Measuring the effectiveness of an anti-money laundering (AML) compliance program is one of the more persistent challenges facing compliance officers. Regulators expect programs to be risk-based and reasonably designed, but translating those principles into concrete, trackable performance indicators requires deliberate effort. Without clear metrics, compliance teams struggle to identify program weaknesses before examiners do, allocate resources where risk is highest, and demonstrate to senior leadership that the program is functioning as intended.
This article outlines the key performance indicators (KPIs) that financial institutions, fintechs, credit unions, and other regulated organizations should track, why each matters, and how to interpret what the data is telling you.
Key Highlights
- Alert volume, false positive rate, and mean time to disposition are the core operational metrics for any transaction monitoring program.
- Suspicious Activity Report (SAR) filing rate and quality are direct indicators of whether monitoring is calibrated appropriately.
- Customer risk score distribution reveals whether a program is accurately reflecting the institution’s actual risk exposure.
- Case backlog and aging data are leading indicators of staffing or system performance issues before they become examination findings.
- Training completion rates and audit finding remediation timelines measure program governance and culture of compliance.
Transaction Monitoring Metrics
Transaction monitoring is the operational engine of most AML programs, and the metrics it generates are among the most scrutinized during regulatory examinations.
Alert Volume and Trend
Tracking the total number of alerts generated per month, per quarter, and year-over-year establishes a baseline and makes anomalies visible. A sudden spike in alert volume may indicate a rule configuration problem, a change in customer behavior, or a genuine shift in risk. A sustained decline without a clear explanation warrants the same attention.
False Positive Rate
The false positive rate measures the proportion of alerts that are reviewed and closed without escalation. Industry benchmarks vary considerably by institution type, but rates above 85% generally indicate that rules are miscalibrated or thresholds are set too broadly. A high false positive rate wastes investigator time and creates a backlog; a very low one may suggest the program is missing activity it should be flagging. Teams should track this metric by rule type to identify which specific scenarios are generating the most noise. Alessa’s guide to reducing AML false positives covers practical calibration approaches. Teams can also use Alessa’s False Positive Analyzer (FPA) to identify which rules, thresholds, or data issues are driving unnecessary alerts and uncover opportunities to improve tuning efficiency.
Mean Time to Disposition (MTTD)
This measures the average number of days between alert generation and final disposition, whether closed, escalated, or filed as a SAR. Regulators expect alerts to be reviewed in a timely manner; extended disposition times suggest resource constraints or workflow bottlenecks that need to be addressed.
| Metric | What It Measures | Warning Signs |
| Alert volume | Program sensitivity and customer behavior | Unexplained spikes or sustained declines |
| False positive rate | Rule calibration accuracy | Consistently above 90% or below 50% |
| Mean time to disposition | Operational efficiency | Average exceeding 30 days |
| Case backlog | Staffing and system capacity | Backlog growing faster than it is resolved |
SAR Filing Metrics
Suspicious Activity Report (SAR) metrics tell a different story than alert volume. They measure the quality of decision-making, not just the quantity of activity.
SAR filing rate
This is the percentage of escalated cases that result in a SAR filing. A consistently low SAR filing rate relative to alert volume may indicate that alerts are not being escalated appropriately, or that escalation thresholds are too high. A very high rate may suggest insufficient triage before escalation. Neither extreme is acceptable to examiners.
SAR Narrative Quality
While harder to quantify, narrative quality can be assessed through peer review or internal audit. SAR narratives should clearly describe the suspicious activity, identify the relevant parties, and explain why the activity is suspicious. Poorly written narratives are a recurring examination finding.
Time to File
FinCEN requires SARs to be filed within 30 days of detection of suspicious activity, with an extension to 60 days if no suspect can be identified. Tracking time-to-file as a KPI ensures the program is meeting that deadline consistently rather than relying on individual investigators to self-monitor.
Customer Risk Scoring Metrics
Customer risk scoring drives how much scrutiny individual accounts receive. If the scores are not accurate, neither is the rest of the program.
Risk Score Distribution
Compliance teams should regularly review the distribution of customer risk scores across low, medium, and high tiers. A program where 95% of customers are rated low risk may be underestimating the true risk profile of the portfolio, particularly if the institution serves sectors with elevated inherent risk. Conversely, an overconcentration in high risk can overwhelm due diligence capacity. Alessa’s article on customer risk scoring models provides a useful framework for evaluating model design.
Enhanced Due Diligence (EDD) Completion Rate
For customers classified as high risk, the institution is expected to conduct EDD. Tracking what percentage of high-risk accounts have current, complete EDD on file is a straightforward measure of whether the program is following its own policies.
Risk Score Change Frequency
Customer risk is not static. Tracking how frequently scores are updated, and whether those updates reflect meaningful changes in customer behavior or profile, confirms that the scoring model is functioning dynamically rather than assigning scores once at onboarding and leaving them unchanged.
Program Governance and Training Metrics
Operational metrics capture what the compliance function is doing. Governance metrics capture how well the program is managed as a whole.
Training Completion Rate
Annual AML training is a regulatory requirement for covered institutions. Tracking completion rates by department and employee type ensures the institution can demonstrate compliance if examined. Completion rates below 95% warrant escalation before an examination cycle begins.
Audit Finding Remediation Rate and Timeline
Internal audits and model validations generate findings that require corrective action. Tracking how many findings are open, how long they have been open, and whether remediation timelines are being met is a direct measure of program governance. Repeated failures to remediate findings within agreed timelines are among the most damaging patterns an examiner can observe.
Regulatory Examination Findings Trend
For institutions with regular examination cycles, tracking the number and severity of findings over time provides a longitudinal view of whether the program is improving. Recurring findings in the same area are a signal that root causes have not been addressed.
Putting the Metrics to Work
KPIs are only useful when they are reviewed consistently, understood in context, and connected to decisions. A compliance team that collects data but never acts on it has not improved its program; it has only added reporting overhead.
The most effective approach is to establish a compliance scorecard reviewed at least quarterly by senior management and the board’s risk committee. Metrics should be trended over time, benchmarked against peer institutions where data is available, and tied to specific remediation actions when thresholds are breached.
Platforms that integrate transaction monitoring, case management, risk scoring, and regulatory reporting in a single environment make this significantly more practical. When all of the data is centralized, generating meaningful metrics becomes a reporting function rather than a manual aggregation exercise. Alessa is built to support exactly this kind of program-wide visibility, from alert generation through SAR filing, with audit-ready documentation at every step.
