Transaction Monitoring Policy¶
| Code | AML-005 |
| Domain | AML / Financial Crime |
| Owner | Chief Compliance Officer |
| Status | Draft |
| Applicability | Platform |
| Jurisdiction | NZ + AU |
| Business domain | BD07 |
| Review date | 2027-03-25 |
Regulations: AML/CFT Act 2009 · AML/CTF Act 2006 · FATF 40 Recommendations¶
Purpose¶
Govern the automated and manual transaction monitoring programme that detects suspicious activity, unusual transactions, and potential money laundering or terrorism financing.
Scope¶
All transactions processed by the platform across NZ and AU, including payments, transfers, account activity, and product usage.
Policy statements¶
The platform SHALL operate a continuous transaction monitoring programme using the AML analytics pipeline (MOD-037). All transactions SHALL be assessed against typology rules and behavioural models.
Transaction monitoring rules and models SHALL be reviewed at least annually and following any material change in product mix, customer base, or regulatory typology guidance. Changes to rules SHALL be approved by the CO before deployment.
Alerts generated by the transaction monitoring system SHALL be reviewed by a trained analyst within the timeframes set in the AML/CFT procedures. Alert disposition (escalate / close) SHALL be recorded with a rationale.
The platform SHALL maintain alert disposition records for a minimum of seven years.
Where a transaction alert is escalated for SAR/STR consideration, the review SHALL be completed within the timeframe required by AML-006.
The CO SHALL review transaction monitoring performance metrics monthly, including alert volumes, false positive rates, and escalation rates. A trend materially outside expected ranges SHALL trigger a rule review.
The platform SHALL not tip off customers that a transaction is under review or that a SAR/STR is being filed.
Satisfying modules¶
| Module | Name | Mode | Description |
|---|---|---|---|
| MOD-002 | Immutable transaction log | LOG |
Transaction history for monitoring is immutable — cannot be suppressed or modified |
| MOD-016 | Rule-based typology engine | AUTO |
All transactions monitored against typology rules — no sampling, no gaps |
| MOD-017 | ML behavioural scoring model | AUTO |
Behavioural anomalies detected without requiring a specific rule — model adapts to new patterns |
| MOD-018 | Alert case management system | LOG |
Every alert is actioned and its disposition recorded — no alerts silently discarded |
| MOD-021 | Payment limit & velocity controller | ALERT |
Structuring detection assisted by velocity rules — rapid small payments flagged |
| MOD-024 | Device & session intelligence | LOG |
Device anomalies logged as AML monitoring signals — feeds behavioural model |
| MOD-039 | Customer risk score model | AUTO |
High risk score customers subject to enhanced monitoring automatically — no manual watchlist |
| MOD-042 | CDC pipeline — Neon logical replication to S3 Iceberg | AUTO |
Transaction events available to the AML monitoring engine within 5 minutes of posting via S3 Iceberg External Table |
| MOD-120 | PayID and Osko integration | LOG |
All real-time Osko payments are logged with full transaction metadata for transaction monitoring purposes. |
| MOD-129 | Teller operations and branch cash management | GATE |
Cash transactions above the prescribed reporting threshold require teller-initiated identity verification and are automatically submitted to the cash transaction reporting workflow before the posting is finalised. |
| MOD-137 | Agency banking adapter | AUTO |
Agency cash transactions at or above the AML reporting threshold (AUD/NZD 10,000) are flagged for cash transaction reporting; the agency batch file includes transaction amounts enabling threshold detection. |
Part of AML / Financial Crime · Governance overview
Compiled 2026-05-22 from source/entities/policies/AML-005.yaml