A terrifying figure keeps popping up in the world of Anti-Money Laundering (AML): 95%. This number is the estimated percentage of alerts generated by traditional AML systems that turn out to be false positives. It turns out that systems designed to flag suspicious transactions are actually very rarely flagging actual threats. For banks and fintechs, this structural flaw has profound operational, financial, and reputational consequences.
A deluge of alerts, few real threats
False positives in AML stem from rules-based monitoring which relies on predefined thresholds and static patterns. But as criminal methods evolve, these rigid systems struggle to adapt, and they overcompensate by flagging more transactions.
Go deeper with GlobalData
This results in compliance teams becoming inundated with alerts, and because each alert requires investigation, compliance officers are faced with a deluge of alarm bells. While US regulators estimate it takes about two hours to file a Suspicious Activity Report (SAR), independent studies show that the real burden can stretch up to 22 hours per alert when factoring in investigation, documentation, and review cycles. While the payoff of detecting transactions by criminal networks that would normally fly under the radar is immense, sifting through the large number of transactions to achieve it is often arduous and with AI, almost certainly not optimal from a cost perspective.
Operational strain and escalating costs
This mountain of false alerts places huge operational strain on financial institutions as compliance teams are forced to spend the bulk of their time chasing false leads rather than investigating the real threats. All of this energy diverts resources from the actual high-risk cases and inflates the cost of compliance without improving outcomes.
Therefore, financial institutions are responding by ramping up staffing and technology budgets. In fact, global AML compliance costs are estimated to be over $274 billion annually, with much of this going towards handling the sheer volume of low-quality alerts as opposed to catching criminals.
This inefficiency can be particularly damaging for smaller banks and fintechs, as they often lack the compliance headcount of larger banks, causing them to struggle to meet their regulatory obligations.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataCustomer friction and lost trust
Meanwhile, the cost of false positives is equally significant for bank and fintech customers, as they often face intrusive verifications, frozen accounts, or blocked transactions triggered by nothing more than an atypical, but entirely lawful, transaction. For users accustomed to real-time digital services, even a short delay can be enough to go to a competitor.
And with fintechs operating in sectors such as remittances, digital banking, and cryptocurrency, where users often rely on speed and ease of use, this kind of friction is one of the key drivers of customer churn. This problem is particularly seen in emerging markets, where AML rules may flag entire geographies as high-risk, effectively excluding large swaths of potential customers. A fintech or bank looking to expand into West Africa, for example, may find its growth stifled because compliance systems label transactions from those regions as suspicious by default.
Compliance risk, amplified
Ironically, high false positive rates can increase the risk of non-compliance. Similar to how alert fatigue causes security risk assessors to miss red flags, compliance officers also are prone to miss potential money laundering cases due to alert overload. Regulators have also taken notice, with recent high-profile AML fines being levied for issues such as failing to detect illicit activity, managing alert queues effectively, or failing to conduct adequate investigations.
False positives become a double-edged sword: they both overload systems while increasing the likelihood of compliance breaches.
Rethinking AML efficiency
To address this crisis, financial institutions are exploring more adaptive solutions, including systems that analyse behaviour, context, and real-time transaction data rather than relying solely on static rules. Techniques like machine learning and behavioural analytics hold promise for reducing false positives while improving threat detection.
This is because these systems recognize not just what is happening, but why, allowing them to filter out legitimate behaviour and surface hidden risks more intelligently, freeing up valuable human analysts time to focus on complex, high-risk cases.
A strategic imperative
AML compliance is no longer just a back-office requirement, it’s a strategic function that impacts growth, customer satisfaction, and regulatory standing. As transaction volumes increase and financial products become more complex, legacy systems that generate more noise than insight are a liability.
Addressing the false positive problem isn’t just about saving money. It’s about building trust, enabling growth, and ensuring that AML efforts truly serve their purpose, stopping financial crime without stopping legitimate business.
Jeff Otten is Chief Revenue Officer at ThetaRay
