Decisions and Risk Outcomes
How WatchTower decides between ALLOW, REVIEW, and BLOCK.
Section
Decision model
WatchTower evaluates each transaction and produces one of three outcomes: ALLOW, REVIEW, or BLOCK.
Section
What drives the decision
- triggered monitoring controls
- rule severity
- behavioral signals
- anomaly score
- watchlist or screening hits
- organization thresholds
Section
How to use each outcome
ALLOW
- The transaction may continue with no immediate operational action, although it may still be recorded for analytics and reporting.
REVIEW
- The transaction requires analyst attention. This is typically where alert workflows and investigations begin.
BLOCK
- The transaction represents a higher-risk event and should be stopped or escalated according to your operating model.
Section
Operational context
Decisioning should be treated as part of a broader control framework. Institutions usually pair WatchTower’s risk outputs with internal policy, customer context, fraud and compliance review standards, and analyst escalation workflows.
Operational connection
The decision engine is where fraud detection, transaction monitoring, and operational handling meet. A good setup connects decisions directly to alert review, case management, and reporting.
Next UpAlerts & Cases
Continue Through The DocsWatchTower Integration Guides