Frequently asked questions

TMNL has three objectives:
1. to identify money laundering and terrorism financing faster, better and more comprehensively, and to contribute to their prevention;
2. to improve the utility of the reports of unusual transactions to the authorities, so that identification can lead to more investigations,  prosecutions and convictions; and
3. to contribute to the optimisation of the use of public and private resources in the fight against money laundering and terrorism financing.

The added value includes the insight into transactions that wouldn’t be considered ‘unusual’ at an individual bank, but when combined with transactions by the relevant customers at other banks may be an indication of money laundering or terrorism financing. Insight into transactions at a variety of banks enables TMNL to uncover such transactions and identify possible networks. By making connections between transactions at the different banks, we can identify criminal cash flows and networks better, faster and more comprehensively.

Each year, an estimated 16 billion euros of criminal money is laundered in the Netherlands. This money comes from human trafficking, the drug trade and fraud. As the gatekeepers of the financial system, banks are important in detecting money laundering risks, but there are limits to what is visible to individual banks as laundering networks are often spread over multiple banks. This complex social problem calls for a joint approach. That’s why five Dutch banks have joined forces under the name Transaction Monitoring Netherlands, or TMNL, to fight money laundering and terrorist financing together.

The participating banks provide encrypted customer transaction data to TMNL. TMNL then looks for potentially unusual transaction patterns that are not visible to the individual banks, and that could indicate money laundering and terrorist financing. At the moment, TMNL only monitors transactions by business clients.

When TMNL detects potentially unusual transaction patterns, it triggers alerts that are then sent to the participating banks. The banks investigate these alerts and notify the Financial Intelligence Unit the Netherlands of any potentially unusual transactions. The Unit also investigates the alerts and passes them on to the police and the Public Prosecution Service for further investigation if necessary.

TMNL would eventually like to work with more financial institutions and monitor their transactions, with the aim of increasing effectiveness in the joint battle against money laundering and terrorist financing.

In principle, nothing. Banks will remain responsible for both monitoring transactions and the relationship with the customer, and they will contact the customer if they have any questions about the transaction. The goal is to prevent the fight against money laundering and terrorism
financing from impacting the customer’s privacy and interests as much as possible

In monitoring transactions, TMNL focuses on detecting transactions that may be unusual, based on the transactions at the participating
banks. ‘Unusual’ factors include the scale or nature of the transaction, or those that don’t fit within the customer’s usual transaction pattern. TMNL sends the potentially unusual transaction to the individual bank as an alert, and the bank then conducts a thorough investigation to determine whether the transaction should be reported to the FIU Nederland as an unusual transaction.

The banks have not founded TMNL based on cost considerations, but because they wish to make an even more effective contribution to the fight against money laundering and terrorism financing. During the first few years of operation, TMNL will require significant extra investments from the banks, on top of the costs that every bank incurs for its own transaction monitoring activities.

TMNL has three objectives:
1. to identify money laundering and terrorism financing faster, better and more comprehensively, and to contribute to their prevention;
2. to improve the utility of the reports of unusual transactions to the authorities, so that identification can lead to more investigations, prosecutions and convictions; and
3. to contribute to the optimisation of the use of public and private resources in the fight against money laundering and terrorism financing. TMNL would be a success if it could help achieve these goals.

For the moment, TMNL is focusing on the founder banks. But eventually TMNL will be opened up to other financial institutions in phases.

Other countries, and the European Union, are watching TMNL with great interest. Dutch banks are currently leading the way in these developments. Similar experiments are being conducted in other countries, and there is considerable interest in TMNL’s experiences.

Banks trust TMNL with data to tackle money laundering and terrorism financing more effectively. TMNL treats individuals’ privacy with the
utmost care, as stipulated by the General Data Protection Regulation, or GDPR. TMNL only uses the data that are absolutely necessary for monitoring potentially unusual transactions.

Privacy-sensitive information in the banking and transaction data sent to TMNL are made pseudonymous before they are sent by the bank.
Pseudonymous data cannot be linked to a specific customer, and are meaningless without the bank’s encryption key. TMNL uses these non-personalised data throughout the entire transaction monitoring process. When TMNL sends the bank an alert about a potentially unusual
transaction, only the bank is able to link the transaction to the original data.

