Interview Questions asked in PWC for Transaction Monitoring

Last Updated on Ape 10, 2026, 2k Views

Interview questions asked in pwc for transaction monitoring

1)✅ What is a Counterparty?

A counterparty is the other party involved in a financial transaction.

In a transfer, the counterparty is the sender or receiver (whichever is not your customer).
In a trade, it’s the buyer or seller on the opposite side.

👉 Example:
If your customer sends money to someone, that recipient is the counterparty.

🔍 Counterparty Checks in Transaction Monitoring (TM)

In AML/KYC transaction monitoring, counterparties are analyzed to detect suspicious activity and hidden risks. Key checks include:

1. Sanctions Screening
Check if the counterparty is listed on sanctions lists (e.g., UN, OFAC, EU).
Transactions involving sanctioned entities are blocked or escalated immediately.
2. PEP (Politically Exposed Person) Screening
Identify if the counterparty is a PEP or related to one.
Higher risk due to potential corruption or bribery exposure.
3. Adverse Media / Negative News
Screen for news related to:
Fraud
Money laundering
Terrorist financing
Even if not sanctioned, negative media increases risk.
4. Geographic Risk Assessment
Check if the counterparty is linked to:
High-risk or sanctioned countries
Countries with weak AML controls
Example: FATF grey/blacklisted jurisdictions.
5. Transaction Behavior Analysis
Frequency and pattern of transactions with the counterparty:
Unusual spikes
Round-tripping
Structuring (smurfing)
Helps detect suspicious patterns.
6. Relationship & Link Analysis
Check connections between:
Customer and counterparty
Multiple counterparties
Identifies hidden networks or mule accounts.
7. Name & Identity Verification
Verify if the counterparty details are:
Complete and consistent
Not fake or anonymized (e.g., shell entities)
8. High-Risk Industry Check
Determine if the counterparty is involved in:
Gambling
Cryptocurrency
Arms trade
NGOs (in some contexts)
Certain industries carry higher AML risk.
9. Velocity & Value Checks
Monitor:
High-value transactions
Rapid movement of funds to/from the same counterparty
Flags potential layering activity.
10. Historical Risk Profile
Has the counterparty been flagged before?
Previous Suspicious Activity Reports (SARs) increase risk score.
🧠 Summary

A counterparty is any external party involved in a transaction, and in TM, they are scrutinized just like the customer.

👉 The goal is to answer:
“Is this person/entity posing a financial crime risk to our customer or institution?”

2)What are the steps involved in conducting Enhanced Due Diligence (EDD), and what specific extra checks are performed during EDD?

✅ What is Enhanced Due Diligence (EDD)?

Enhanced Due Diligence (EDD) is a deeper level of customer investigation applied to high-risk customers (e.g., PEPs, high-risk jurisdictions, complex ownership structures).
It goes beyond standard KYC/CDD to fully understand the risk and legitimacy of funds and activities.

🔄 Steps Involved in Conducting EDD
1. Trigger Identification

EDD is initiated when a customer is classified as high-risk due to:

PEP status
High-risk geography
Unusual transaction patterns
Adverse media
2. Comprehensive Information Collection

Collect additional details such as:

Detailed occupation/business profile
Source of Wealth (SoW)
Source of Funds (SoF)
Expected account activity
3. Customer Risk Assessment
Reassess risk using a risk-based approach
Consider factors like geography, industry, transaction behavior
4. Independent Verification
Validate information using reliable external sources
Cross-check documents, databases, and public records
5. Beneficial Ownership Analysis
Identify the Ultimate Beneficial Owner (UBO)
Understand ownership/control structure (especially for corporates)
6. Senior Management Approval
High-risk customers must be approved by senior compliance or management
7. Enhanced Ongoing Monitoring
Apply stricter transaction monitoring rules
More frequent reviews and alert checks
8. Documentation & Record Keeping
Maintain detailed records of:
Findings
Risk rationale
Approvals
🔍 Specific Extra Checks Performed During EDD

EDD includes deeper and more detailed checks than standard CDD:

