Wolfsberg Group Unveils Updated Guidance on Effective Monitoring for Suspicious Activity

The Wolfsberg Group has released its second Statement on Effective Monitoring for Suspicious Activity, published in August 2025, marking what it describes as a major step forward in the way financial institutions are advised to approach anti-money laundering (AML) and suspicious activity monitoring (SAM). The new guidance reflects “a significant shift towards a more sophisticated, technology-driven approach in combating financial crime,” urging institutions to embrace risk-based monitoring, enhance analytical capacity, integrate machine learning tools, and focus on the overall effectiveness of monitoring frameworks.

By encouraging the adoption of machine learning (ML) and artificial intelligence (AI) in monitoring programs, Wolfsberg argues that detection capabilities can be dramatically strengthened, while ensuring that the global fight against illicit finance remains both agile and responsive to increasingly complex threats.

At the heart of the new statement is a framework built around what Wolfsberg calls the three pillars of responsible innovation: Transition and Validation, Balancing Model Risk with Financial Crime Risk, and Explainability and Transparency.

Under the first pillar, the Group recommends that financial institutions gradually move away from outdated, legacy systems and adopt modern, AI-driven platforms. Validation of these new systems, it stresses, should be based on net effectiveness rather than equivalence with earlier tools.

The second pillar addresses the challenge of model risk. Institutions are advised to weigh the risks associated with complex AI and ML models against the potential benefits of detecting financial crime. The guidance places emphasis on prioritising crystallised risk—real, observable threats—over purely theoretical concerns.

Finally, explainability and transparency are identified as non-negotiable requirements. Models, according to the statement, must remain interpretable to both regulators and internal stakeholders, with transparency over decision-making processes critical for maintaining trust and regulatory compliance.

The Wolfsberg Group also promotes what it terms Monitoring for Suspicious Activity (MSA)—a broader approach that extends beyond traditional transaction monitoring. Under this vision, customer behaviour and attributes are central to risk detection, with AI and ML deployed to analyse connections across customer profiles, transaction histories, and external data sets. Illustrative tools include graph network analysis to uncover hidden relationships, entity resolution to consolidate data across accounts, and cluster analysis for identifying anomalous behaviour.

One of the more notable shifts in methodology concerns testing. Instead of parallel processing—where new and old systems are run simultaneously—Wolfsberg advocates the use of sandbox testing. This, the statement explains, allows institutions to trial new models in a controlled environment, reducing both costs and complexity while encouraging innovation.

In evaluating performance, the Group makes clear that quantity should not be mistaken for quality. The effectiveness of systems, it says, should be judged by their ability to produce actionable intelligence rather than the raw volume of suspicious activity reports (SARs) or suspicious transaction reports (STRs). Feedback loops from regulators and investigative outcomes should, it adds, play a direct role in refining and improving monitoring models.

The guidance also strongly endorses the integration of AI and ML within SAM. The technologies, it argues, offer the potential to detect complex patterns of illicit behaviour, significantly reduce false positives, create dynamic customer segmentation for sharper risk profiling, and continuously adapt to emerging threats through learning from past investigations.

The statement underscores that these developments are not taking place in isolation. The Wolfsberg Group notes that its framework reflects the collective experience of its member banks, as well as insights gathered through technical workshops with Financial Intelligence Units (FIUs), policymakers, and regulators from across the globe.

By fLEXI tEAM