This month, the Association for Financial Markets in Europe (AFME), together with EY, published a report examining “Anti-Money Laundering Transaction Monitoring in the Markets sector”. The report summarises input from in-depth interviews with AFME members, regulators and law enforcement agencies/financial intelligence units, and survey responses from member banks.

Recent years have seen increased understanding and regulatory scrutiny of the ways in which markets can be misused for money laundering and terrorist financing (see for example the FCA’s 2019 thematic review). AFME’s report suggests, however, that traditional transaction monitoring (TM) systems may be inadequately designed to detect suspicious activity in the markets. 

AFME found that 80% of firms interviewed filed no suspicious activity reports (SARs) originating from TM alerts in their markets business between June – September 2021. 

The majority of markets-related SARS originated from market abuse as a predicate offence, or from direct front office reporting. Even so, UK National Crime Authority data showed that the capital markets-related SARs made up less than 0.1% of all SARS (whereas conversion from TM alerts in retail and business banking made up between 10-20% of SARS).

Current TM not fit for purpose

The majority of firms surveyed reported that they believed money laundering in the markets was going undetected, with 67% describing this as “significant”. In some cases, firms reported that internal investigations revealed suspicious activity that TM systems failed to detect.

One of the challenges for standard automated TM is that typologies of criminal behaviour in the retail sector do not apply, or cannot be detected, in markets, such as monitoring for changes in behaviour from historical activity, rapid movement of funds, single large transaction value and the like. Markets transactions are inherently more volatile. One typology which remains relevant, however, is payments to and from high-risk jurisdictions.

Moreover, while firms are already required to undertake “Know Your Customer” (KYC) checks, markets customers present significant differences in the level of risk they present, and the type and venue of the trade can also impact risk. Therefore KYC needs to take into account a broader array of risk factors than traditional retail or business onboarding.

How can firms improve?

According to the report, firms have been having some success by implementing “hybrid” TM models which incorporate “market-specific” typologies in automated detection systems together with machine learning and network analytics alongside “intelligence-led investigations”. Intelligence-led investigations are ad-hoc investigations based on numerous sources, such as internal referrals to the AML team, risk-based sampling and data analysis tailored to fit the risk profiles of clients, markets and actual patterns of trade activity.

Network analytics aims to look not just at the behaviour of individual entities such as traders and clients, but the relationship between them: namely, considering whether the relationship is transactional or if connections can be found on static data, such as two corporate clients which are part of the same group.

The report also suggests it could be useful to integrate control standards for market abuse with AML TM. Around 70% of those surveyed saw an opportunity for such convergence.


Adopting a hybrid approach will require investing in new technologies, in addition to developing highly skilled AML TM teams with data analytics and investigations capabilities. However, before considering huge investments to improve technology, regulators still advise firms to get the basics right. This means allocating sufficient resources and ensuring senior management support for AML, having a documented risk assessment, keeping records of decisions, and testing and adjusting systems on an ongoing basis.

Looking to the future, AFME suggests firms should support industry forums to share insights and build a common understanding of effective monitoring.