1. Detailed Source of Wealth (SoW) Verification
How the customer accumulated wealth (e.g., business profits, inheritance)
Validate using:
Financial statements
Tax returns
Contracts
2. Source of Funds (SoF) Validation
Origin of specific funds used in transactions
Ensure funds are legitimate and traceable
3. Advanced Adverse Media Screening
Deep-dive searches across global media sources
Focus on:
Financial crimes
Corruption
Regulatory violations
4. PEP & Associates Analysis
Identify:
Close associates
Family members
Assess indirect risk exposure
5. Sanctions & Watchlist Deep Screening
Use multiple databases for:
Sanctions
Law enforcement lists
Regulatory watchlists
6. Corporate Structure & UBO Deep Dive
Analyze:
Layered ownership
Offshore entities
Shell companies
7. Geographic Risk Deep Dive
Assess links to:
High-risk or sanctioned countries
Tax havens
8. Business Activity Validation
Confirm if business operations are:
Legitimate
Consistent with profile
Use:
Website checks
Registries
Third-party reports
9. Transaction Pattern Analysis
Compare actual vs expected activity:
Unusual volumes
Complex routing of funds
10. Site Visits / Face-to-Face Verification (if applicable)
Physical verification for high-risk corporate clients
🧠 Interview Tip (Short Answer)

👉 “EDD involves identifying high-risk customers, collecting enhanced information, verifying source of wealth and funds, conducting deep screening (PEP, sanctions, adverse media), analyzing ownership structures, obtaining senior management approval, and applying enhanced ongoing monitoring.”

If you want, I can also give you:

Real EDD case studies (PEP / shell company / crypto cases)
Common interview scenarios with answers
Checklist template used by banks

3) What is Cash Flow?

Cash flow refers to the movement of money (cash) into and out of a person’s or business’s account over a period of time.

🔄 Types of Cash Flow
Cash Inflow (Money Coming In)
Salary
Business income
Investment returns
Loan proceeds
Cash Outflow (Money Going Out)
Rent, bills, expenses
Loan repayments
Purchases
Investments
📊 Simple Example
Monthly salary: ₹50,000 → Inflow
Expenses: ₹30,000 → Outflow

👉 Net Cash Flow = ₹50,000 − ₹30,000 = ₹20,000 (positive cash flow)

📈 Types of Cash Flow in Business
Operating Cash Flow – From core business activities
Investing Cash Flow – From buying/selling assets
Financing Cash Flow – From loans, equity, dividends
🚨 Importance in AML/KYC Context

In AML/KYC and transaction monitoring

4) How do you understand or analyze the cash flow of an account?

Analyzing cash flow in an account (especially in AML/KYC) means understanding how money moves, whether it makes sense for the customer profile, and if there are any suspicious patterns.

🔍 Step-by-Step Cash Flow Analysis
1. Understand the Customer Profile

Start with:

Occupation / business activity
Income level
Geography
Expected account behavior

👉 This sets the baseline expectation.

2. Review Total Inflows vs Outflows
Compare money coming in vs going out
Identify:
Positive cash flow (more inflow)
Negative cash flow (more outflow)
Break-even patterns

👉 Check if this aligns with the customer’s profile.

3. Identify Source of Funds (Inflow Analysis)

Look at:

Salary credits
Business receipts
Thir…

5) What is a UAR (Unusual Activity Report)?

A UAR (Unusual Activity Report) is an internal compliance document used in AML (Anti-Money Laundering) and KYC (Know Your Customer) processes to record and escalate transactions or behaviors that appear unusual or inconsistent with a customer’s known profile.

🔍 Definition
A UAR is generated when a transaction monitoring system or analyst identifies suspicious or abnormal activity, but further investigation is still required before deciding whether it qualifies as suspicious enough to file a regulatory report.

