Day 6 - The Hard Truths Part 4: Why We’re Losing Ground Against Financial Crime

Overwhelming False Positives

Today, we’re talking about a massive blind spot in our efforts to fight financial crime: false positives. Imagine trying to find a single needle in a haystack, only to have someone keep adding more hay. This is what our compliance and law enforcement teams face every day. Detection tools, initially designed to help identify criminal behavior, have become so overactive that they’re generating mountains of low-quality alerts, drowning teams in work and burying real threats.

False positives are more than just an inconvenience—they’re an urgent issue draining resources, eroding morale, and weakening our capacity to address real threats. If we want to reclaim the integrity of our Anti-Financial Crime (AFC) systems, we must address the staggering cost of these inaccuracies and reimagine detection.

The Reality of False Positives: Why Our Systems Are Clogged with Noise

The concept of an alert system is simple: red flags should be raised when something unusual or risky happens. Yet, as detection tools have proliferated, so has the noise. In a typical AFC setup, detection systems rely on rule-based models that trigger alerts based on set criteria. But as crime patterns evolve, these systems struggle to keep up, often casting a wide net to avoid missing any potentially suspicious behavior. The result? A flood of alerts, the vast majority of which don’t indicate actual crime.

The numbers paint a daunting picture. According to a report by PwC, financial institutions discard 95-98% of generated alerts as false positives. That’s like spending all day shouting “fire!” in a crowded theater, with only a fraction of those shouts indicating an actual blaze. This is not just an ineffective system—it’s a dangerous one. When resources are consumed by false positives, real threats slip through unnoticed, making it harder to protect our financial systems and the people who rely on them.

How Did We Get Here?

False positives have been a part of AFC from the start, but their prevalence has grown alongside the industry’s focus on compliance. As regulatory requirements multiplied, detection systems became increasingly conservative, favoring overreporting to avoid penalties or oversight criticism. In an environment where non-compliance comes with heavy fines, the logical choice for many institutions has been to err on the side of caution, flagging anything that might raise concern. But what started as caution has turned into a crippling overload.

Think of it as a security guard who begins stopping every single person who enters a building because one might be a threat. Eventually, this over-caution becomes counterproductive, creating so much friction that genuine security threats are harder to detect. By prioritizing quantity over quality, AFC efforts have drifted from their original intention—identifying real criminal behavior—into a landscape where compliance has become synonymous with excessive screening.

The Costs of Excessive False Positives

The price we’re paying for this approach is far greater than most realize. Let’s break down the true impact:

1. Wasted Resources and Escalating Costs

• Financial institutions spend billions annually on compliance, and a significant portion of this expense goes to processing alerts that lead nowhere. Each false positive costs time and resources, requiring multiple layers of review, escalation, and reporting. According to recent estimates, global FIs spend over $214 billion annually on financial crime compliance. A large fraction of that cost comes from managing false positives.
• In addition to compliance costs, institutions bear opportunity costs, losing out on more strategic investments in technology and innovation as they channel resources into manual reviews and compliance checks that yield little to no value.

2. Operational Inefficiencies and Increased Friction

• False positives don’t just drain budgets—they bog down operations. Compliance teams and investigators spend an overwhelming amount of time sifting through low-priority alerts, a practice that breeds frustration and burns out valuable talent. Employees are left spending their days running on a treadmill, reviewing cases that lead nowhere and doing little to protect the organization or the public.
• The process also creates friction for legitimate customers, who may face unnecessary delays or scrutiny because their behavior triggers a system designed to “catch everything.” This can lead to lost business, customer dissatisfaction, and diminished trust.

3. Missed Opportunities to Prevent Real Crime

• Perhaps the most significant impact of false positives is the missed opportunity to address genuine criminal threats. When systems overproduce low-value alerts, high-risk activities become harder to identify. The needles—the true indicators of financial crime—get buried under stacks of hay, leaving our systems vulnerable.
• This also affects collaboration with law enforcement, who rely on financial institutions to flag real criminal activity. When AFC systems send mountains of low-quality alerts, law enforcement agencies become overwhelmed, making it harder for them to investigate and prosecute actual criminal networks.

