Suspicious transaction in banking


-A step in fighting money laundering and terrorist financing.

“Not guilty on until proven guilty in a court of competent jurisdiction”. This is a common statement in various spheres of the legal fraternity and also in any community where justice takes centre stage of events. However, that statement brings me to a very important aspect of Compliance thus “suspicious or unusual transactions” as customers strike acquaintances with their financial institutions through transactions. A transaction may seem suspicious or “guilty” but such conclusion cannot be drawn until it has been proven to be a bad transaction (fraudulent). Suspicious or Unusual transaction is discussed in this write-up in the context of money laundering, counter-terrorist financing, and the proliferation of weapons of mass destruction.

The article looks at the meaning of Suspicious transaction, detection and handling of suspicious transactions as prescribed by Anti-money laundering act and regulation. It identifies and describes some factors that hinder the detection of a suspicious transaction by financial institutions.

The article finally makes suggestions to overcome the hurdles that impede the detection of suspicious transactions by financial institutions. In addition, the author introduces readers to his own construct of a Suspicious Transaction Grid that can aid in the simulation process to determine whether or not a transaction is suspicious. The objective of this article is to remind and educate bank staff on the tenets of handling Suspicious transactions.

Suspicious or unusual transaction defined

According to the 1.17 (a) of the Bank of Ghana and Financial Intelligence Centre AML/CFT& P Guideline for Banks and Non-Bank Financial Institutions in Ghana, July 2018. (herewith referred to as BoG and FIC Guideline, July 2018) under section 1.17 (a) defines Suspicious Transaction as “as one which is unusual because of its size, volume, type or pattern or otherwise suggestive of known money laundering methods. It includes such a transaction that is inconsistent with a customer’s known legitimate business or personal activities or normal business for that type of account, bank product or that the transaction lacks an obvious economic rationale.”

There are no hard and fast rules as to what constitutes suspicious activity, financial institution employees are to watch for activities that are not consistent with a customer’s pattern of regular business. In short, the suspicious or unusual transaction can happen at every touchpoint of the customer and/or employee with the bank. Indeed, it can exist in every facet of banking.

Some examples of suspicious financial transactions

  1. Transactions
  • Cash
  1. Cash transactions conducted in an unusual amount from that of usually conducted by the relevant customer.
  2. Transactions conducted in a relatively small amount but with high frequency (structuring).
  • Transactions conducted by using several different individual names for the interest of a particular person (smurfing).
  1. The foreign currency exchange or purchase in a relatively large amount.
  2. The purchase of several insurance products in cash in a short period time or at the same time with premium payment entirely in a large amount and followed by policy disbursement prior to the due date. (ie Bancassurance)
  3. The purchase of securities by cash, transfer, or cheques under other person’s name.
  • Economically irrational transactions
  1. Transactions having no conformity with the initial purpose of account opening.
  2. Transactions having no relationship with the business of the relevant customer.

iii. Transaction amount and frequency are different from that of normally conducted by the customer.


  • Fund transfers
  1. Fund transfers to and from high-risk offshore financial centres without any clear business purposes.
  2. Receipts or transfers of the fund in several phases and once accumulated the funds are subsequently transferred entirely to other accounts.

iii. Receipts or transfers of funds at the same or approximately the same amount and conducted in a relatively short period (pass-by).

  1. Fund payments for export-import activities without complete documents.
  2. Fund transfers from or to other high-risk countries.
  3. Receipts/payments of funds made by using more than one (1) account, either in the same name or a different one without any pertinent justification.


  1. Behaviours of the Customer
  2. Unreasonable behaviours of the relevant customer when conducting a transaction (nervous, rushed, unconfident, etc.).
  3. Customer/prospective customer gives false information with respect to his/her identity, sources of income or businesses.

iii. Customer/prospective customer uses identification document, that is unreliable or alleged as fake such as different signature or photo.

  1. Customer/prospective customer is unwilling or refusing to provide information/documents requested by bank officials without any clear reasons.
  2. Customer or his/her legal representative tries to persuade the bank officials in one way or another not to report his/her transaction.
  3. Customer opens account for a short period and after some transactions, applies to close the account.

vii. Customer is unwilling to provide right information or immediately terminating business relationship or closing his/her account at the time bank officials request information with respect to his/her transaction.


