Reported by The Wolfsberg Group

(To read full report, download below:

The Wolfsberg Group’s Statement on Effective Monitoring for Suspicious Activity, Part II: Transitioning to Innovation expands on its 2024 framework, which urged financial institutions (FIs) to move beyond traditional, rules-based transaction monitoring. The document emphasizes the importance of leveraging technology—particularly machine learning, artificial intelligence, and automation—to enhance financial crime detection. It recognizes that suspicious activity monitoring (MSA) must now incorporate customer behavior, attributes, and evolving risks rather than relying solely on transactional data. This requires institutions to adopt a more agile governance framework that balances compliance with effectiveness in detecting criminal activity.

The Group’s new transition framework rests on three pillars: transition and validation, balancing model risk with financial crime risk, and explainability. The first pillar calls for re-establishing desired outcomes for MSA, moving away from “drag net” monitoring that produces low-value alerts, and instead prioritizing quality leads for law enforcement. This shift entails redefining performance metrics, such as precision and recall rates, risk coverage, and suspicious activity report (SAR) quality. Validation processes should focus on proving effectiveness against these revised objectives rather than replicating legacy system outcomes, while also using historical data and expert review to confirm improvements.

The second pillar highlights the tension between model risk and financial crime risk. Traditional model risk management (MRM) frameworks often impose excessive oversight, slowing innovation by treating financial crime models the same way as prudential risk models. The Wolfsberg Group argues that FIs must tailor governance to reflect the different risk implications. While imperfect models may carry some risk, they may still outperform legacy systems in detecting financial crime. To address inefficiencies, the statement calls for streamlined validation across audit, assurance, and MRM functions, minimizing redundancy and focusing resources on forward-looking detection capabilities instead of overly burdensome reviews of outdated models.

The third pillar stresses the need for explainability in advanced monitoring systems. As FIs transition from rules-based to machine learning-driven models, they must be able to articulate how models work, the risks they cover, and how analysts should interpret results. Risk coverage should be grounded in regulatory requirements, customer typologies, and national priorities, while model design should balance rules-based, supervised, and unsupervised methods. Equally important, models must be transparent enough for investigators to understand why an alert was triggered, supported by tools that visualize key features and decision-making factors. Regular recalibration and alignment with risk appetite are necessary to maintain trust and effectiveness.

In conclusion, the Wolfsberg Group underscores that innovation is essential to modern suspicious activity monitoring. Senior management must support changes in risk appetite, oversight functions must adapt governance for faster deployment, and compliance teams must train analysts to interpret more complex outputs. Ultimately, the success of innovation depends on balancing effectiveness with transparency, ensuring that new approaches not only detect crime more efficiently but also provide high-quality intelligence to law enforcement. The Group affirms its commitment to fostering responsible innovation, enabling financial institutions to keep pace with evolving criminal threats while strengthening the integrity of global financial systems.