Why False Positives Have Become Tolerated

How did we allow false positives to become such an accepted part of AFC efforts? Much of it comes down to a culture of caution and a fear of penalties. When regulators assess an institution’s compliance performance, they rarely critique for overreporting . In fact, the industry has been conditioned to see overreporting (Defensive SARs) as preferable, or at least safer, than the risk of missing a reportable incident. Perhaps that's why Thomson Reuters is reporting record SAR filings .https://www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/special-report-suspicious-activity-reports/

Furthermore, outdated detection systems are hard to replace. Many FIs still rely on legacy rule-based systems designed years ago, with criteria that may no longer be relevant but continue to run because of inertia or cost barriers to updating them. These systems are too rigid to adapt to evolving crime tactics, yet switching to more agile systems requires significant investment. As a result, many institutions tolerate high levels of false positives because they see no viable alternative.

What We Need to Do Now: Redefining Detection with Precision

If we are to reclaim AFC from the swamp of false positives, we need to make serious, foundational changes. Here’s how we can shift from noise to precision:

1. Invest in AI-Driven and Machine Learning Solutions

• AI-driven solutions hold immense promise for AFC, enabling systems to learn from patterns and reduce false positives by focusing on contextual, rather than rigid, criteria. Unlike rule-based models, which rely on static conditions, machine learning algorithms can adapt to changing patterns, identifying anomalies with far greater precision. By integrating AI into detection systems, FIs can dramatically cut down on false positives, allowing compliance teams to focus on genuine risks.
• For instance, machine learning can detect patterns across transactions that may seem benign in isolation but reveal suspicious trends when analyzed in context. This allows us to move from a “one-size-fits-all” approach to a dynamic model that adjusts based on real-world behaviors.

2. Collaborate with Tech Innovators and Regulators to Set Standards

• To effectively implement AI-driven solutions, FIs, technology providers, and regulators must work together to establish frameworks that guide the deployment of advanced detection tools. This collaboration can help ensure that new systems are compliant with regulatory requirements while providing more accurate and actionable insights.
• For example, financial institutions could work with regulators to pilot new detection models that minimize false positives without sacrificing compliance. With regulatory support, these pilots could pave the way for standardized AI-driven detection systems across the industry.

3. Shift the Focus to Quality, Not Quantity

• Compliance programs should prioritize quality over quantity, creating KPIs (Key Performance Indicators) that measure the effectiveness of alerts rather than their volume. By incentivizing accuracy, institutions can foster a culture that values precision and operational effectiveness over raw numbers.
• This shift requires a mindset change. Financial institutions need to see false positives not as an inevitable byproduct of caution but as a costly inefficiency that can and should be minimized. By training teams to evaluate alerts based on risk and impact, rather than sheer volume, we can prioritize meaningful detection.

4. Foster a Proactive, Rather Than Reactive, AFC Approach

• A system that’s focused on real-time monitoring and adaptability can reduce false positives while increasing our ability to prevent crime. By leveraging predictive analytics, financial institutions can anticipate patterns that indicate high-risk behaviors and intervene before crimes occur.
• Imagine if we moved from a system that responds to isolated alerts to one that identifies patterns and intercepts crime networks. This proactive approach not only improves efficiency but also enhances our ability to disrupt criminal operations, turning AFC from a box-ticking exercise into a true protective shield.

Moving Forward: Breaking Free from the Noise

False positives are more than an inconvenience—they’re a roadblock in our mission to protect the financial system from crime. If we continue to tolerate this issue, we risk losing sight of our purpose, overburdening our teams, and allowing real threats to thrive.

The time has come to address the reality of false positives with the urgency it demands. This series is focused on identifying and confronting the roadblocks in our current approach, and false positives are among the biggest barriers we face. But there is hope. With the right investments, collaborations, and mindset shifts, we can reduce noise and refocus on what matters: real crime prevention.

Stay tuned as we continue to dig into the underlying issues holding us back from effective AFC and begin mapping out actionable solutions. Together, we can move from a world of overwhelming alerts to one of precision, clarity, and real protection.

Tomorrow: Day 7 - The Hard Truths Part 5 - Lack of Focus on Victims and the Impact