The usage of an Automated Transaction Monitoring System for the detection and submission of regulatory reports to the Financial Intelligence Centre in terms of Section 29 of the Financial Intelligence Centre Act, 2001 (Act no. 38 of 2001)
The Financial Intelligence Centre recently published Directive 5 of 2019. This Directive is applicable to all Accountable and Reporting institutions and to other persons (collectively referred to as reporters in the Directive) who use an Automated Transaction Monitoring System (ATMS). The use of the ATMS enables reporters to discharge their obligation of submitting regulatory reports to the Financial Intelligence Centre (FIC) in terms of section 29 (Suspicious and Unusual Transactions) of FICA.
For an accountable or reporting institution to ensure that it can identify unusual and suspicious transactions and report accordingly, it must be able to rely on accurate and timely information. This involves sifting through and examining many, in some cases thousands, of transactions to match them against the risk profiles of the client.
The basic purpose of having an anti-money laundering transaction monitoring system is to identify and protect the institution from any transactions that may lead to money laundering and terrorist financing and to enable timeous reporting. Some accountable or reporting institutions rely on technology software to automatically scan the transactions and pick out those that are potentially suspect. Automated Transaction Monitoring Systems often include sanctions/black list screenings, customer profiling, and comprehensive transaction monitoring with reports and alerts. Rules are built into the system that can reflect a number of factors relating to that customer (e.g. aggregate transactions, type, amount, frequency, business). The system will generate alerts or reports when the system identifies an unusual or suspicious transaction based on these rules. When a transaction is flagged, there should be a process within the business to investigate further and if necessary, to submit a report.
As with any system, its effectiveness depends, amongst other things, on how well it has been set up and the quality of the data. A weak or inefficient system may result in suspicious or unusual transactions being overlooked. To mitigate this risk the FIC has issued this Directive which sets conditions for the use of an ATMS implemented by reporters to identify potentially suspicious and unusual activities or transactions and to ensure that a proper governance arrangement is in place for reporters to comply with all reporting obligations.
One of the requirements is that reporters who have implemented an ATMS are directed to attend to all alerts generated by the ATMS within 48 hours of an alert being generated with a view to determine whether a report should be submitted to the Centre. The directive also requires these institutions to have adequate oversight over the process of implementing the ATMS, alert management, adequacy of rules and/or scenarios implemented, and which must include testing.
Accountable and reporting institutions who make use of ATMS must make sure that they understand what is expected in terms of the Directive and must review and, where necessary, adjust existing processes to ensure compliance.