Transaction monitoring — the use of contemporaneous compliance analytics to proactively and reactively identify suspicious business arrangements and payments — is the most important development in anti-corruption programs since third-party due diligence. Beware though: Transaction monitoring can also inadvertently increase legal risk.
The “How and Why” When allegations of corrruption arise, investigators use forensic analytics to identify suspicious corrupt transactions. Prosecutors and regulators invariably will want to understand why the organization did not embed the same analytics into its anti-corruption program.
Transaction monitoring increases legal risk when generic monitoring programs produce thousands of false positives — typically, far too many to investigate. These unpursued transactions can become a government treasure trove for subsequent scrutiny.
It is also important to consider quantitative and qualitative risk indicators. Organizations periodically (daily, weekly, monthly, etc.) gather quantitative data such as general ledger detail, disbursements and accounts payable data, and sales information, which is recorded in pertinent key fields within accounting and operational systems. Based on the risk assessment results, organizations can develop compliance analytics to identify potential high-risk transactions for further analysis. Similarly, non-numeric data can be used to identify potential corruption.
If the organization maintains approved vendor and customer lists, terminated or denied third-party relationships, and/or high-risk vendors data, transaction monitoring can identify — instaneously — if an employee engaged (or attempted to engage) in a transaction with an unauthorized third party. Other qualitative risks should include geographic and/or business unit characteristics.
Effective corruption transaction monitoring programs require proper tools, resources and expertise, including risks and controls to develop, implement and operate. Creating a program is a multifaceted approach that requires input from risks and controls and compliance analytics experts.
Building the Program The following steps are often taken in creating a successful transaction monitoring program:
- Conduct a corruption risk assessment at a business unit and geographic level to potential schemes and scenarios to fund and mask payments to public officials
- Create key risk indicators of corruption
- Develop data tests to identify risk indicators
- Collect, assimilate and analyze the data
- Design protocols for whether and how to conduct additional investigation
- Train resources investigate and document the response to suspicious transactions
Conclusion Transaction monitoring functions as a compliance smoke detector. Not only do transaction monitoring programs minimize legal risk, but also prevent and detect embezzlement and asset misappropriation. Just as customer transaction monitoring has become essential to anti-money laundering compliance programs, so too are transaction monitoring programs fundamental to effective anti-corruption compliance programs.
Jonny Frank and Rex Homme are remediation and FCPA experts with StoneTurn Group, an independent consulting firm that provides forensic accounting, forensic technology, intellectual property, complex business litigation, and remediation and monitoring services to attorneys, corporations, government officials and individuals across a wide range of industries and matters.