The role of financial institutions in detecting and handling suspicious transactions

Under Sections 32, 33, 34, 35 and 36 of the Anti-Money Laundering Regulations, 2011 (L.I 1987) have the following to say;

  1. (1) An accountable institution shall pay special attention to transactions that

(a) are complex,

(b) involve unusually large sums of money,

(c) have unusual patterns, or

(d) have no apparent or visible economic or lawful purpose.

(2) An accountable institution shall in furtherance of sub-regulation (1)

(a) examine the background and purpose of the transactions specified,

(b) record the findings in writing within twenty-four hours, and

(c) forward the findings to the Centre.

  1. (1) An accountable institution shall make a suspicious or an unusual transaction report regardless of

(a) the amount involved, or

(b) whether the transactions are thought to involve tax matters, if the person making the report has reasonable grounds to believe that the transaction is being made to avoid the detection of money laundering.


Procedure for reporting a suspicious or an unusual transaction

 Regulation 34 of the Anti-Money Laundering Regulations, 2011 (L.I 1987) has it that;

  1. (1) Where an employee of an accountable institution receives information in the course of business as a result of which the employee knows, suspects or has reasonable grounds to believe that a person is engaged in money laundering, the employee shall disclose the information

to the anti-money laundering reporting officer.

(2) The anti-money laundering reporting officer shall consider the report in the light of relevant information available to the accountable institution and determine whether the contents of the report give reasonable grounds for knowledge or suspicion of money laundering.

(3) Where the anti-money laundering reporting officer determines that the report gives rise to reasonable suspicion of money laundering, the anti-money laundering reporting officer shall inform the superior of the anti-money laundering reporting officer.

(4) The accountable institution shall make a report to the Centre within twenty-four (24) hours after the knowledge or suspicion in a specified format by FIC.

Now under section 30 of the Anti-Money Laundering Act, 2008 (Act 749)

(3) A person who makes a suspicious transaction report shall not

(a) disclose the contents to another person, or

(b) reveal the personal details of the officer of the Centre who receives the report to another person.

(4) A person who receives a suspicious transaction report shall not

(a) disclose the contents of the report to a person not authorised to know the contents of the report, or

(b) disclose the personal details of the person who made the report to another person.

(5) A person who makes a suspicious transaction report shall disclose the contents where

(a) the person is required by law to disclose the contents,

(b) it is to carry out the provisions of this Act,

(c) it is for legal proceedings, or

(d) it is by an order of a Court.

The law offers protection against civil or criminal liability for the person (s) who reports suspicious transactions in good faith. This is clearly stated under section 32 of the Anti-Money Laundering Act, 2008 (Act 749) as a “A person who makes a suspicious transaction report under section 30 is not liable for the breach of a restriction on disclosure of information imposed by contract or by any law if the person reports the suspicion to the Centre in good faith.”

Failure to report a Suspicious Transaction or an Unusual Transaction

According to the Anti-Money Laundering/Combating The Financing of Terrorism & The Proliferation of Weapons of Mass Destruction (AML/CFT&P) Administrative Sanctions/Penalties for Banks and Non-Bank Financial Institutions in Ghana. Failure to file a Suspicious Transaction Report as indicated under section 30 of the Anti-Money Laundering Act, 2008 (Act 749) attracts a minimum of 5,000 penalty units a jail term and in some cases both.

The role of financial intelligence centre in handling suspicious transactions

Anti-Money Laundering Regulations, 2011 (L.I 1987) spells the role of FIC in respect of handling the Suspicious Transactions reported by accountable institutions.

  1. (1) The Chief Executive Officer of the Centre shall receive suspicious or unusual transaction reports.

(2) The Centre may receive a suspicious or an unusual transaction report

(a) verbally,

(b) in written form,

(c) by telephone,

(d) by electronic mail, or

(e) by other means of communication.


Record of a Suspicious or an Unusual Transaction Report

  1. 36. (1) The Chief Executive Officer of the Centre shall, on receipt of the suspicious or unusual transaction report

(a) make a written record of the report,

(b) record the report on a computer system or an electronic

device capable of being used to store information, and

(c) acknowledge receipt of the report.


Anti-Money Laundry (Amended) Act, 2014 (Act 874)

Section 36 of Act 749 Amended-Continuation of transactions;

(2) If the Centre considers it necessary based on the seriousness or urgency of the case, the Centre may order the suspension of a transaction for a period not exceeding seven working days.