Banks are required by law to monitor all of their customers’ payment transactions. To do that, banks use transaction and customer data to detect potential signals of money laundering or terrorism financing. But there are limits to what individual banks can see, because money laundering networks are often spread among multiple banks. TMNL brings together transaction data from individual banks to facilitate joint monitoring. That makes TMNL able to identify potential criminal cash flows that aren’t visible for individual banks.

TMNL receives only the data that are absolutely necessary for monitoring purposes from the banks. Privacy-sensitive data, such as Chamber of
Commerce numbers, IBAN and company names, are made pseudonymous by the banks before they are provided to TMNL, so they cannot be linked to individual customers. TMNL also uses transaction data, such as the time, destination and amount of transactions to detect unusual transaction patterns. At the moment, TMNL only monitors transactions by business clients.

The participating banks only share their transaction and customer data with TMNL, and not with one another. When TMNL identifies potentially unusual transactions, it sends the relevant data to the banks concerned without providing the customer information from the other banks.

No, the data will only be used to identify possible signals of money laundering and/or terrorism financing. The data on potential unusual transactions will only be reported to the bank concerned. Commercial use of the data is neither applicable nor permissible.

TMNL’s guiding principle for transaction monitoring is that the banks should share as little information as possible with TMNL, and the organisation only works with data that are correct and up to date. That means it does not process more customer data than is necessary for the monitoring of money laundering and terrorism financing. To meet its objectives, TMNL only uses the strictly necessary, pseudonymous customer data and transaction data. Making data pseudonymous means that TMNL employees cannot view the encrypted customer data.

A careful analysis has been conducted to determine which data are strictly necessary for multi-bank transaction monitoring. TMNL can provide
justification for these data to the relevant supervisory bodies, upon request. Finally, TMNL has appointed a full-time Data Protection Officer charged with ensuring that TMNL constantly complies with the GDPR. The banks retain final responsibility for the processing of their data, and have set strict requirements for the processing and protection of data.

TMNL makes every effort to guarantee the security of data. The data that banks send to TMNL for processing are secured according to the
highest possible standards. TMNL also ensures that privacysensitive data cannot be traced back to an individual customer.

Only pre-selected TMNL staff have access to the encrypted transaction data. They have all been carefully screened, and have signed a confidentiality statement and a code of conduct. Each data processing activity, such as a search action, is recorded and can be traced to an individual TMNL employee.

The data are encrypted as part of the data transfer process, as is the connection through which the data are sent. TMNL uses a digital signature to check whether the data were actually sent by the bank and if they were altered before the encrypted data is stored in a separate, secure and encrypted database for each bank. These data can only be accessed for analysis from a highly secure and completely isolated environment. TMNL also records every moment the data is handled, such as requesting or processing the data.

TMNL has an Information Risk Management Framework that is based on five principles of trust: Security, Availability, Integrity of processing, Confidentiality and Privacy. The framework describes all of TMNL’s security measures, including their purpose and how they work, in order to limit risks such as the loss of data. An external auditor regularly inspects the framework and checks whether TMNL properly implements all of the security measures described.

TMNL uses the latest, most reliable technologies for the best possible security. In addition to the security measures described in the Information Risk Management Framework and the periodic audit by an impartial external party, TMNL also conducts security tests, such as penetration tests, every six months and following major technical alterations. An independent team checks whether the environment is configured correctly and securely to prevent hackers from entering the system. A team of the best ethical hackers also regularly conducts what
are known as ‘red team’ attacks. The TMNL security team must detect and block these attacks, and TMNL uses the lessons learned to further improve the security of the platform. This is a continuous process.

TMNL uses a variety of analysis techniques in the models for identifying potentially unusual transactions. The most suitable technique is applied for each model. These can be precisely defined ‘business rules’, but can also be statistical techniques. The techniques and the choices
made are always carefully tested and recorded.

TMNL uses a Model Risk Framework based on De Nederlandsche Bank’s SAFEST principles. This framework provides a single context for
the responsible use of Artificial Intelligence and models. An external auditor also regularly reviews the structure, existence and function of the models, with the assistance of a special committee of external independent experts and representatives of the member banks.

