What are AML requirements header image

Anti-money laundering (AML) requirements are legal regulations to stop money laundering. These exist to make it difficult, or ideally impossible, for criminals to legitimize illegal funds. While this is the shared goal of all AML regulations, the exact anti-money laundering process will differ under the law of each nation or jurisdiction.

What are KYC and AML compliance?

Know your customer (KYC) compliance is one of the three essential building blocks supporting even the most simple anti-money laundering policy. The other two are suspicious activity reporting (SAR) and transaction monitoring (TM). 

    1. Know Your Customer: KYC is a set of internal policies and practices around verifying the identity of customers using information like documents, biometrics, location data, and more. 
    2. Suspicious Activity Reporting: When suspicious activity is detected, the financial institution or other organization must report it to governing bodies in their country or industry. 
    3. Transaction Monitoring: Technology makes it easier than ever to identify suspicious activity like long-dormant accounts becoming active again or money passing quickly through a network of connected accounts. 

These practices combined allow organizations to detect and take action on money laundering activities. 

What are the three lines of defense in AML?

The three lines of defense in AML are your daily operations, your compliance and risk management practices, and the internal auditing that assesses how well the other defenses are performing—or where they break down. These defenses represent three groups of employees at a financial institution or other high-risk organization. Employees, and the processes they follow, defend operations against money laundering. The defense network starts with every customer-facing employee, and the fortifications extend from there throughout internal workflows and best practices.

What are the pillars of AML compliance?

Now that you know the basics of AML activities, let’s move on to how an organization deploys an AML compliance program. Here are the five pillars of any AML program. 

  1. Appoint compliance leadership, whether it’s one executive or a team of internal stakeholders. It’s important to assign responsibilities and task the leader(s) to keep up with emerging trends and technologies. 
  2. Complete risk assessments to determine where and when the biggest money laundering threats emerge in your customer lifecycle. Through this you can identify the highest risks and assign resources accordingly. 
  3. Prepare an anti-money laundering policy and a procedure manual to inform all employees, investors, vendors, and even customers of the steps you are taking to prevent and report attempted money laundering. 
  4. Monitor and maintain your AML program by regularly updating your policies, sending employees to training, and engaging independent auditors to assess if your program is robust enough. 
  5. Do your due diligence, which means stick to the policies and procedures, as well as document your activities. You must continually and thoroughly evaluate not just your customers, but investors, business partners, and vendors to detect any risks of illegal activity. 

Although this blog is not a comprehensive AML compliance checklist, it is a good starting point to become familiar with various AML requirements. 

What is required in an AML compliance program?

For a country- or industry-specific anti-money laundering compliance checklist, financial institutions should consult with experts in their area. This could mean a conversation with an attorney, a risk manager, or even looking up a free anti-money laundering policy template specific to your industry, geography, or service lines. Here is one example of a free AML policy template:  

The United States Financial Industry Regulatory Authority (FINRA) offers an anti-money laundering policy template for small firms. This template is designed to comply with the Bank Secrecy Act (BSA) and FINRA Rule 3310. Although this template can only be used in the United States, it’s worth referencing to gain an understanding of what AML compliance entails.

Onfido helps simplify AML/KYC compliance 

Finding free online policy templates and step-by-step compliance walkthroughs can start you out on the right foot. But true peace of mind comes with the confidence of knowing your daily AML compliance is covered in each and every transaction. That’s the security that comes with a platform like Onfido. 

Our Real Identity Platform allows financial institutions to integrate necessary due diligence with the natural customer onboarding process. As you no doubt know, fraud prevention can’t be a set-it-and-forget-it policy. It requires constant awareness and intentional action — and Onfido can help. 

Take our interactive tour

Explore our platform today on a virtual interactive tour to see just how streamlined and simple AML/KYC compliance can be. It walks through our suite of verifications and signals, and teaches how to build workflows in Onfido Studio.

Take the tour