AML Compliance

Anti-Money Laundering (AML) compliance involves screening customers against sanctions lists, PEP databases, and adverse media to prevent financial crime.

What is AML?

Anti-Money Laundering (AML) refers to laws and regulations designed to prevent criminals from disguising illegally obtained funds as legitimate income.

Key Components:

1. Customer screening - Check against sanctions and watchlists
2. Ongoing monitoring - Continuous surveillance for risk changes
3. Transaction monitoring - Detect suspicious patterns
4. Reporting - File Suspicious Activity Reports (SARs) to authorities

Why AML Matters

Financial Crime Statistics

• $2 trillion: Annual money laundering globally (2-5% of global GDP)
• $26 billion: AML fines issued in 2023
• 90%: Of money laundering goes undetected

Consequences of Non-Compliance

AML Screening Categories

1. Sanctions Lists

What: Individuals and entities prohibited from financial transactions

Lists:

• OFAC (US Treasury) - 6,000+ entries
• UN Security Council - 1,000+ entries
• EU Sanctions - 2,000+ entries
• UK HM Treasury - 1,500+ entries
• Country-specific - 50,000+ entries globally

Risk: CRITICAL - Must reject immediately

Example:

Name: Vladimir Putin
List: OFAC, EU, UK Sanctions
Reason: Russian political figure (Ukraine conflict)
Action: REJECT transaction immediately

2. Politically Exposed Persons (PEP)

What: Individuals in prominent public positions at higher risk of corruption

Categories:

Risk: HIGH - Requires Enhanced Due Diligence (EDD)

Example:

Name: John Smith
Position: Former Member of Parliament (UK)
Tier: Tier 2
Action: Enhanced due diligence, source of funds verification

Not All PEPs Are Bad: Most PEPs are legitimate customers. EDD is about verifying source of funds, not automatic rejection.

3. Adverse Media

What: Negative news mentions related to financial crime

Categories:

• Financial fraud
• Money laundering
• Corruption and bribery
• Organised crime
• Terrorist financing
• Regulatory enforcement

Risk: MEDIUM-HIGH - Investigate further

Example:

Name: Jane Doe
Headline: "CFO charged with embezzlement"
Source: Financial Times
Date: 2023-12-15
Action: Manual review, assess case status

4. Financial Crime Databases

Additional Sources:

• Interpol wanted lists
• FBI most wanted
• Law enforcement databases
• Court records
• Corporate registry (beneficial ownership)

AML Screening Process

Step 1: Initial Screening

Screen customer at onboarding:

POST /api/v3/aml/screenings
 
{
  "firstName": "John",
  "lastName": "Doe",
  "dateOfBirth": "1990-01-15",
  "country": "GB",
  "categories": ["SANCTIONS", "PEP", "ADVERSE_MEDIA"]
}

Processing Time: 2-5 seconds

Result:

• No matches (CLEAR) → Approve
• Sanctions match (CRITICAL) → Reject immediately
• PEP/Adverse Media (MEDIUM/HIGH) → Enhanced due diligence

Step 2: Enhanced Due Diligence (EDD)

Required for:

• All PEPs (Tier 1-3)
• High-risk countries (FATF blacklist)
• Large transactions (>$10,000)
• Adverse media hits

EDD Requirements:

• Source of funds documentation
• Source of wealth documentation
• Purpose of account/transaction
• Senior management approval
• Ongoing monitoring (monthly checks)

Step 3: Ongoing Monitoring

Continuous screening for existing customers:

POST /api/v3/aml/monitoring
 
{
  "applicantId": "app_1234567890",
  "categories": ["SANCTIONS", "PEP", "ADVERSE_MEDIA"],
  "checkFrequency": "DAILY"
}

Triggers Alert If:

• New sanctions listing
• New PEP designation
• New adverse media mention
• Risk score increases significantly

Step 4: Suspicious Activity Reporting

File SAR if:

• Transaction has no apparent purpose
• Customer evades reporting requirements
• Unusual transaction patterns
• Customer on sanctions list

Timing: Within 30 days of detection (varies by country)

Risk-Based Approach

Not all customers require the same level of screening:

