Hi @Mark Heaton For financial institution and banks change management is a control for any process change to be implement considering risk, cost and other factors to consider and ultimately it will be they are end decision makers for any change however not the owners

I would like to learn more about the ISO 9001: 2016 and how it is useful in FinCrime and AML

Yes this is really require in every Financial institution for interna governance

Hi @Mark Heaton it’s great to see a deliberate approach to shaping the community as it grows. 1️⃣ Social / community calls There is definite value in periodic live interactions, provided they remain focused and purposeful. A biweekly’s 45–60 minute session would be a good starting point—centred on open discussion, emerging issues, and member-led insights rather than formal presentations. Frequency can always be adjusted based on engagement. 2️⃣ Themed topics I strongly support this. Themed discussions help provide structure and continuity. A monthly theme, supported by weekly prompts or case-based questions, would encourage deeper participation without overwhelming members. 3️⃣ Discussion channels Breaking discussions into areas makes sense, but I would recommend a phased approach. Starting with a small number of core channels (e.g. AML/FinCrime, Information Security, Governance/ERM, Regulatory Change) will help maintain focus. Additional channels can be introduced once activity levels justify them. Sustaining engagement To ensure these initiatives remain active: - Encourage topic facilitators or champions from within the community - Anchor discussions around real-world scenarios and practical challenges - Summarise key insights from calls and discussions back into the platform - Foster a culture where thoughtful questions are as valuable as definitive answers I’d be happy to contribute to facilitating discussions, particularly around AML, FinCrime, and GRC integration, as the community continues to develop. This approach should help build a sustainable, practitioner-led forum that delivers long-term value.

@Mark Heaton yes u agree with you

Hi @Mark Heaton Great question, Mark. This is actually a very common scenario. At a high level, the transaction was likely flagged due to a combination of contextual risk factors, not because anything was “wrong” in isolation. Around high-volume periods like Christmas, banks typically tighten controls and lower thresholds. Common triggers could include: - An unusual merchant or payment pattern compared to historical activity - A first-time or infrequent payment to a digital platform or subscription service - Cross-border elements or routing changes - Automated rules kicking in during heightened seasonal risk periods In many cases, it’s less about suspicion and more about uncertainty + automation. Once the context is validated, things usually move quickly — which seems to be what happened here. It’s a good real-world reminder of how risk-based controls operate in practice, especially when volumes spike.

apologise for delay response since I was on vacation