Transaction monitoring is the part of an AML program that most often gets switched on, generates a flood of false positives, and quietly gets ignored. Done well, it's the single most defensible piece of evidence that your program is operating. Done badly, it's noise that hides the real risk.
The five baseline rules for SMEs
- Cash or equivalent transactions at or above A$10,000 (statutory TTR threshold — must be reported, not just monitored).
- Structuring patterns: multiple sub-threshold transactions in a short window from the same customer or related parties.
- Source-of-funds inconsistency: deposit or settlement amounts materially out of step with the customer's profile.
- Third-party payments: deposits or settlement funds from a party who is not the customer of record.
- High-risk jurisdiction exposure: transactions involving FATF-listed or sanctioned jurisdictions.
Tuning false positives
A new rule will typically generate 5–10× more alerts in week one than in month three. The point is not to suppress alerts — it's to learn which patterns are normal for your business and tighten the rule parameters around them. A real estate agency selling A$2m+ properties has a very different deposit profile from one selling A$500k apartments. Your monitoring rules should reflect that.
Document the why, not just the what
For every alert that you decide does not warrant an SMR, capture a short note explaining why. AUSTRAC's biggest concern in monitoring reviews is not the alerts you reported — it's the alerts you closed without explanation. A two-line disposition note ('source of funds confirmed via vendor statement, consistent with profile, no further action') is the difference between a defensible program and a problematic one.