Financial institutions have to comply with the Anti Money Laundering (AML) and Counter-terrorism Financing (CTF) in order to prevent money laundering, tax evasion, and terrorist financing. To do so, businesses should set up an AML compliance program, which consists of several steps that we will discuss today.

What is money laundering and AML?

Money laundering is a crime, which consists of concealment of the origin of illegally obtained money. Usually, it happens by transferring money to different (often foreign) banks and businesses until it’s not possible to trace.

The ecosystem of regulations that aims to prevent money laundering can be called AML. Different regions have particular laws regarding AML. In the European Union AMLD5 describes the guidelines that you have to follow while designing an AML compliance program, in the US it’s Bank Secrecy Act that you have to keep in mind.

What does the AML compliance program mean?

Financial institutions have to come up with processes and policies that allow the company to meet the requirements of legislation. This set of policies and processes is called AML compliance program, which has to be a part of a broader compliance regime of the company.

An organization has to have a detailed understanding of legislation around it and requirements that it needs to meet in order to design a successful AML compliance program.


AML program components

AML program should be built in a way that allows a company to easily identify fraud and suspicious activity. During the initial onboarding process, which has to include Customer Due Diligence (CDD), or during the ongoing monitoring, the organization has to look for red flags such as large transactions, spikes in activity or amounts, a big number of transactions, transactions related to gambling and jurisdictions that have a bad reputation with regards to money laundering.

After identifying suspicious customers or transactions, the financial institution has to report it to appropriate authorities. Hence, an effective reporting system should be in place.

The policies for the AML program should be clearly written down and there should be a dedicated AML compliance officer in the company responsible for the whole program.

Where to start?

As every single financial institution is different, there’s no AML compliance program that would fit all. Therefore, as a first step, you should asses what is your company doing, which products or services you offer, who are your customers, and what’s the geographical location of your business or your clients.

Your AML program should fit your organization. It should be compliant with all of the regulations, however, you shouldn’t overcomplicate it by trying to be compliant with the regulations that you don’t actually have to abide by.

You should also determine the balance between mitigating risks, satisfying your customers, and your revenue. By making your onboarding process too complicated, you might lose a lot of  potential customers.


5 steps to an effective AML compliance program

1. Due Diligence

Every customer has to go through a CDD process to determine the risk they pose. The risk score is calculated based on their KYC and AML check, which includes screening against different databases to identify whether the customer is a Politically Exposed Person (PEP) or analyzing the Ultimate Beneficiary Owners (UBOs).

2. Identifying suspicious activities

As a business it’s your obligation to watch out for the red flags that might indicate that a customer or a transaction is fraudulent. After identifying that certain funds might be related to money laundering, it is necessary to report a transaction or even an attempt of this transaction to the financial intelligence unit (FIU). It is also important to note that such reporting should be done directly.

3. Training employees

A financial institution has to set-up a training program for employees. They have to learn to identify suspicious activity and report it to a specific person. The reporting policy should work in a way that reporting is first done to the management, and the designated AML Compliance Officer or Money Laundering Officer should report it to the FIU in case there’s enough evidence or reason to conclude that the activity is in fact suspicious. Additional training should be provided for employees each time there’s a change in legislation.

More comprehensive training should be provided to those team members who come into direct contact with customers. They should be aware of the necessary AML legislation and clearly understand their roles and tasks. Such training should be carried out regularly.

4. Compliance Officer

Each business has to have a Compliance Officer who will be responsible for the AML compliance program. This person has to communicate and report to senior management, auditors, and authorities. Compliance Officer should assess the company’s AML policies and processes and advise the organization on the ways to improve them.

5. Independent Audits

An organization should go through a regular independent audit that would assess the company’s compliance program. This would help the organization to understand the strengths and weaknesses of the system and refocus its resources on problems that need immediate attention. The audit usually reviews KYC and user onboarding, employee training programs, ongoing monitoring practices, and reporting systems.


In case you need some help…

We understand that creating an AML compliance program from scratch can be very tiring and difficult. Sometimes it might even distract you from working towards achieving your vision. That’s why we want to offer you help. Feel free to contact us and we will answer all of your questions about compliance for free and work with you to find a solution that fits you.

Fill the form and get the best price
photo