🧠 Key Purpose
To document unusual activity

To trigger internal investigation

To help determine whether a SAR (Suspicious Activity Report) should be filed with regulators

⚠️ Examples of Unusual Activity
Sudden large deposits or withdrawals

Transactions inconsistent with customer profile or expected behavior

Frequent international transfers without clear purpose

Use of multiple accounts to move funds (possible layering)

🔄 UAR vs SAR (Important Difference)
Aspect UAR SAR
Nature Internal report External regulatory report
Stage Initial suspicion Confirmed suspicion
Filed to regulator? ❌ No ✅ Yes
Purpose Investigation Reporting financial crime
📝 What a UAR Typically Includes
Customer details (KYC profile)

Transaction details (amount, date, counterparties)

Reason for suspicion / alert trigger

Analyst’s initial observations

Supporting documents or screenshots

🔎 Process Flow
Alert generated (via transaction monitoring system)

Analyst reviews alert

If activity seems unusual → UAR created

Further investigation (EDD if needed)

Decision:

Close as false positive, OR

Escalate to SAR filing

💡 Simple Example
A salaried individual suddenly receives multiple high-value international transfers.
➡️ Analyst finds this unusual → raises a UAR
➡️ After investigation, if linked to suspicious sources → escalated to SAR

6) A UAR (Unusual Activity Report) is an internal report used in AML/KYC processes to document transactions or behavior that appear suspicious or inconsistent with a customer’s profile.

📄 Key Details Included in a UAR
1. Customer Information
Full name
Customer ID / Account number
Date of birth / Incorporation date
Address and contact details
Customer type (Individual / Corporate)
Risk rating (Low, Medium, High)
2. Account Details
Account number(s) involved
Account type (Savings, Current, Business, etc.)
Account opening date
Linked accounts (if any)
3. Transaction Details
Date and time of transaction(s)
Transaction amount(s)
Mode (Cash, Wire transfer, Online, etc.)
Origin and destination of funds
Frequency and pattern of transactions
4. Description of Unusual Activity
Clear explanation of why the activity is unusual
Comparison with expected customer behavior
Trigger alerts from transaction monitoring systems
5. Red Flags Identified
Structuring/smurfing
Sudden spike in activity
Transactions with high-risk countries
Use of multiple accounts
Inconsistent business activity
6. Customer Profile vs Activity Analysis
Expected vs actual transaction behavior
Occupation/business nature vs transaction pattern
Source of funds vs observed inflows
7. Supporting Documentation
Transaction statements
KYC documents
Previous alerts or history
External database checks (sanctions, PEP, adverse media)
8. Investigation Summary
Analyst’s findings
Steps taken during investigation
Tools/systems used
9. Conclusion / Disposition
Whether activity is:
False positive
Suspicious
Needs further monitoring
10. Recommendation / Action Taken
Escalation to compliance
Filing of SAR/STR (Suspicious Activity/Transaction Report)
Account monitoring or closure
💡 Simple Interview Tip

If asked in an interview, you can summarize:

“A UAR includes customer details, transaction information, reason for suspicion, red flags, analysis of customer behavior, supporting documents, and the investigator’s conclusion with recommended actions.”

7) How do you understand or analyze the cash flow of an account?

Analyzing cash flow in an account (especially in AML/KYC) means understanding how money moves, whether it makes sense for the customer profile, and if there are any suspicious patterns.

🔍 Step-by-Step Cash Flow Analysis
1. Understand the Customer Profile

Start with:

Occupation / business activity
Income level
Geography
Expected account behavior

👉 This sets the baseline expectation.

2. Review Total Inflows vs Outflows
Compare money coming in vs going out
Identify:
Positive cash flow (more inflow)
Negative cash flow (more outflow)
Break-even patterns

👉 Check if this aligns with the customer’s profile.

3. Identify Source of Funds (Inflow Analysis)

Look at:

Salary credits
Business receipts
Third-party transfers
Cash deposits

Ask:

Are sources known and legitimate?
Any unusual or unknown senders (counterparties)?
4. Analyze Outflows (Usage of Funds)

Check:

Payments to individuals or businesses
Transfers to high-risk countries
Large withdrawals

👉 Ensure spending behavior is logical and explainable.

