This paper addresses the risk in anti-money laundering (AML) systems where malicious actors may infer internal alert thresholds and exploit them via smurfing—structuring transactions to evade detection. We propose the first data-driven, threshold-agnostic statistical test that requires neither access to proprietary thresholds nor labeled anomaly data. Our method models the normal transaction distribution using high-order polynomial density estimation and identifies anomalous discontinuities near latent thresholds by statistically comparing empirical and counterfactual distributions. It achieves high sensitivity, reliably detecting smurfing at prevalence levels as low as 0.1%–0.5%, as validated through extensive simulations. Applied to real transaction data from a Danish systemically important bank, the test found no statistically significant evidence of smurfing, suggesting that the bank’s AML thresholds remain confidential. An open-source implementation is publicly released, enabling direct deployment by financial institutions and regulatory authorities for proactive threshold security assessment.

To combat money laundering, banks raise and review alerts on transactions that exceed confidential thresholds. However, the thresholds may be leaked to criminals, allowing them to break up large transactions into amounts under the thresholds. This paper introduces a data-driven approach to detect the phenomenon, popularly known as smurfing. Our approach compares an observed transaction distribution to a counterfactual distribution estimated using a high-degree polynomial. We investigate the approach with simulation experiments and real transaction data from a systemically important Danish bank. Our simulation experiments suggest that the approach can detect smurfing when as little as 0.1-0.5% of all transactions are subject to smurfing. On the real transaction data, we find no evidence of smurfing and, thus, no evidence of leaked thresholds. Our approach may be used to test if transaction thresholds have been leaked. This has practical implications for criminal justice and anti-money laundering (AML) systems. If criminals gain knowledge of AML alert thresholds, the effectiveness of the systems may be undermined. An implementation of our approach is available online, providing a free and easy-to-use tool for banks and financial supervisors. The null result obtained on our real data helps raise confidence in (though it cannot prove the effectiveness of) anti-money laundering efforts.