Onfido logo home page
Watch a demo
Get in touch

Anti-money laundering

International and local regulations require certain businesses to take action to prevent money laundering from criminal sources. These are collectively referred to as anti-money laundering or AML regulations. 

Criminals may attempt to conceal the origins of illegal funds, often with transfers through foreign banks or through other legitimate businesses. Financial institutions must comply with AML regulations by having processes in place to assess risk and report suspicious transactions. Read on to learn how anti-money laundering works and why it’s important.

What is anti-money laundering?

Anti-money laundering refers to laws, regulations, tools and processes that make it harder for criminals to hide the origin of illegally obtained funds acquired through crimes ranging from drug trafficking, tax evasion, fraud, terrorist financing or major corruption schemes. Since the criminals need to move the money through financial institutions or legitimate businesses, those businesses are responsible for monitoring and reporting suspicious transactions. Regulated businesses face steep fines and other consequences for not complying with AML regulations. 

To meet AML requirements, financial institutions must undergo sophisticated monitoring and money laundering risk assessment to detect suspicious transactions of customers. They do this through conducting KYC processes.

Learn more in our blog: What is KYC

Anti-money laundering definition

AML Definition dollar bill

Anti-money laundering is a collection of laws, regulations and processes that aim to prevent criminals from disguising illegal funds. 

According to the United Nation Office on Drugs and Crime, money is typically laundered in three stages before finally being released into the legal financial system:

  1. Placement (moving the funds away from direct association with the crime)

  2. Layering (transactions meant to conceal the trail to avoid detection)

  3. Integration (making the money available to the criminal from what seem to be legitimate sources, like luxury purchases or investments)

Anti-money laundering regulations outline the responsibilities of a business to assess the money laundering risk of its customers and monitor and report suspicious transactions. 

With the growth of the financial services industry and easing of international capital controls that used to restrict the flow of money into and out of domestic economies, there arose a need for anti-money laundering legislation. In 1989, at the G7 Summit in Paris, the Financial Action Task Force on Money Laundering (FATF) was established and is the broad international body that sets recommendations for AML regulations based on its examination of money laundering trends and threats. It currently has 39 members. Different geographies have their own regulations and standards like the US, UK and EU. 

Read more detail about international AML regulations in our blog

How anti-money laundering works

The KYC process is a part of AML and aims to stop such schemes in the early stage. KYC regulations require a business to identify their customers and assess their risk profile upon onboarding. This is done via customer due diligence (CDD) processes. 

CDD processes typically comprise of a series of checks to help businesses verify their customers’ identities and assess their risk profiles, and can also refer to ongoing monitoring post onboarding to catch money laundering in subsequent stages beyond the initial deposit. 

CDD involves analyzing information from different sources, including what the customer provides, and checking information against public and private data sources and sanctions lists. The information you collect depends on the risk profile of your customer, but basic CDD requires the following:

CDD Steps Anchor

CDD steps

  • Information about the identity of your customers, such as their name, address and a photograph of an official identity document

  • An overview of your customer’s activities and the markets they operate in

  • An overview of any other entities that your customer does business with

Institutions may have officers or departments dedicated to AML compliance. If a transaction or customer is flagged by a business’s AML procedures, a law enforcement entity will take over to investigate. 

Businesses should check their local and regional AML regulations as well as the international FATF guidelines and recommendations. To follow the general framework of AML compliance, businesses should follow these steps: 

Steps to comply with AML regulations

  • Follow KYC measures. AML compliance starts with knowing who your customer is by performing identity verification. This includes verifying the personal information details the user provides with an ID Record check, or proof of address. KYC also checks that funds are from a legal and legitimate source.

  • Undertake the necessary customer due diligence processes. Customers who are considered higher-risk require more thorough due diligence, such as enhanced due diligence (EDD). Find out more about the difference between CDD and EDD.

  • Maintain up-to-date records for higher-risk customers.

  • Monitor customer accounts for suspicious activity via Watchlist checks and report any flagged transactions in accordance with relevant regulations

  • Enforce sanctions against individuals or entities that fail to comply with regulation or are found to be on blocked lists.

