring, you can control the output by introducing new features to better explain the data. You can communicate transaction monitoring rules in simple terms to legal professionals, external auditors and regulators.
Criminals never cease their efforts to evade the law: the moment they recognise the traps you laid for them, your transaction monitoring rules lose their edge. To stop criminals in their tracks, you must constantly change your transaction monitoring rules.
If everyone else is jogging, you must be sprinting ahead in the global race against crime.
How do transaction monitoring rules work?
What types of data we process
Salv processes personal data, transactional data and non-transactional data, or metadata. You can use know-your-customer (KYC) data, risk and screening results to create and test better transaction monitoring rules. As long as you have a coherent and consistent dataset that provides a solid base for the analysis, it’s safe to say, you are set up to succeed.
What types of rules you can create
With Salv, you can create rules for real-time, post-event and periodic transaction monitoring checks. Real-time transaction monitoring rules empower you to stop fraudulent transactions when they occur by giving you a real-time API response. If you don’t need to suspend a customer or payment, and there is no other business logic triggered, it’s often best to use post-event transaction monitoring rules. They don’t require a separate monitoring check API call: all the calculations are done after the data is uploaded to the Salv platform. Instead of being triggered by new data uploads, periodic — sometimes called interval — scenarios run continuously after the time interval you define.
With Salv’s transaction monitoring rules you can monitor high value payments, payment frequency, velocity, counterparty count, dormancy, and more. You can monitor your customers, including natural persons, legal entities, merchants, the end customers of your customers, and counterparties. You can do so much more – with one convenient solution.
How transaction monitoring rules work
Whenever you see something strange or suspicious, you can write a rule to capture and investigate it, detect similar patterns in the future, and make sure that the same thing doesn’t happen again. The process is fairly simple: you collect the input, create a rule, validate the syntax, test the rule on historical data, and implement it into the production environment. At Salv, we currently support two languages: SQL and JMESPath, intuitive and powerful query languages that are easy to grasp and start using from day one.
The more transaction monitoring rules you have, the greater your chances of detecting the patterns that may have previously escaped your attention. Salv’s customers don’t have to create everything from scratch (although that is also an option): we have a growing library of transaction monitoring rules, with 100+ rules being used daily by dozens of our customers. At Salv, we regularly generate more combinations and update our library with new granular rules. Each rule is a template that can be easily adjusted for your organisation’s risk factors.
With Salv, you can set up certain thresholds depending on the risk levels of your customers. Salv’s risk scoring tool allows you to pinpoint higher-risk customers and incrementally increase efficiency over time.
How does transaction monitoring work at Salv?
We don’t give you a tick-box solution. We want you to be on top of your game to beat financial crime and move the industry forward. At Salv, we created a complete toolkit for your organisation, to use your compliance knowledge and experience for the benefit of your customers and help you to become better at what you do.
With Salv, you can use a custom logic to generate alerts and create transaction monitoring rules in a very flexible way, with no limitations, no right or wrong, and a freedom to build and explore. You don’t need a deep technical understanding or engineering experience: test and adjust the rules as you like. We’ve got you covered. See our transaction monitoring in action.