The Chief Executive Officer of the Centre may apply to the court within 7 working days after transaction has been suspended for issuance of a freezing order. This freezing order if successful allows the Centre one year to conduct full investigation into the substance of the report.

(3) The person affected by the suspension shall be informed within forty-eight (48) hours of the suspension and may seek redress from the court.


What hinder the detection of suspicious transactions by financial institution.

In real life, no system is 100% perfect. This stands to reason that no matter how robust systems, processes and procedures are made, some suspicious or unusual transactions can slip through and may not be detected. The question of who must detect suspicious transaction or unusual transaction has remained unanswered for a while. The answer remains that, since suspicious transactions can happen in every part of a financial institution, then every staff holds the responsibility of detecting a suspicious transaction. The drive in getting all staff ready to be able to detect suspicious transactions in most cases are spearheaded by the Compliance Department, Internal Audit Department and any other supervisory department or units. Although there are a lot of factors that hinder the detection of suspicious transactions, the following are very paramount.

For top management, compliance and internal audit teams, communication must always be strategy-level agenda. In the past, management of financial institutions did not get involved in communicating the compliance message, but now nearly every CEO or Managing Director talks about ethics and compliance in fora ranging from radio or TV interview, staff durbars, internal communication circulars, annual training of Board members, to investor relations communications and other public events. Still, internally, managers and trainers face an uphill task on issues of compliance within organizations.

There must be routine and thorough training on the respective compliance function of financial institutions and “Red Flags” for all staff. For training to be relevant to departments with varying responsibilities or a dispersed workforce, it needs to be relevant to the business and cultural issues those employees face. Training budget for compliance must be approved on time to ensure early training of staff to be able to bring them on the same pedestal or ahead of compliance trends. Frontline staff who come face-to-face with customers must be up to the task. Research has shown that when people are aware of what is expected of them, chances are that they will do the right things.

After poor or no communication and training the next obvious factor is poor monitoring. It is obvious in the sense that if staff are not communicated to or not trained on how to detect suspicious transaction, then they will not be able to do any meaningful monitoring.

A crucial element of a suspicious transaction detection program is monitoring transactions and activities. According to the Association of Certified Fraud Examiners’ (ACFE) 2014 Report to the Nations, monitoring accounts is one of the top three methods of detecting unusual transactions. Monitoring places a check on policies, procedures, records and actions, and highlights when they are not being followed, or when they need to be updated. Routine monitoring aids employees to continually improve their anti-money laundering framework. It also provides a significant deterrent effect.

When employees (or third parties) know they will be monitored, they are more likely to comply. In some instances, management of financial institutions do not lend their full support to Internal Audit, Compliance Department and supervisory units. This stems from the fact that some Management and senior staff of financial institutions do not have a full grasps of the compliance function and so in most cases they behave like antibodies that fight the system that protects them. Some Management and Senior staff of financial institutions see the activities, operations and logistics of Compliance and Internal Audit Departments as cost element to their balance sheets. Some do not give these supervising departments the needed attentions and action to enable them operate efficiently and effectively.

Beyond all the aforementioned, there must be the “will” on the part all employees of financial institution to report Suspicious Transactions. A financial institution can organise up-to-date training for employees regularly with state of the art logistics in place and working but if employees (top-down and down-top) lack the zeal to report then financial system can be compromised. A case in point is the recent revelation by the Financial Crimes Enforcement Network (FinCEN) which exposed $2 trillion in suspicious transactions through some major banks (Deutsche Bank, Bank of New York Mellon, Standard Chartered Bank, JP Morgan Chase, Barclays, HSBC Bank etc) and are roiling the world of finance. The situation becomes worse and murkier when efforts from the Regulator to get banks to report suspicious transaction are lax.

Way forward

Financial institutions can detect suspicious or unusual transactions through monitoring and customer due diligence of existing and new customers. Through proper due diligence at on-boarding and continuous monitoring on the part of financial institutions. Monitoring can be done through automation (AI-Artificial Intelligence) and manual means. It is ideal for financial institution to combine both and not stick to only one. Financial Institutions must develop or acquire automated monitoring tools to monitor all transactions aimed at detecting suspicious transactions.

