Defining and Improving Surveillance Accuracy

Surveillance accuracy is critical to maintaining a manageable workflow for compliance teams in the fight against market abuse. Define your alerting parameters that are too wide, and your team will be swimming in false positives. Define them too narrowly, and you might miss transactions that need to be reported to the regulator. So where is the tipping point – and where can you even begin to define and improve surveillance accuracy?

Risk Assessment

First, it’s important to understand that surveillance accuracy varies from one financial institution to the next. You can’t simply set your parameters according to what other banks are doing. Instead, your compliance team will need to conduct a thorough risk assessment that evaluates where your business is exposed to risk. This will depend on factors such as who your customers are (for example, retail or institutional?), the types of instruments you’re trading (for example, OTC or exchange-traded?), and the countries (e.g. G7 or emerging?) and markets you’re trading in.

Scenario and Alert Models

Next, your financial institution should decide what scenario and alert models you’ll need based on the results of your risk assessment. If for example, you’ve determined from your risk assessment that your bank is not at risk of insider trading in certain asset classes, then you won’t need to set alerts that reflect that risk in those asset classes. But if you determine that you are at risk of insider trading, you’ll need to set alerts and importantly, the appropriate parameter threshold settings to detect those insider trading breaches.

Parameter Thresholds

Parameter thresholds for trading will vary across different financial institutions. Compliance officers should set thresholds which are appropriate to their business, and not rely on RegTech or a surveillance vendor’s out-of-the-box analytics settings. As a simple example, large banks may want to trigger alerts on any transactions above 10 million dollars. But for a small, local bank, a more appropriate threshold may be one million (or less).

To err on the side of caution, banks may also want to configure alerts to trigger when transactions reach a value close to – but not exactly at – the desired transaction threshold amount. For example, instead of generating an alert for trades over a million dollars, a small bank might want to trigger alerts for all trades over 995 thousand dollars. This will help capture any transactions where a trader was intentionally trying to fly under the surveillance radar.

Review, Test and Adjust

It's important to remember, surveillance isn’t set it and forget it. Once you’ve set your thresholds, you’ll need to review, test and adjust them at various time intervals. If your surveillance team is still inundated with false positives, you probably need to make some more adjustments. On the other hand, if you’re not receiving any false positives, you could also be missing true positives - which would make for an embarrassing and costly next audit.

You should also reevaluate and adjust your scenarios and thresholds when there are changes to your business or to market conditions that affect your business. Volatile markets or global incidents, such as COVID, can quickly alter the conditions that constitute real risk. These sudden changes can leave you with a huge spike in alerts that your team cannot possibly keep up with.


Finally, assume that it’s inevitable that your business will be audited. That’s why it’s important to follow through on and investigate every alert before regulators come knocking on your door. And you can’t do that when your compliance team is overwhelmed with false positives – which makes setting appropriate alert thresholds all the more important.

Interested in learning how NICE Actimize can put your compliance team on the path to accurate alerting and fewer false positives? Contact us here or reach out to me at