Low-Risk Customers

Characteristics:

• Individuals from low-risk countries
• Small transaction values (<$1,000)
• Transparent source of funds
• No adverse media

Screening: Basic (sanctions only)

Monitoring: Annual re-screening

Medium-Risk Customers

Characteristics:

• Standard countries (most of EU, US, UK, etc.)
• Transaction values $1,000-$10,000
• No PEP or sanctions hits

Screening: Standard (sanctions + PEP)

Monitoring: Quarterly re-screening

High-Risk Customers

Characteristics:

• High-risk countries (FATF blacklist)
• Large transactions (>$10,000)
• PEPs or close associates
• Cash-intensive businesses

Screening: Comprehensive (sanctions + PEP + adverse media + financial crime)

Monitoring: Monthly or continuous

High-Risk Countries (FATF)

Countries with strategic AML deficiencies:

FATF Blacklist (Call for Action):

• Democratic People's Republic of Korea (North Korea)
• Iran
• Myanmar

FATF Greylist (Increased Monitoring):

• Afghanistan, Pakistan, Yemen, Syria
• Nigeria, South Africa, Uganda
• Panama, Jamaica, Haiti
• (40+ countries as of 2024)

Enhanced Due Diligence Required for customers from these countries.

AML Regulations by Region

European Union

Directive: 6AMLD (Sixth Anti-Money Laundering Directive)

Key Requirements:

• Risk-based customer due diligence
• Enhanced due diligence for PEPs
• Beneficial ownership registers
• Suspicious transaction reporting
• Record retention: 5 years

Penalties: Up to €5M or 10% of annual turnover

United States

Law: Bank Secrecy Act (BSA), USA PATRIOT Act

Regulator: FinCEN

Key Requirements:

• OFAC sanctions screening (mandatory)
• PEP screening (best practice)
• Suspicious Activity Reports (SARs)
• Currency Transaction Reports (CTRs) for >$10,000

Penalties: Up to $250,000 per violation, criminal prosecution

United Kingdom

Law: Money Laundering Regulations 2017, Sanctions and Anti-Money Laundering Act 2018

Regulator: FCA, OFSI

Key Requirements:

• Customer due diligence
• PEP screening (mandatory)
• UK sanctions screening
• Suspicious Activity Reports (SARs)

Penalties: Unlimited fines, 2 years imprisonment

Cryptocurrency

Standard: FATF Travel Rule

Requirements:

• AML screening for all customers
• Transaction monitoring
• Know Your Transaction (KYT) - wallet screening
• Travel Rule compliance (share customer data for transactions >$1,000)

Effective: 2020+ globally

Fuzzy Matching

AML screening uses fuzzy matching to catch name variants:

Example:

Search: "John Smith"

Matches:
- "John Michael Smith" (95% match)
- "Jon Smith" (90% match)
- "J. Smith" (85% match)
- "Smith, John" (100% match)

Also Matches:

• Transliterations: "محمد" → "Mohamed", "Muhammad", "Mohammed"
• Aliases: aka "Johnny", "Jack"
• Maiden names: "Jane Doe (née Smith)"

Threshold: 80%+ typically considered a match

False Positives

Challenge: Common names generate many false positives

Example:

Search: "Mohammed Ali"
Results: 1,247 matches

True Positive: 1 (the actual sanctioned person)
False Positives: 1,246 (different people with same name)

Solution: Use additional data points

• Date of birth
• Nationality
• Address
• Document number

VeriPlus Accuracy: 98% true positive rate (vs 60-70% industry average)

AML Best Practices

1. Screen at Onboarding: Check all new customers before activation
2. Enable Ongoing Monitoring: Continuous screening for existing customers
3. Document Decisions: Record why matches were accepted/rejected
4. Train Staff: Ensure compliance team understands AML regulations
5. Risk-Based Approach: Apply stricter checks to high-risk customers
6. Regular Audits: Review AML processes quarterly
7. Update Data Sources: Use latest sanctions lists (daily updates)
8. Automate Where Possible: Reduce manual review burden

VeriPlus AML Features

Compliance Checklist

Next Steps