Transaction screening and transaction monitoring are both standard components of an AML compliance stack. They are often spoken about together, and in many platforms they operate side by side. But they are not the same control; they do not catch the same things, and satisfying one does not cover the obligation for the other.

This article draws the line clearly between the two: what each control does, where they differ, and why the CBN's 2026 AML baseline makes having both, and linking them to KYC data, a requirement rather than a best practice.

What Transaction Screening Is

Transaction screening is a real-time, preventative check that runs at the point of a transaction before it is approved or processed. Every transaction is scanned against sanctions lists, PEP databases, and watchlists to determine whether it involves a prohibited party, a high-risk counterparty, or a flagged entity. If a match is found, the transaction is blocked or held for review before it clears.

Transaction screening software typically checks against:

• OFAC, UN, EU, and UK sanctions lists
• Nigerian and African regional sanctions and watchlists where applicable
• Politically exposed persons databases
• Adverse media and high-risk entity lists, depending on the platform's risk appetite

For fintech platforms operating on real-time payment rails, the speed requirement is non-negotiable. Screening must return a result within the transaction processing window, often within seconds, and either clear, block, or flag the transaction for manual review based on match confidence.

What screening does not do is analyse patterns. It looks at the specific transaction in front of it, checks it against a list in the moment, and makes a binary determination. That is its strength and its limitation.

What Transaction Monitoring Is

Transaction monitoring is a detective process. It analyses transaction behaviour and patterns over time, after transactions have been completed, and flags sequences of activity that suggest financial crime.

Rather than checking a single transaction against a list, transaction monitoring looks across a customer's history for patterns like structuring, layering, unusual velocity, and activity that is inconsistent with their risk profile. 

Alerts are generated when behaviour crosses a threshold or matches a known suspicious pattern, then triaged by a compliance team, investigated, and either closed or escalated to an STR or SAR filing.

The specific failure modes that monitoring is designed to catch include:

• Structuring: Breaking up transactions to avoid reporting thresholds. No single transaction reveals it, but the pattern across several does.
• Layering: Moving funds through multiple accounts or counterparties in a way designed to obscure the origin.
• Behavioural drift: A customer whose transaction activity changes significantly from their established pattern, even if no individual transaction is large enough to trigger a screening flag.
• Network-level risk: Counterparty patterns that suggest an account is part of a broader scheme, even when the account holder is not on any watchlist.

What transaction monitoring does not do is stop prohibited transactions before they happen. By definition, it looks backwards at completed transactions. That is its strength for pattern detection and its limitation for real-time prevention.

Key Differences at a Glance

The distinction between the two controls comes down to timing, purpose, and what each one is designed to catch.

Each control covers the gap the other leaves open. That is not a coincidence; it is how AML infrastructure is designed to work.

Can Transaction Screening Replace Transaction Monitoring?

No. The question itself reflects a common misunderstanding of what each control is built to do.

Screening and monitoring operate at different points in the transaction lifecycle and catch different categories of financial crime. A fintech running only transaction screening software has a real-time filter at the door that stops known bad actors from transacting. 

A fintech running only transaction monitoring has visibility into behavioural patterns after the fact but no mechanism to stop a sanctioned entity from initiating a transaction in the first place.

Screening alone misses:

• A customer who passes every sanctions check at onboarding and at each transaction but whose cumulative behaviour across three months is a textbook structuring pattern
• A network of accounts that are individually clean but collectively funnelling funds through a layering scheme that only becomes visible when transaction patterns are analysed together
• Behavioural changes in existing customers that develop gradually and would never trigger a list-based check

Monitoring alone misses:

• A sanctioned entity transacting on the platform in real time because no check ran against the sanctions list before the transaction cleared
• A newly listed PEP or sanctioned counterparty whose status changed after onboarding and who is now transacting without any real-time check catching the updated status
• A transaction that involves a prohibited party but does not produce a suspicious pattern, so the monitoring system never flags it

Why African Fintechs Need Both

African fintechs operate in a context where fraud patterns differ from Western markets, a large share of customers come from the informal economy, and regulatory scrutiny from the CBN is only increasing. 

Two scenarios illustrate what happens when a platform relies on only one control.

Scenario 1: Screening without monitoring.

A Nigerian payment platform screens every transaction against sanctions and watchlists. Every transaction clears because none of the customers appears on a prohibited list.