Anti-money laundering software

Digital solutions for anti-money laundering grew with the need for firms to implement a written AML and Countering the Financing of Terrorism (CFT) risk assessment. Specialized companies developed software to analyze transactions or patterns and find suspicious activity that would qualify for a Suspicious Activity Report (or SAR filing – primarily relevant to the US). Financial institutions can receive penalties for failing to properly file CTR and SAR reports, including heavy fines and regulatory restrictions. 

Learn more about AML fines in our blog.

International and local regulations are complex and the amount of data and checks would be beyond the ability of human AML officers to conduct and analyze, so AML software is necessary to monitor and analyze transactions and customers.

Types of anti-money laundering software

Types of AML Software

AML software can help complete different categories of compliance needs. Some examples are:

Identity screening: Screening and monitoring customers can help identify high-risk customers and entities that may be on sanctions lists (like the Office of Foreign Assets Controls or OFAC list in the US) or other blocked lists. Businesses are prohibited by international and local regulations from doing business with anyone on these lists. Anti-money laundering software can quickly screen and identify sanctioned individuals or entities, protecting a business and helping flag them. 

Learn more about how your business can comply with sanctions regulations.

Screening software can also be used to identify Politically Exposed Persons (PEPs), and individuals receiving adverse media attention. And the same type of software can be used to simply verify identity by accessing and checking against a variety of data sources. 

Transaction monitoring: Other specific software can identify suspicious transactions or patterns in customer behavior. Software that monitors and flags these transactions is used to file Suspicious Activity Reports (SAR). Transaction monitoring is an element of KYC processes.

Currency Transaction Reporting (CTR): Different local and international regulations require reporting of large cash transactions – for example, transactions of over $10,000 (aggregate daily) in the US would be flagged automatically under the Bank Secrecy Act. AML software can help analyze and spot transactions involving large amounts of cash. 

Importance of anti money laundering

Failure to comply with anti-money laundering regulations can result in heavy AML sanctions and fines, so it’s in the interest of financial institutions to make AML regulations a top priority.

The UNODC estimates that the amount of money laundered globally in one year is 2% to 5% of global GDP, or between $800 billion to $2 trillion. Money laundering is by definition associated with criminal activities, which can range from illegal arms sales, terrorist financing, smuggling, corruption, insider trading, fraud, and cybercrimes. 

There are many reasons that AML is important, ranging from business protections to moral responsibility.

Reasons AML is important

  • Compliance with local and international AML regulations

  • Avoiding fines and penalties, both civil and criminal, from negligence or noncompliance

  • Protecting the business’s reputation and shareholder value

  • Avoiding or reducing costs of risk exposure that could result in fines or business costs for staffing or IT solutions  

Click to learn about The rise of micro-laundering.

AML (Anti-money laundering) policies and procedures

To be sure your business remains in compliance with AML policies and procedures, you need to follow guidelines and regulations that apply to your specific region as well as international standards set by FATF

Countries and regions have their own laws and regulations for AML compliance. Learn more specifically about the history and different regulations by region and country in our blog Anti-money laundering regulations.

How can Onfido help with anti-money laundering compliance?

Onfido offers an end-to-end identity verification solution with the Real Identity Platform, giving businesses fast results they can trust without compromising on the user experience. Our document and biometric verifications give assurance that a real user is present and that they are using a genuine government-issued ID that belongs to them, keeping fraud down and helping you meet compliance requirements. Our Verification Suite lets you choose from products to meet your risk tolerance for each user.

How have we helped other businesses meet anti-money laundering requirements?

Onfido helps over 900 businesses meet their KYC and AML compliance and regulatory requirements. Our comprehensive library of award-winning document and biometric verifications, trusted data sources, and passive fraud signals are simple to orchestrate in Onfido Studio. That’s how we help financial services companies like Revolut, KOHO, and First Bank – read our case studies to learn more. 

Additional anti-money laundering resources


Our solutions

Onfido uses 256-bit SSL encryption 100% of the time on every device.


Onfido has been certified by BSI to ISO 27001 under certificate number IS 660122.

© Onfido™, 2022. All rights reserved.
Company Registration Number: 07479524.