
Transaction Monitoring & AML Analyst
Job Description
================================================================
WHY THIS ROLE EXISTS
================================================================
HitPay runs regulated payment flows across SG/MY/PH/HK/AU/US, on card and non-card
rails (PayNow, FPX, QRPH, GCash, TouchnGo, etc.). Every one of those transactions has
to be monitored for laundering, and every alert that surfaces has to be worked by
someone who can tell a real typology from noise.
That's this role. Transaction monitoring is the daily engine — you live in the alert
queue. Around it sits the rest of the AML lifecycle: STR/SAR filings, CDD/EDD,
sanctions and PEP adjudication, and typology calibration.
We've built an automated detection stack that does the sweeping and generates the
alerts. What we need is a human in the loop who investigates every one, decides what's
real, files what needs filing, and extends the monitoring rules when a new laundering
pattern shows up.
This is not a queue-clearing role. The automation produces the queue. You bring the
disposition judgment, the source-of-funds conversations, the regulatory filings, and
the next monitoring rule.
================================================================
WHAT YOU'LL OWN
================================================================
Transaction monitoring — the core of the job:
- Review every alert across all rails — investigate, escalate, or close with documented
reasoning
- Disposition at volume without losing precision — you know the difference between a
true hit and a scenario that's just badly tuned
- Own the false-positive rate — when a rule is over-firing, you're the one who spots it,
quantifies it, and retunes it
- Recognise the pattern underneath the alerts — structuring, layering, mule activity,
scam proceeds, storefront laundering — and write it up as a typology
The rest of the AML lifecycle that TM feeds into:
- STR/SAR drafting and filing across SG (STRO), PH (AMLC), MY (BNM), and any other
jurisdiction we operate in
- Ongoing CDD reviews — periodic refresh, EDD for higher-risk partners, source-of-funds
and source-of-wealth investigations
- Sanctions and PEP screening — adjudicate matches, document false positives, action
true hits
- Typology calibration — when a new laundering pattern shows up, you recognise it and
turn it into a monitoring rule
Decision and action on every alert:
- Payment/payout status decisions where an AML concern drives them (suspend, hold,
offboard, retain with monitoring)
- Partner outreach for source-of-funds, source-of-wealth, and business-model
clarification
- Coordination with regulators and partner banks
- Closing every alert with an audit-ready rationale — and filing the STR before the
deadline
Tooling (this is the multiplier):
- When you see a typology the current monitoring misses, extend a scenario or build a
new detector for it
- Backtest every rule change against labeled good/bad cohorts before it goes live
- Every piece of automation you write is one fewer human-hour the team burns per week —
that's the job
================================================================
WHO YOU ARE
================================================================
AML and transaction-monitoring background, non-negotiable:
- 4+ years in transaction monitoring / AML at a regulated FI, payments company, or
fintech — alert disposition is work you've done at volume, not something you've only
read about
- You've personally drafted and filed STRs/SARs — not just reviewed them
- You've tuned a TM system — designed or adjusted scenarios/rules, owned a
false-positive rate, and can defend a threshold to a regulator or an auditor
- Working knowledge of at least two of: MAS PSA, BSP MAL, BNM (Merchant Acquirer /
AMLA), AUSTRAC, FinCEN MSB, FATF recommendations
- You can read an unusual transaction pattern or a partner's website and tell us in 60
seconds whether the partner is a launderer running proceeds through a real-looking
storefront, or a real business having an outlier month — and which signals separate
them
- CAMS, ICA, or equivalent certification is a plus, not a requirement — we care more
about the calls you've made
Technical, non-negotiable. You must be technical enough to:
- Query the data warehouse directly — write your own SQL against Snowflake, no analyst
middleman. You'll be doing this every day.
- Think in rules and thresholds — translate a typology you've spotted into a concrete,
testable monitoring rule (signals, thresholds, edge cases, expected false-positive
rate)
- Backtest before shipping — every rule change runs against labeled good and bad
cohorts before it goes live. No exceptions. If you don't know how to set up a
backtest, you're not ready for this role.
- Run and extend the existing automation stack — our detection skills are built on
Claude Code. You inherit them on day one and use them daily.
- Build new skills — when you spot a gap, you write the next detector yourself. Python
literate enough to read and modify a 200-line script and a YAML rule file without
help. We don't need a software engineer; we need an investigator who codes.
Judgment we can't teach:
- You push back when a scenario flags a legitimate partner whose pattern only looks
unusual — and you retune it instead of just clearing the alert
- You don't offboard without evidence; you don't sit on evidence either
- You can tell the difference between laundering via a real-looking storefront and
stolen-card cash-out, and you know which signals separate them
- You file the STR before the deadline and write the post-mortem when something slips
through — the rule update lands the same week
================================================================
HOW WE WORK
================================================================
- Read-only data warehouse access plus write-gated production access where the role
requires it
- Every detector is open to the team — when you build one, the rest of compliance,
risk, and the CEO can run it
- No ticket queues — the automation produces the queue; you work it and improve the
automation
- Direct line to the CEO on policy calls and high-severity escalations
- All AML investigation trails are documented and audit-ready
Optimize Your Resume for This Job
Get a match score and see exactly which keywords you're missing
Job Details
- Category
- Business & Finance
- Employment Type
- Full Time
- Location
- PH / MY / Remote (PH, Philippines (Remote)
- Posted
- Compensation
- $1,000 - $3,000 per month
About HitPay
Payments infrastructure for businesses scaling in APAC
More Roles at HitPay



Similar Business & Finance Roles



Found this role interesting?