AML Compliance: Definition, Program Requirements, and the Checklist

Igor Izraylevych

4 min read

Preventing financial crimes is increasingly complex these days. Businesses, banks, and financial institutions of all stripes need to take steps to protect themselves and their customers. 

A significant method for combating financial crimes is AML compliance. By implementing an Anti-Money Laundering compliance program, organizations can take a key and necessary step in the war against financial crimes and fraud.

What is AML?

To begin, let’s establish an understanding of what AML is exactly. 

Anti-Money Laundering includes any legislation or state policy that compels banks and other financial institutions to take steps to monitor transactions and prevent money laundering. 

While AML laws can vary from one nation to the next, generally speaking, they require that organizations report signs of money laundering to the relevant supervisory authority or regulator in their country.

AML Compliance and FATF

AML efforts exist to prevent criminal organizations from “cleaning” their money by filtering it through the financial system. 

By engaging in money launder, these criminal organizations can hide the fact that their funds came from criminal activities. Organizations involved in money laundering can be traditional criminal groups, but can also include terrorist entities, as well.

The majority of AML standards and efforts in the world exist as a result of the Financial Action Task Force, or FATF. This organization came together in 1989 and includes 37 member countries. 

Its goal is to fight all forms of financial crimes, including the funding of terrorist cells and organizations. The FATF created a framework that all member countries use to fight financial crimes. When countries do not adhere to FATF recommendations, the FATF flags that country as a violator, thereby encouraging nations to revise their financial policies and adhere to recommendations, including AML compliance.

Why AML Compliance Matters

Vigilance when it comes to AML compliance matters not only because it is required by many countries but because there are any number of ways in which a financial criminal can infiltrate an organization and perform a financial crime.

The techniques used to commit a financial crime can be surprising. One startup, for example, decided to use a popular digital payment service when setting up its payment interface. The fee costs were low and many customers already enjoyed using this payment method, so it was a win-win scenario for the startup.

The company created a crypto exchange that would allow users to create a cold wallet for financial entities such as bitcoin. The customer could then use a bank card to buy cryptocurrency and store it in their wallet. Additionally, the customer received a public and private key for receiving and sending money respectively.

While the company had done what they thought was their due diligence, problems arose soon after launch. Shortly after release of the application, the startup realized that cybercriminals had discovered their solution and were using it to launder money. 

The method was simple: the cybercriminals stole bank card numbers and then purchased cryptocurrency to “wash” their money clean. They would then trash the used bank cards and transfer the crypt funds to other wallets. Soon enough, the startup was receiving complaints from customers. 

This all occurred even though the company was working according to the payment company’s requirements. The payment company ended up banning cryptocurrencies and the startup lost a good deal of money.

As you can see from this example, fraud is prominent and can happen in unexpected places. As such, implementing a comprehensive AML compliance program is essential for many businesses. 

That being said, then, let’s explore how AML compliance works and what steps a business can take to implement it internally.

What is AML Compliance?

AML compliance is a screening and monitoring process organizations use to spot signs of money laundering in customer transactions. 

Screening involves comparing customer transactions, for one, against watchlists, sanctions, and lists of what are called PEPs, or Politically Exposed Persons, around the world. 

Establishing an AML compliance program at an organization is an essential step in KYC, or “Know Your Customer” verification, which is required for companies in finance, real estate, cryptocurrency, and more.

How AML Compliance Works

As stated above, AML requirements can vary from one jurisdiction to the next and can even vary from one industry to the next. There are, however, some mandatory components that are always part of an AML compliance program, including:

  • establishing a set of in-house AML policies
  • maintaining an AML compliance department and officer
  • training employees
  • screening customers

Let’s look at each in detail.

AML Policies

Every organization seeking to create AML compliance must create a set of internal policies related to AML. These measures define how the organization will execute AML screening of customers and how they will rate the risk of each customer.

Compliance Department / Officer

Each organization also must have a compliance department and an officer in charge of overseeing AML compliance internally. This can be an in-house department, but some organizations hire third-party entities to perform these tasks. 

Any AML compliance officer must have expert knowledge on the AML regulations particular to that business’ industry. As policies in an industry evolve, the AML officer must also keep the company abreast of any changes. 

It is also the job of the AML officer to report any flagged transactions to the appropriate authorities.

Training Employees

Training employees is also a required and important part of any AML compliance program. 

Not only do employees need to understand AML regulations and protocols, they also need to know what to watch out for, as fraudsters can use techniques to influence employees into making bad decisions. 

Employees should learn how to spot fraudulent transactions and behaviors that may indicate potential fraud.

AML Screening of Customers

AML screening of customers can be performed via an internal solution or via third-party software. This screening is typically performed in tandem with the KYC screening that an organization performs when registering a new customer.

The AML Compliance Checklist

The following is a summary checklist that organizations can use to determine if they are AML compliant and to ensure that they are engaging in correct AML protocols internally. 

Any AML compliance program should include:

  1. The four required components of AML:
    • Maintaining a compliance department and officer
    • Drafting internal AML policies
    • Training employees
    • Screening transactions
  1. Additionally, as part of their screening efforts, companies should engage in the following screening protocols:
    • Identity Verification

Regulations in major regions such as the EU require electronic identity verification during the customer screening process. Identity verification can include utilizing personal details from a customer (including date of birth, name, and address) to confirm that the customer is the person they claim to be.

    • PEP Check

Politically Exposed Persons are those who are believed to be at high risk for corruption due to their political status. These are by no means necessarily criminals; rather, their status as a high-ranking political official makes them more exposed to the risk of corruption. Anyone on a PEP list must undergo more serious scrutiny than the average citizen.

    • Sanctions Watchlist

Organizations should also screen all customers against sanctions watchlists from around the world. Any business found to be doing business with someone on a sanctions watchlist can face criminal and financial penalties from their government. People on sanctions watchlists can include anyone from terrorists and companies doing business with terrorists to world leaders.

In Conclusion

The world of finance and payment may seem to be getting riskier by the minute, but there are steps organizations can take to protect their interests and the interests of their customers. If you would like to take steps to ensure that your company is AML compliant. Contact us and we will find the professionals who can help you take the necessary steps to get this essential financial task in order at your business.

Igor Izraylevych