5. Check Transaction Patterns

Look for:

Sudden spikes in activity
Frequent high-value transactions
Repetitive transfers to same counterparties
Structuring (many small transactions below threshold)
6. Velocity Analysis
How quickly is money moving?
Example:
Funds credited and withdrawn within hours/days

👉 High velocity may indicate layering or mule activity.

7. Counterparty Analysis
Who is sending/receiving money?
Check:
Unknown or high-risk counterparties
Links to multiple accounts
Sanctions/PEP/adverse media risk
8. Geographic Risk Review
Are transactions linked to:
High-risk or sanctioned countries?
Offshore jurisdictions?
9. Compare Expected vs Actual Activity
Does actual activity match:
Declared income?
Business nature?

👉 Example:
Low-income individual handling large volumes = red flag

10. Look for Red Flags 🚨

Common suspicious indicators:

Sudden large deposits followed by immediate withdrawal
Round-tripping (money returns to origin)
Use of multiple accounts (layering)
High cash activity with no clear reason
Third-party fund transfers without business justification
🧠 AML Analyst Approach (Simple Framework)

👉 Profile → Pattern → Purpose → Parties → Geography → Risk

📌 Example
Customer: Salaried employee earning ₹40,000/month
Observation:
Receives ₹5–10 lakh from multiple unknown parties
Quickly transfers funds to other accounts

🚨 Conclusion:
Cash flow inconsistent with profile → Potential mule/layering activity

🎯 Interview Tip (Short Answer)

“To analyze cash flow, I compare inflows and outflows, verify sources and usage of funds, assess transaction patterns and velocity, review counterparties and geography, and check whether activity aligns with the customer’s profile. Any deviation may indicate suspicious activity.”

8) Can you list five red flags alerts in transaction monitoring?

Here are five key red flag alerts in Transaction Monitoring (TM) commonly used in AML/KYC:

🔴 1. Unusual Large Transactions
Sudden high-value transactions inconsistent with the customer’s profile or income.
Example: A low-income account suddenly receives ₹50 lakhs.
🔴 2. Structuring / Smurfing
Breaking large transactions into smaller amounts to avoid reporting thresholds.
Example: Multiple cash deposits just below ₹10 lakhs (or reporting limit).
🔴 3. Rapid Movement of Funds
Funds are quickly transferred in and out with no clear business purpose.
Example: Incoming funds immediately wired to another account or country.
🔴 4. Transactions with High-Risk Jurisdictions
Transfers involving countries known for weak AML controls or sanctions.
Example: Frequent payments to offshore or high-risk regions.
🔴 5. Inconsistent Account Activity
Activity does not match the customer’s known profile, business, or expected behavior.
Example: A dormant account suddenly becomes highly active.

9) Who files a CTR (Cash Transaction Report) when the threshold is breached, and what kind of information is included in a CTR?

A CTR (Cash Transaction Report) is a key regulatory report used in AML compliance when large cash transactions cross prescribed thresholds.

✅ Who files a CTR?

A CTR is filed by reporting entities, such as:

Banks
Financial institutions
NBFCs (Non-Banking Financial Companies)
Cooperative banks

In India, these entities submit CTRs to the Financial Intelligence Unit – India under the PMLA (Prevention of Money Laundering Act).

💰 When is a CTR filed?
When cash transactions exceed ₹10 lakh (single or aggregated in a month per customer)
Includes:
Cash deposits
Cash withdrawals
Exchange of currency
📄 Information included in a CTR

A CTR typically contains:

1. Customer Details
Full name
Address
PAN / ID details
Date of birth / incorporation
2. Account Information
Account number
Account type (savings/current)
Branch details
3. Transaction Details
Date of transaction
Amount (cash in/out)
Type (deposit, withdrawal, exchange)
Mode (over the counter, ATM, etc.)
4. Aggregation Details
Total cash transactions during the reporting period
Linked transactions (if structured/split)
5. Reporting Entity Details
Bank/Institution name
Branch code
Reporting officer details
⚠️ Key Points
CTR is rule-based (threshold-driven), unlike STR (Suspicious Transaction Report), which is based on suspicion.
No suspicion is required—just crossing the threshold triggers reporting.
Filing is usually done monthly to FIU-IND.