Automated monitoring tools in the sense that, as volumes increase manual method of monitoring become ineffective. In addition, for an automated monitoring tool to be effective it has to be built around the parameters that make transactions suspicious in that way the system will be able to sniff out the suspicious transaction with an insignificant margin of error. Training of staff to be able to detect suspicious transactions is of great essence.

Staff may be at post with state of art equipment but without training all efforts will equal zero. Again through routine and spot checks by mandatory and supervisory units or departments like Compliance, Internal Audits etc. can bring to fore some of these unusual transactions.

Another important avenue of soliciting for suspicious transaction information is through “Whistleblowing or Tipoff”. Every financial institution must have a Whistleblowing Policy that seeks to unearth fraud, give first-hand information on suspicious transaction and protect the identity of the whistle blower(s) as much as possible. A statement signed by Mr Kwaku Dua, the Chief Executive Office of the Financial Intelligence Centre indicates “since establishment the FIC has instituted a number of measures geared towards improving Ghana’s Anti-Money laundering/ Combating the Financing of Terrorism (AML/CFT) regime. The Centre through the use of modern technology software (go-AML) has increased the filing of Suspicious Transactions Reports from reporting entities.

The Centre also has highly skilled and dedicated staff who through diverse ways continue to work effectively to address outstanding ML/TF related issues. These strides could not have been possible without the support of stakeholders such as the law enforcement agencies, regulators, reporting entities, private sector and designated non-financial businesses and professions (DNFBPs).” As of the time of writing this article the website of the FIC had a case count of 4,446 Suspicious Transaction Reports from financial institutions and still counting.

The suspicious transaction grid

Suspicious transactions can be divided broadly into two perspectives, that is to say customer identity/profile and customer activity/transaction. Either ways or both if defective can make a transaction suspicious or unusual.  So when we say customer’s identity/profile (individual, entity, vessel) springs suspicion when that customer’s name is on any of the sanctioned list, adverse publication, convicted of a crime (ex-convict), politically exposed, foreigner etc. Customer banking activity can become suspicious by timing/frequency, amount (too small and too huge), patterns, no apparent or visible economic or lawful source/purpose of funds, location. That, which is inconsistent with a customer’s known legitimate business or personal activities or normal business for that type of account,

The Suspicious Transaction Grid has been designed by the author to aid or guide staff of financial institutions in classifying transactions. A quick description of the grid;

  1. Good Transaction: there is consistency in customer’s identity as well as the customer’s banking activity. (Good Identity/Profile + Good Activity)
  2. Suspicious Transaction: there is inconsistency in the customer’s banking activity as against a genuine customer identity. (Good Identity/Profile + Bad Activity)
  3. Suspicious Transaction: the customer’s identity is inconsistent but the customer’s banking activity is genuine. (Bad Identity/Profile + Good Activity)
  4. Suspicious Transaction: both customer identity and banking activity are all inconsistent. (Bad Identity/Profile + Bad Activity)


In simple terms, a transaction is said to be falsely positive in money laundering when at a glance it looks suspicious of money laundering but an in-depth analysis reveals it to be genuine. A transaction can look suspicious when customer’s profile changes but the financial institution does not have such an update ahead of transactions. A typical example is when a customer opens an account at the time when he was a student. Many years along the line he graduates and he’s employed in firm that pays well or becomes a hyper-successful entrepreneur. Obviously, his income streams and patterns will change using the same account. If the customer’s profile (Know Your Customer-KYC) is not updated with the bank, the bank will always suspect the customer and his transactions hence generating a lot of false positives. Regular customer information update is an essential part of fighting money laundering and terrorist or secessionist financing.


Every fraud, money laundering or an attempt of either of them never happen without early warning. There are always signs that trigger suspicions but unfortunately, employees are largely not trained to detect or perhaps technology is not in place to detect for follow-up by Officials of banks.

Early detection of suspicious transactions is key in the fight against money laundering, counter-terrorist financing and the proliferation of weapon of mass destruction. All staff of financial institution must be equipped in all aspects of their work to be able to detect suspicious transaction. Automation (AI) must be employed to aid the detection of such transactions. Always identify and verify as well to be entirely convinced a transaction is genuine.

The author is a Researcher, a Governance and an Operational Risk Expert in Banking Operations. He has worked over a decade in various capacities in the banking industry. For enquiries on this article kindly contact the author through email: [email protected]

Leave a Reply