One of the best ways to address dynamic and emerging risks is conducting above-the-line/below-the-line (ATL/BTL) testing to ensure your software operates at its peak efficiency. Above-the-line/below-the-line testing is a statistical exercise that rigorously analyses transaction monitoring parameters to identify the optimal settings for suspicious activity monitoring for your institution’s unique risk profile.
The ATL/BTL process involves testing thresholds at three levels: the baseline, below the line, and above the line. The goal is to generate productive alerts that might represent illicit activity while ensuring no suspicious activity goes undetected.
- Baseline testing: Begin by establishing a baseline for transaction monitoring parameters. This represents the standard against which adjustments will be tested. Generally, the baseline is the current parameter or setting used in the software.
- Above-the-line testing: Test the parameters by elevating them above the baseline. This identifies the threshold at which false positives might increase, potentially overwhelming investigators with non-suspicious alerts.
- Below-the-line testing: Conduct tests by lowering the thresholds or criteria below the baseline. This helps identify the point at which the system may generate false negatives, thus missing potentially suspicious activity.
- Iterative adjustment: ATL/BTL testing is an iterative process. Adjustments to parameters should be made based on the outcomes of below and above-the-line analysis until an optimal balance is achieved, maximizing the effectiveness of the monitoring software.
Let’s look at an example of ATL/BTL testing in practice. For illustration, we’ll use a wire scenario with current parameters set at $50,000. This means that any wire meeting this threshold will create an alert. To test that this is the appropriate threshold, you would increase the setting (testing above the line) to $100,000 and generate the alerts. Through a sample review, you would determine whether these alerts were quality alerts with actual potential suspicious activity.
Keep in mind that seeing some false positives during this test is necessary to ensure nothing is missed. Currently, there is no regulatory guidance on the acceptable rate of false positives. A financial institution must rely on testing and expertise to determine what is appropriate for its unique program. If sample testing determines that $100,000 is not the suitable threshold, analysis should be performed above or below the $100,000, depending on which direction the results lead. If your testing results in a parameter with no possible suspicious activity detected, that parameter is not the sweet spot. Below-the-line testing is conducted the same way but in the opposite direction, with a starting point possibly at $40,000 in our example.