Case study: a mid-size exchange cut false positives by 62%
How a Top-20 European exchange used AMLRegister's risk-based scoring to reduce analyst backlog and speed customer response.
The starting point
Our customer — a Top-20 crypto exchange by European volume — was generating roughly 4,200 alerts per day from their existing rule-based screening. Their compliance team of 12 analysts was two weeks behind, with median time-to-disposition of 48 hours.
Customer dispute volume was rising fast. Most alerts were false positives based on coarse heuristics (e.g. "touched Binance hot wallet") that did not reflect actual risk.
The change
They layered AMLRegister risk scoring on top of their existing rule engine. The rule engine still raised candidates; AMLRegister scored them on our 10-category framework, and only candidates above a configurable threshold flowed to analysts.
They kept their rule engine in place because it was already audited. They turned it into a feeder, with AMLRegister as the smarts.
The results
After three months: alert volume to analysts fell 62%. Median time-to-disposition fell from 48 hours to 7 hours. Customer disputes dropped 41%. Analysts reported higher-quality case work and less tedium.
The tuning was iterative. They started conservative (threshold at 40) to avoid missing risk, then progressively raised it to 55 as they built confidence. No missed true positives were detected in retroactive review.
Lessons
Don't rip and replace. Layering is faster to deploy, easier to audit, and reversible. Most of the value came from scoring alerts, not from replacing them wholesale.
Tune threshold over time. Start conservative, monitor, adjust. The initial threshold should be set by the compliance head based on risk appetite, not by vendors.