TMNL’s core task is to combine transaction data from different banks and use them to make meaningful connections. These connections provide new insights and signals with regard to potential money laundering or terrorism financing activities. This requires the use of models for data analysis, because they are an effective tool for differentiating possible criminal cash flows from normal transactions

As gatekeepers of the financial system, banks are required by law to monitor all of their customers’ payment transactions. To do that, banks have long used models to detect potential signals of money laundering or terrorism financing. But criminals often use multiple banks to spread out their transaction flows. TMNL utilises the best practices from the participating banks, combines the transaction data for joint monitoring, and in so doing gains a comprehensive insight into possible unusual transaction patterns. This allows TMNL to reveal potential criminal cash flows that aren’t visible for individual banks

The decision-making process is not automated. The models only combine statistics, technology and data. First, experts in the field of money
laundering detection and data science determine which data and accounting rules need to be utilised. Then the models differentiate between normal transactions and those that may be unusual. When TMNL identifies a potentially unusual transaction, it sends an alert to the bank. The bank employee then investigates the alerts for potential criminal activity.

When a bank receives an alert from TMNL, it uses the customer information available to investigate whether the transactions display the
characteristics of potential money laundering or terrorism financing. If necessary, the bank then contacts the customer. Depending on the results of the investigation, the bank may report the transaction to the Netherlands Financial Intelligence Unit.

TMNL communicates clearly about which data are processed, for which purpose, and with which guarantees. However, we cannot always publish the details of specific models. It is of course vital that criminals cannot take advantage of more detailed knowledge about the models. The structure of each model is thoroughly tested, reviewed and documented internally before it is put into use. When complex statistical
techniques are used in these models, we utilise methods for making their operation as transparent as possible. An external auditor also regularly reviews the structure, existence and function of the models, and a special committee of external experts monitors the responsible use of the model.

The FIU is an important partner for TMNL. We work closely together with the experts from the banks and the FIU to identify issues such as risk indicators for money laundering. TMNL makes good use of these risk indicators and this knowledge about criminals’ modus operandi for money laundering to develop models that can recognise potential signals of money laundering in the banks’ customers’ transaction patterns.

Yes, to increase its effectiveness, it is crucial that the chain parties share information and collaborate closely together. Because they can only stay ahead of the criminals within the bounds of the law through intensive collaboration. TMNL can play a central and active role in this by bringing experts at public parties together with experts within TMNL and the participating banks.

TMNL is a collaborative effort by ABN AMRO, ING, Rabobank, Triodos Bank and the Volksbank. Through TMNL, the banks monitor their payment transactions within a larger context to identify patterns that may indicate money laundering or terrorism financing activities.

The FEC’s overarching objective is to reinforce the integrity of the financial sector. To that end, the FEC encourages collaboration and information exchange between public and private partners in the chain. TMNL can be seen as an important private initiative that contributes to the same objectives. This private initiative looks for ways to collaborate with a variety of FEC parties in order to further strengthen the collaboration.

TMNL is not under the direct supervision of the AFM and/or DNB, because TMNL is not a financial institution. The member banks are of course under official supervision, and have agreed that TMNL must comply with the same regulations. The banking supervisory bodies pay active attention to the creation and operation of TMNL.

Naturally, TMNL complies with all applicable legislation and regulations. The two most important acts for TMNL are the Anti-Money Laundering and Anti-Terrorist Financing Act (Wwft), which stipulates the banks’ ‘gatekeeper’ function, and the General Data Protection
Regulation (GDPR), which stipulates the requirements for processing personal data and protecting privacy.

As gatekeepers of the financial system, banks have the legal obligation to monitor their customers’ transactions in order to detect unusual transactions that may be indications of money laundering or terrorism financing. However, there are limits to what is visible to individual banks, as money laundering networks are often spread among multiple banks. This complex social problem calls for a joint approach.

In the current phase, TMNL only focuses on monitoring transactions by business clients. The current grounds for the participating banks to
share data with TMNL as a data processor is the banks’ justified interest (Art. 6(1)(f) GDPR), within the context of their obligation to comply with Art. 3 of the Wwft and thereby to reinforce their gatekeeper role.

At the moment, TMNL is not allowed to process all of the necessary transaction data and provide all of the services related to monitoring
transactions for banks. As TMNL and the banks have the ambition to make the financial system safer, new legislation is needed to remove these obstacles in a clear and transparent manner. This not only involves expanding the options for TMNL, but also providing clear and transparent preconditions under which TMNL will be better able to contribute to the banks’ gatekeeper function.