Transaction Monitoring: The Pattern in the Noise

May 28 / Leonard Nwogu-Ikojo
In this fictional case study, a newly implemented rule in a Dutch fintech’s transaction monitoring system flags an unexpected series of high-value payments—just below reporting thresholds and spread across jurisdictions. For Compliance Manager Brian de Vries, it’s a textbook example of how structuring activity can slip through the cracks without regular rule reviews and the support of AI-driven anomaly detection. This article explores how combining static rules with machine learning creates a more adaptive, resilient approach to transaction monitoring—and why that matters in the fight against evolving financial crime.

This article is intended for educational and informational purposes only and does not constitute legal, regulatory, or professional compliance advice. The scenario and recommendations provided are illustrative and may not capture all applicable requirements or risks in specific cases. Readers should follow their organization’s internal policies, data protection requirements, and seek professional advice tailored to their circumstances

It was a quiet Monday morning in Utrecht when Brian de Vries, Compliance Manager at a Netherlands-based fintech firm, began reviewing overnight alerts. Most were routine. But one alert stood out — triggered by a newly implemented rule introduced during the previous quarter’s transaction monitoring review.

The rule was designed to detect high-frequency transactions just below €10,000, distributed across multiple countries within a short time span — a known indicator of potential structuring activity.

The flagged merchant was a luxury goods reseller, recently onboarded and seemingly low risk. But over the weekend, their payment volume surged dramatically. Transactions — each around €9,800 — were initiated from locations in Germany, Spain, and the UAE, all within a 48-hour window. Individually, none breached mandatory reporting thresholds. But in aggregate, the pattern stood out.

Brian pulled the full transaction history. The merchant’s payments originated from diverse card issuers, with shipping data inconsistent with sales records. No matching logistics trails and IP address geolocation data suggesting obfuscation. A cross-reference with past account activity revealed similar patterns in other recently offboarded merchants — a red flag.

“This could’ve easily slipped through last month,” Brian thought. The new rule, designed to spot structuring patterns across jurisdictions and timeframes, had worked exactly as intended. Yet he also knew: static rules could only go so far. Criminal tactics evolve; yesterday’s models won’t catch tomorrow’s schemes.

That’s why, as part of their review, the compliance team had started integrating AI-based anomaly detection alongside traditional rule sets. Instead of relying solely on pre-defined thresholds, the AI engine continuously analyzed transaction flows across the platform, learning typical patterns and flagging outliers—even those no human had explicitly programmed it to find.

Already, Brian had seen how the AI layer surfaced connections that static rules missed: detecting unusual transaction paths, unexpected clusters of activity, or subtle correlations between accounts operating in seemingly unrelated sectors. “It’s like giving the system a second set of eyes,” he’d described it to the board during the last compliance update.

In this case, the AI system hadn’t replaced the rule but had reinforced it, corroborating the anomaly and escalating the case with a higher confidence score. That allowed Brian to prioritize it immediately for manual review, ahead of other alerts.

Without these combined layers—both human-designed rules and AI-driven pattern recognition—he knew the structuring could have gone undetected for weeks, perhaps until much larger sums had already been moved.

Brian documented his findings and escalated the case to the financial intelligence unit for further investigation. As he closed the file, he reflected on the evolving role of compliance technology. “The criminals aren’t standing still,” he thought. “Neither can we.”

Tomorrow, the AI engine would have learned a little more from today’s case. And so would he.

Transaction Monitoring in Practice

Transaction monitoring is the ongoing surveillance of customer transactions—payments, transfers, deposits, and withdrawals—intended to detect unusual or suspicious patterns that may indicate money laundering, fraud, or other forms of financial crime. It is a regulatory obligation under the EU Anti-Money Laundering Directives (AMLD) and the Dutch Money Laundering and Terrorist Financing (Prevention) Act (Wwft), placing financial institutions under strict requirements to monitor for illicit activity.

At its core, monitoring aims to uncover warning signs such as transactions that fall just below reporting thresholds, sudden spikes in activity inconsistent with a customer’s usual behavior, payments routed through high-risk jurisdictions, or the movement of funds across multiple accounts without a clear economic rationale. These are the subtle markers that, when connected, can reveal attempts to bypass controls or disguise illicit flows.

For Brian de Vries, Compliance Manager at a Dutch financial firm, these principles were not abstract concepts but daily realities embedded into his monitoring system. His approach combined two complementary modes: a real-time monitoring layer that immediately flagged transactions breaching pre-set rules—allowing swift intervention before settlement—and a post-transaction batch analysis that aggregated data over time to uncover patterns invisible in isolated transactions. Together, they formed a dual lens: one focused on immediate risks, the other scanning for deeper anomalies emerging in the data’s folds.

Key Components of an Effective Monitoring Program:


  • Risk-Based Rules Engine tailored to product and customer profiles
  • Dynamic Thresholds that respond to evolving transaction behavior
  • Geolocation/IP Monitoring to flag jurisdictional anomalies
  • Link Analysis to detect indirect connections between accounts
  • Escalation Workflow ensuring timely review and reporting
  • AI-Powered Anomaly Detection and Predictive Analytics tool


Why It Matters

The significant penalties levied against European financial institutions for ineffective transaction monitoring underscore a critical failure: the inability to adapt monitoring systems to increasingly sophisticated money laundering tactics. In 2024, a major European bank was fined over £16 million after a flaw in its automated monitoring system allowed over 60 million transactions, totaling £51 billion, to bypass proper scrutiny between 2016 and 2020. The bank's system failed to monitor transactions occurring on the same day an account was opened, and any subsequent transactions until the account record was updated. Despite junior staff raising concerns in 2017 and 2018, effective fixes were delayed, leading to this significant oversight.

Another example involves a prominent UK-based digital bank that was fined €3.5 million by the Bank of Lithuania in early 2025. The regulator identified shortcomings in the bank’s monitoring of customer transactions and business relationships, which impaired its ability to detect suspicious financial activities. This highlights the challenges digital banks face in scaling their compliance systems to match rapid growth.

Brian’s case illustrates how regular rule reviews and system adjustments are essential to staying ahead of emerging risks. Criminal schemes continue to evolve; therefore, monitoring frameworks must evolve even faster. This is where AI offers a powerful solution. By continuously learning from vast datasets and identifying subtle anomalies, AI-powered monitoring can dynamically adapt to new laundering typologies in real-time, far outpacing traditional rule-based systems. This proactive and adaptive capability is essential for financial institutions to stay ahead of emerging risks and avoid costly enforcement actions.

Conclusion

Transaction Monitoring is not a static process. It requires continuous rule refinement, contextual analysis, and investigative diligence. As Brian’s investigation showed, the pattern only emerged because the monitoring system had been updated to detect it. Financial crime thrives in blind spots—compliance professionals must continually shine a light on potential issues.


Created with