In support of our continuing efforts to detect money laundering, we have developed a computer program that is run periodically against customer transactions. This has been a valuable tool in that we have detected customers making cash deposits at multiple branches w/in a short period of time. After reviewing the specifics, we were able to reasonably assert that the customer may have been structuring to circumvent reporting.

We are now trying to develop a similar program to flag electronic (ACH) activity to assist in identifying suspicious activity transacted through our standalone internet bank. However, we are struggling with defining what string of transactions should be flagged. To date, we came up with the following: Flag accounts where EVERY deposit received during the period was followed by a withdrawal of a like amount.

Review of that scenario will in part demonstrate our efforts to comply w/ AML.

Can anyone share ideas of other types of conditions (specific to an electronic only environment - no cash) that we may want to extract for manual review?

Thanks

Many deposits followed by wire/ACH out
wire/ach in, immediately converted to monetary instrument
deposits to multiple accounts, consolidated to one acct, then wire/ach out.

You might also look at the "other side" of the ACH transaction to determine if it is reasonable for what you know about your customer. For example, we just found that a personal account was receiving ACH credits relating to a private ATM that he owns in a store. We told him to stop immediately, as it should go through a business account and not personal account. This is not exactly AML, but part of KYC and having activity that is "reasonable and customary" for the customer.