How would you tune an AML transaction-monitoring system that is generating an unmanageable volume of false-positive alerts?
A core Risk & Compliance interview question — asked in analyst and associate interviews across IB, PE, and the Big 4.
THE SHORT ANSWER
First, don't simply raise thresholds to cut volume — that risks missing genuine suspicious activity and is a regulatory red flag. I'd analyze alert outcomes: which rules/scenarios produce alerts that almost never convert to SARs, and segment by customer risk so thresholds reflect expected behavior (a cash-intensive business differs from a salaried retail customer). Then tune scenario parameters with data, document the rationale and get model-governance sign-off, and run the change in parallel/back-test against historical SARs to confirm you're not suppressing true positives. Address the backlog with risk-based triage and consider a lookback if a gap existed. The principle: optimize precision without lowering true-positive coverage, all evidenced and governed.
WHAT INTERVIEWERS LISTEN FOR
- ✓Don't blunt-raise thresholds to cut volume
- ✓Segment thresholds by customer risk/expected behavior
- ✓Back-test changes against historical SARs
- ✓Document and get model governance sign-off; triage backlog
COMMON MISTAKES
- ✗Raising thresholds purely to reduce alerts
- ✗Tuning with no back-testing or governance
- ✗Ignoring true-positive coverage
Reading isn't the same as answering under pressure.
Interviewers don't hand you the model answer — you deliver yours on a clock. Practice this and 1,000+ questions with AI feedback on every answer.
RELATED QUESTIONS
- Explain sanctions screening.
- Explain the fraud triangle and how compliance programs use it.
- How would you design an AML transaction monitoring system?
- Why is identifying the ultimate beneficial owner (UBO) central to CDD, and how do you handle complex ownership structures?
- What is trade-based money laundering, and what red flags would you train transaction reviewers to spot?
- Why is correspondent banking high-risk for money laundering, and what are nested accounts?