STORY MODE: EP 1

Unusual Incoming Transactions & Self-Funding Pattern:

A Combined KYC + Transaction Monitoring Investigation

1. Case Overview

A personal banking customer behavior invoked an alert:

  • Incoming payments from multiple unrelated counterparties

  • Periodic incoming transfers from the customer’s own business entity

  • No descriptions of purpose

  • No visible tax trail

  • Counterparties all sent similar amounts of money

The objective was to determine whether these patterns pose a possible risk:

  • Fraud

  • Tax evasion

  • Hidden business activity (possibly illegal)

  • Legitimate activity

2. Triggers & Red Flags

Trigger A: Self-funding pattern

  • Customer received funds from a business account in which they hold 50% ownership + mandates

  • Transfers lacked a proper explanation

  • No declared salary or dividends

  • No taxes registered in external data

Figure A. Transactions from the customer’s business.

Trigger B: Incoming transactions from unrelated third parties

  • Multiple counterparties

  • No prior relationship visible (not related to each other or the customer)

  • Similar transfer amounts, similar time of the transfers - month-by-month payments

  • The transaction narrative is inconsistent or vague (different accounts, different descriptions)

  • KYC information did not show these as business partners (no mandates, not shareholders)

Figure B. Transactions from various unrelated counterparties.

3. Investigation Steps Taken

A. KYC Information Update:

  1. Verified the customer’s identity - verified customer’s ID is up to date (Figure C)

  2. Revalidated business ownership structure - customer owns half of the business (Figure D)

  3. Confirmed business type = private trade / property management (customer is a private trader, but the business is not related to business as it is a Limited liability partnership) (Figure E)

  4. Reviewed corporate registry & mandates

  5. Checked if the customer receives official salary/dividends from other counterparties

  6. Tax data was not available, the customer has not provided any documents previously

Figure C. Customer’s verified ID*.

(*Taken from open source, not actual client)

Figure D. Customer’s business money flow and organization scheme.

Figure E. Customer’s business information in the official registry portal.

B. Transaction Monitoring Analysis

  1. Identified pattern: successive payments, equal amounts, monthly recurrence

  2. Mapped counterparties → checked OSINT & registries

  3. Noted counterparties’ addresses located in the same city

  4. Matched addresses with the building owned by the customer’s business

C. Pattern Recognition

  • Payments do not overlap → resembles tenants paying monthly rent

  • Payment amounts are identical → consistent with rental agreements

  • Counterparties → linked to the same building

  • No suspicious counterparties, transfers to/from high-risk countries, or AML flags

  • No structuring or layering patterns

  • Clear economic logic

4. Findings

Finding 1: Personal → Business transfers

Customer transferring funds from their own business account
Likely explanation:

  • Withdrawals of the owner’s profit

  • Informal salary

  • Cashflow smoothing

  • Dividend related to owned shares

Risk:

  • Potential tax non-compliance

  • But not necessarily AML suspicious

  • Requires customer explanation + documentation → customer contact

Finding 2: Third-party incoming payments = RENT

Evidence supports:

  • The customer’s business owns a rental property

  • Counterparties are tenants

  • Transaction pattern matches rent cycles

  • No signs of shell companies or unknown sources

Conclusion:
The Source of Funds comes from legitimate income activity related to the rental business. No suspicious or unusual activity. Risk is acceptable. 

5. Risk Rating

Overall AML risk: LOW
Justification:

  • Transparent economic purpose

  • No indication of ML typologies

  • No hidden beneficial owners

  • No high-risk jurisdictions involved

  • No layering / structuring / rapid movement of funds

  • No unusual transaction types

6. Final Decision / SAR Consideration

  • SAR report is not required

  • Justification was documented

  • Customer contact initiated for explanation about transfers from the business account, and also the customer was asked to clarify whether tax payments were being made.

  • Continued monitoring in the future.

7. Summary:

  • KYC refresh & entity structure review

  • Pattern recognition in transaction monitoring

  • OSINT investigation

  • Linking counterparties through address-matching

  • Understanding of rental property payment behaviours

  • Distinguishing tax issues vs AML issues

  • Clear justification writing

  • Risk-based decision making