Monzo Bank

Accelerating suspicious activity reporting

Monzo is one of the leading challenger banks in the UK, known for exceptional customer service. Behind that service is a large internal tooling system used by operations teams to support customers and investigate financial crime. I led design improvements that moved slow, error-prone handoffs into structured product flows.

Monzo internal support tooling

Context

BizOps is where customer, transaction, and merchant data is reviewed and acted on. It is primarily used by customer operations representatives, internally called COps. Much of the tool supports customer conversations, but it is also used to investigate accounts when there is a suspicion of financial crime.

My role

I was responsible for the design of this large internal system across customer support and financial crime workflows. For this work, my role was to understand the investigation domain, identify the operational bottlenecks, and partner with engineers and financial crime specialists to ship pragmatic changes into a regulated workflow.

Problem

When an account was flagged for suspicious activity, it was suspended while Monzo investigated possible financial crime such as money laundering, human trafficking, or sexual exploitation. The path from flagging to fully returning the customer’s money and severing the relationship could take around four weeks.

The workflow created unnecessary delay and avoidable rework. Junior COps completed an initial manual review in free-text notes, but senior financial crime specialists often did not trust that evidence enough to use it directly, so they reinvestigated before writing the Suspicious Activity Report for the National Crime Agency. Reports could also be rejected for simple transcription errors, which meant the team had to redo work that was otherwise valid.

Defunding added another delay. Customers were asked by email for alternative bank details, but many ignored the message, replied with partial information, or entered invalid details that had to be chased manually.

Investigation builder concept

Decision-making

The most ambitious path was to codify the investigation itself: turn the junior COps review into structured evidence that senior specialists could trust, reducing the need to repeat the investigation. I mapped the report back to the source systems that already held that evidence: transaction history, customer details, connected suspicious accounts, merchant data, case notes, and risk flags.

That work produced a north-star report builder where COps could capture transactions, connections, timelines, suspicious behaviour patterns, and risk categories in a report-shaped structure. But the tradeoff was clear: the full builder was too large for the couple of months we had, and over-structuring the workflow risked removing the nuance senior specialists needed when writing a regulated report.

I chose not to push for full codification in one release. Instead, we used the model to align on the evidence that mattered, then shipped narrower changes with the highest immediate return: preventing copy/paste errors, making key entities easier to insert into reports, and moving customer bank-detail collection into the app where validation could happen at source.

Approach

Structure the evidence model

I created a report-shaped investigation concept that helped the team agree on what evidence mattered: suspicious transactions, connected accounts, timelines, behavioural patterns, and risk categories. The complete builder did not ship, but it gave us a shared model for what could be structured safely and where free text still needed to preserve specialist judgment.

Remove avoidable report errors

COps were prone to mistyping account numbers, sort codes, names, and transaction details because the workflow relied on free input fields and copying & pasting between panels and tabs. A single incorrect value could cause the NCA to reject a submission, forcing the team to correct and resubmit the report.

I designed pickers that let COps select the relevant transaction, account, or entity and insert it directly into the report-writing field with the right details attached. This kept the flexibility of free-text reporting while removing the most fragile manual transcription steps.

Move waiting time into the product

A large amount of investigation time came from waiting for customers to email alternative bank details. Email was easy to ignore and did not prevent incomplete or incorrect answers, so COps still had to chase customers and check details manually.

I introduced an in-app form at the moment customers were most likely to look for answers about their suspended account. The app could ask for the full set of details, validate them before submission, and reduce the amount of back-and-forth needed before defunding could complete.

In-app flow asking for alternative bank details

Impact

The shipped changes collectively reduced the time from suspicious-activity flagging to complete defunding by ~52%, helping customers regain access to their money sooner while reducing complaint pressure for the business.

The work also improved the quality of the operational flow: fewer rejected reports from simple data-entry errors, less repeated investigation by senior specialists, cleaner evidence insertion into reports, and more reliable customer bank-detail collection. The National Crime Agency praised the quality of Monzo’s reports, validating that the workflow improvements did not come at the expense of regulatory standards.