Compliance Technology

Transaction monitoring for Nigerian banks and fintechs

Transaction monitoring is the automated process of reviewing customer transactions in real time or near-real time to detect patterns associated with money laundering, fraud, or terrorism financing. The CBN's 2026 baseline standards (Circular BSD/DIR/PUB/LAB/019/002) make real-time transaction monitoring with dynamic risk scoring a mandatory requirement for all CBN-licensed institutions.

What transaction monitoring is required under the CBN 2026 standards

CBN Circular BSD/DIR/PUB/LAB/019/002, issued March 2026, specifies that all regulated institutions must deploy automated systems capable of real-time transaction monitoring. The circular moves away from end-of-day batch monitoring, which was the norm in many Nigerian institutions, toward continuous monitoring that can flag suspicious activity as it occurs.

The required capabilities include: rule-based monitoring against defined thresholds and patterns, behavioural analytics that compare current activity to a customer's historical baseline, dynamic risk scoring that updates as new transaction data arrives, and case management that links related alerts into a single investigation workflow.

Rule-based vs behavioural monitoring

ApproachHow it worksLimitation
Rule-based monitoringTriggers alerts when transactions match predefined conditions — e.g. cash deposit above NGN 5M, or three or more international transfers in 24 hoursHigh false positive rate; criminals adapt to known thresholds; misses novel typologies
Behavioural / anomaly detectionEstablishes a baseline of normal behaviour for each customer and flags deviations — e.g. a customer who normally receives NGN 200K/month suddenly receiving NGN 5MRequires sufficient transaction history to build accurate baselines; more complex to tune
Combined approachRules capture known typologies; behavioural analytics surface unknown patterns. Case management links alerts from both into unified investigationsRequires more sophisticated technology — which is why the CBN mandates automated systems

Dynamic risk scoring

Dynamic risk scoring means a customer's risk rating is not fixed at onboarding — it updates continuously as new transaction data arrives. A customer onboarded as low-risk who subsequently starts receiving large cash deposits, conducting rapid fund movements, or transacting with high-risk counterparties should automatically be escalated to medium or high risk. This triggers enhanced monitoring, potential EDD review, and — if the activity meets the STR threshold — a regulatory filing.

The CBN's 2026 standards explicitly require dynamic risk scoring rather than static customer risk profiles. Static profiles that are only reviewed annually are not compliant with the circular.

Alert management and case management

A transaction monitoring system generates alerts. An alert management process reviews those alerts, dismisses false positives, and escalates genuine suspicions to case management. A case management system groups related alerts — for example, multiple small deposits from the same customer across different branches — into a single investigation, preserving the full evidence trail that would be needed for an STR or law enforcement referral.

The CBN 2026 circular requires that institutions maintain complete audit trails of all monitoring decisions — including why an alert was dismissed. This is specifically because the CBN examines alert disposition records during on-site AML examinations.

CTR and FTR threshold monitoring

Transaction monitoring systems must also identify when cash transactions approach or exceed CTR thresholds (NGN 5M for individuals, NGN 10M for corporates) and when international transfers exceed the FTR threshold (USD 10,000 equivalent). These are separate from the suspicion-based STR monitoring — they are automatic reporting obligations that do not require analyst judgment, only timely identification and filing.

Frequently asked questions

Is batch (end-of-day) transaction monitoring still acceptable under the CBN 2026 standards?
No. The CBN 2026 circular explicitly requires real-time transaction monitoring. End-of-day batch processing does not satisfy the requirement because it is incapable of triggering timely STR filings for suspicious activity detected intraday. Institutions still operating batch monitoring systems are expected to include the migration to real-time monitoring in their implementation roadmaps submitted to the CBN by June 2026.
How many transaction monitoring rules does a Nigerian bank need?
The CBN does not prescribe a specific number of rules. The requirement is that the monitoring system covers the institution's identified risk exposure — the typologies most relevant to its customer base, product mix, and geographic footprint. A bank with a large retail base needs rules covering structuring and mule accounts. A bank active in trade finance needs rules covering trade-based money laundering patterns. The rule set should be reviewed and updated at least annually.
What is a false positive in transaction monitoring?
A false positive is an alert generated by the monitoring system that, after review, does not represent genuine suspicious activity. High false positive rates are a major operational challenge — analysts spend time reviewing alerts that do not result in STRs, reducing their capacity to investigate genuine cases. Behavioural analytics and better rule tuning reduce false positives. The CBN's examination process looks at an institution's false positive rate as an indicator of monitoring system quality.

Free resource for Nigerian compliance teams

The NFIU STR/CTR Rejection Codes Reference Guide — every common goAML rejection explained with root causes and fixes.

Download the free guide