Over several months, a group of accounts begins depositing funds just below reporting thresholds before consolidating the money into a single account and moving it offshore. Because no monitoring system is analysing the pattern, the activity goes unnoticed until an external institution raises concerns.

Scenario 2: Monitoring without screening. 

A digital lender runs transaction monitoring across its repayment and disbursement flows. The compliance team regularly reviews alerts and investigates unusual activity.

However, no real-time screening is performed before funds are disbursed. A transaction involving a recently sanctioned entity is processed successfully, creating compliance exposure before monitoring has a chance to identify the issue.

Both scenarios create avoidable compliance risk. Screening and monitoring are separate controls, but they are most effective when used together.

What the CBN's 2026 AML Baseline Requires

The CBN's updated AML framework is specific about what it expects at the infrastructure level. For Nigerian fintechs, the 2026 baseline translates into four concrete requirements:

1. Both controls are explicitly required.

The CBN's AML/CFT framework requires financial institutions to implement sanctions screening at the point of transaction and ongoing transaction monitoring as separate, documented controls. Satisfying one does not satisfy the obligation for the other.

2. KYC linkage is a baseline expectation.

The CBN expects that both screening results and monitoring alerts are informed by the customer's KYC data and risk rating. A screening system that runs independently of the customer's identity record and a monitoring system that cannot access the customer's onboarding profile are both operating below the standard the regulator expects to see during examination.

3. Documentation and audit trail requirements apply to both.

Every screening decision and every monitoring alert investigation must be documented with enough detail to reconstruct the compliance decision during a regulatory examination. Platforms running screening or monitoring without a case management layer that logs those decisions are creating audit trail gaps even when the underlying controls are functioning.

3. The 2026 enforcement posture makes this concrete. 

The CBN has signalled that examination cycles will specifically assess whether fintechs have both controls in place, whether they are linked to KYC data, and whether the documentation trail is sufficient to demonstrate that the controls are functioning, not just installed.

How Dojah’s Easy Detect Supports Transaction Monitoring

The compliance gap this article has described is not just about having screening and monitoring in place separately. It is about having them linked to KYC data so both controls operate with full customer context rather than in isolation.

Easy Detect is Dojah's real-time fraud-detection tool that enables businesses to identify suspicious activity across the user journey. It monitors transaction behaviour in real time and connects transaction signals to identity data from Dojah's verification infrastructure, directly addressing the KYC linkage the CBN's framework requires.

Here is what Easy Detect gives your platform:

• Real-time monitoring connected to identity data.

 Flag AML risk patterns, including structuring, velocity anomalies, dormancy breaks, and behavioural drift, with every alert surfacing alongside the customer's KYC record and risk rating automatically.

• Alert triage with full customer context. 

Your compliance team sees transaction data, identity verification results, onboarding risk rating, and transaction history in one place, so investigations start with full context, not a flag and a separate login.

• Audit trail built for STR and SAR filing.

 Every alert, investigation step, and compliance decision is logged in a format that supports regulatory examination and STR or SAR filing, so your documentation trail builds as you work rather than being reconstructed after the fact.

If your platform is still running one without the other, that is the gap a CBN examination will find first. See how Dojah Easy Detect supports transaction monitoring for African fintechs. 

FAQs on Transaction monitoring vs Transaction screening

• What is the difference between transaction screening and transaction monitoring? 

Transaction screening is a real-time check that runs before a transaction is approved, scanning it against sanctions lists, PEP databases, and watchlists. Transaction monitoring analyses completed transactions over time to detect suspicious behaviour patterns like structuring, layering, and unusual velocity.

• Can transaction screening replace transaction monitoring? 

No. Screening stops prohibited parties at the point of transaction but cannot detect patterns that develop over time. Monitoring catches behavioural anomalies after the fact but cannot stop a sanctioned entity from transacting in real time.

• What does the CBN require for transaction screening and monitoring? 

The CBN's AML/CFT framework requires both controls as separate, documented obligations, each linked to the customer's KYC data and risk rating, with a full audit trail for every screening decision and monitoring alert.

• What happens if a fintech only runs transaction monitoring without screening?

 A sanctioned entity can initiate and complete a transaction before any flag is raised. Monitoring may detect unusual activity days later, but by then the funds have moved and the platform has already created direct regulatory exposure