Project Overview
A UK FCA-authorised payment institution (FCA EMI, GBP8.4B payment volumes, 280,000 business customers) needed ...
Technology Stack
Compliance & Standards
The Challenge
A UK FCA-authorised payment institution (FCA EMI, GBP8.4B payment volumes, 280,000 business customers) needed to build a new AML transaction monitoring platform -- replacing a rules-only legacy system that was generating too many false positives (8,400 alerts per week, 3-day analyst review backlog). AML MLRs 2017, FCA JMLSG Guidance, Terrorist Financing (Prevention) Act UK, HMRC DAML (Defence Against Money Laundering), NCA ELMER typologies, Sanctions (OFAC, HMRC, UN), UK GDPR, Cyber Essentials Plus, ISO 27001. Budget GBP150,000.
Our Approach
Powered Transaction Monitoring
ML transaction monitoring replacing rules-only: (1) feature engineering (transaction amount, frequency, counterparty diversity, geographic spread, time-of-day pattern, round-number ratio, cash-equivalent transactions), (2) unsupervised anomaly detection (Isolation Forest -- detects unusual transaction patterns per customer baseline), (3) supervised classification (XGBoost -- trained on labelled historic alerts: confirmed SAR vs false positive), (4) network analysis (graph ML -- detect circular transactions, beneficial ownership chains, counterparty networks), (5) alert prioritisation (ML risk score replaces rules threshold -- top 10% highest-score alerts reviewed first).
False positive rate target
reduce from 94% (rules-only) to below 40% (ML + rules combined).
NCA ELMER typologies
ML features aligned to NCA published money laundering typologies.
Sanctions screening at scale
- 1ComplyAdvantage API (customer onboarding screening and daily rescreening -- OFAC, HMRC Sanctions, UN, EU retained),
- 2HMRC Deferred Debit Prevention (DAML -- pre-transaction sanctions check for high-risk payments),
- 3fuzzy name matching (Jaro-Winkler distance -- catches transliteration variants),
- 4PEP (Politically Exposed Person) screening (ComplyAdvantage PEP data -- enhanced due diligence trigger),
- 5adverse media screening (ComplyAdvantage adverse media API -- negative news about customer or counterparty).
Daily rescreening
280,000 customers rescreened daily against updated sanctions lists (batch processing via AWS Batch overnight -- 6-hour processing window).
SAR Workflow and NCA goAML
SAR (Suspicious Activity Report) workflow: FCA expects SARs filed within 24 hours of decision to file.
SAR workflow
- 1alert generated (ML score above SAR threshold),
- 2analyst review (analyst reviews alert evidence -- transaction history, network graph, news),
- 3SAR decision (file SAR or close alert -- documented rationale either way),
- 4SAR draft (goAML XML format -- customer details, suspicious transactions, narrative),
- 5NCA goAML submission (API submission -- goAML acknowledgement reference).
TIPPING OFF PREVENTION
system must not allow customer to know SAR has been filed (Proceeds of Crime Act 2002 s.333A).
Tipping off control
SAR workflow on separate access-controlled subsystem -- customer-facing staff cannot see SAR status.
FCA JMLSG Guidance Compliance
FCA JMLSG (Joint Money Laundering Steering Group)
Guidance
- industry-wide best practice guidance for UK financial services AML.
- JMLSG-aligned controls: (1) risk-based approach (ML risk score enables genuine risk stratification -- not all customers treated equally), (2) customer risk assessment (ML features used to calculate customer AML risk score -- updates with each transaction), (3) enhanced due diligence triggers (ML identifies customers with elevated risk -- triggers EDD review), (4) training and awareness (FCA expects all staff who handle payments to complete AML training -- LMS tracking integrated), (5) periodic review (ML model retrained quarterly -- model drift monitored, JMLSG expects continuous improvement).
HMRC DAML
Defence Against Money Laundering consent -- for transactions involving proceeds of crime where firm has knowledge or suspicion.
The Results
Platform live at 26 weeks, GBP138,000. 280,000 customers.
GBP8.4B payment volumes.
Alert volume: 8,400/week to 2,100/week (75% reduction).
False positive rate: 94% to 38%.
Analyst review backlog: 3 days to same-day.
Confirmed SAR rate: 2.8% of alerts (was 0.6% rules-only).
SARs filed: 148 in year one, all within 24 hours.
Sanctions screening: 280,000 customers rescreened daily.
JMLSG compliance confirmed.
ISO 27001 maintained.
Alerts 8,400 to 2,100 per week.
False positives 94% to 38%.
Analyst backlog 3 days to same-day.
Confirmed SAR rate 2.8% vs 0.6% rules-only. 148 SARs all within 24 hours.
The false positive reduction -- from 94% to 38% -- was not just an efficiency gain.
It was a quality improvement.
Analysts reviewing 94% false positive alerts become desensitised.
They stop seeing suspicious patterns because every alert looks like noise.
Reducing false positives to 38% restored analyst alertness.
The 148 SARs in year one -- compared to 22 the previous year -- came from analysts who could see the signal again. -- Chief Compliance Officer, UK Payment Institution
Project Details
Related Case Studies
View AllOpen Banking AISP Platform for UK FinTech Startup
Open Banking AISP Platform for UK FinTech Startup. A UK FinTech startup needed to build an FCA-authorised Account Information Service Provider (AISP) platform that could a...
AI-Powered Customer Service Platform β UK FinTech
A UK FinTech company with 180,000 customers was spending Β£840,000/year on a 45-person customer service team, p...
Digital Banking Platform MVP β UK Challenger Bank
A UK challenger bank startup had received FCA authorisation with restriction (they could accept deposits but n...
Ready to Transform Your Business?
Let's discuss how our technical expertise can help you achieve remarkable results.