The role of AML in the financial industry

Financial institutions are required by law to prevent money launderers from using their platforms. Learn more.

Icon of a globe and financial charts
Read time:
Share this post
Table of contents
⚡ Key takeaways
  • Criminals often use a process known as structuring or smurfing to make their dirty money appear legitimate so they can spend it with less risk of raising suspicion.
  • The AML process typically consists of multiple strategies, including KYC, CDD, customer screening, transaction monitoring, supicious activity reporting, and more.

By some estimates, the amount of money laundered annually around the world equals $800 billion, or nearly five percent of the total global GDP. That makes combating money laundering — preventing these illegitimate funds from entering the global financial system — one of the most serious challenges governments and economies face. 

Because banks, lenders, fintech companies, and other financial institutions are uniquely positioned as interfaces into this system, it’s only natural that governments would look to them to mitigate money laundering activities. 

But how does anti-money laundering work in the financial industry, what does the AML process look like, and how can financial institutions design and implement an AML program compliant with relevant regulations? Below, we answer these and other common questions about the role of AML in the financial industry.

How does money laundering happen in the finance space?

When criminals make money from an illegal activity (such as theft, drug trafficking, or weapons dealing) the money is said to be “dirty.” Spending dirty money is risky, as it can offer investigators a path to “follow the money” back to the crime from which it originated — and the criminal that perpetrated the crime. In a worst-case scenario for the criminal, it can lead to their indictment and eventual imprisonment. 

With this in mind, criminals have a lot of incentive to “launder” this money: i.e., make it appear as though it came from a legitimate source. Laundering money helps criminals throw investigators off of their tracks and potentially evade taxes. It also makes it easier for the criminal to spend their ill-gotten gains without worrying that their spending will attract the eyes of auditors. 

But how, exactly, do criminals use — or try to use — the financial system to launder money?

While there are a lot of different strategies criminals might leverage to try and launder money, the most common strategy they use is depositing funds into a bank account and then spending it at a later date. 

The Bank Secrecy Act requires financial institutions to file a currency transaction report (CTR) any time someone makes a cash deposit greater than $10,000 — something criminals naturally don’t want to happen. To avoid triggering these reporting requirements, criminals usually make multiple smaller deposits specifically designed not to trigger the requirements. They may also spread the money around multiple accounts at different institutions to obfuscate their efforts even further. This process is known as structuring or smurfing

Through structuring, criminals make their dirty money appear legitimate. The money can then be withdrawn or spent at a later date with less risk of raising suspicion. 

How does the AML process work in banking?

The AML process can vary slightly from financial institution to financial institution. That said, it typically consists of multiple strategies, including:

Know Your Customer & customer due diligence

In order for a criminal to launder money through the financial system, they must first open an account with a financial institution such as a bank. This is why it’s important for all financial institutions to have processes in place for identifying suspicious or high-risk individuals who are attempting to open an account — a process called Know Your Customer (KYC).

Customer due diligence (CDD) is a major component of KYC and is essentially a process for assessing customer risk. Importantly, it entails verifying the identities of all new customers before they are allowed to open an account, among other tactics. Specifically, financial institutions must collect and verify the following pieces of information from each customer:

  • Name
  • Birth date
  • Address
  • Identification number (e.g. SSN or TIN)

This information can be verified via a number of methods, including database verification, government ID verification, document verification, and more. 

When it happens: During customer onboarding/account creation

Customer screening

Customer screening, also called AML screening, refers to the process of cross-checking customer identities against certain authoritative databases and lists to see whether a customer carries a greater risk of money laundering. 

Once the identifying information (name, aliases, date of birth, identification numbers) is collected, that information is run against the relevant databases and lists. If the screening returns a positive result, the financial institution must then determine whether or not it is a false positive. If it is not a false positive, the institution must decide whether they can and should do business with the individual.

There are many different types of lists that can inform this process, including:

When it happens: During customer onboarding, then in an ongoing manner

Transaction monitoring & suspicious activity reporting

Unfortunately, just because a customer passes the identity verification and AML screening processes outlined above doesn’t mean the risk of money laundering is gone. Criminals sometimes slip through the cracks, and individuals previously deemed low risk may find themselves compromised in the future — for example, through political exposure. 

Transaction monitoring provides financial institutions with a second layer of defense against these challenges.

By law, financial institutions are required to monitor the transactions their customers make. When a transaction meets certain criteria — for example, it surpasses a certain amount — the institution must record the transaction and file a report with the relevant regulatory body. 

Some of the most important transaction reports related to money laundering FIs may need to file include:

  • Currency Transaction Reports (CTR): A CTR must be filed any time a customer makes one or multiple cash transactions in a single day that total $10,000 or more.
  • Form 8300: Form 8300 must be filed any time certain businesses receive cash payments of $10,000 or more from a single customer. As with CTRs, this can be from one transaction or multiple transactions within a single day. Car dealerships, art galleries, pawn shops, and insurance firms must comply with this requirement, in addition to other businesses.
  • Suspicious Activity Report (SAR): A SAR must be filed any time a financial institution suspects or identifies suspicious activity from an account. What defines suspicious activity is left to the judgment of the institution. It can include a pattern of transactions that resemble smurfing activities, as well as other behavior that is out of the ordinary for a given account. 
  • Unusual Activity Report (UAR): Some partner banks may require fintechs to submit a UAR before filing an official SAR when the FI detects activity that is unusual or out of the ordinary for a given account. Unexpected large payments, increased transaction frequency, and other activities can all be considered unusual. 

When it happens: Ongoing 

Free white paper
See how experts evaluate AML solutions

How can a financial institution prepare an AML compliance program?

Under the Bank Secrecy Act, building a fully compliant AML program involves five key pillars:

  • Designating a compliance officer
  • Developing internal AML policies
  • Training employees on these policies
  • Facilitating independent testing and auditing 
  • Deploying in-depth risk assessment 

In addition to implementing these pillars, it’s crucial that you stay on top of AML regulations in whatever jurisdictions your business operates within. Laws can vary significantly from country to country and are constantly being adjusted. Failure to stay up-to-date in this arena can result in significant risk.

Here at Persona, we understand the importance of a strong AML program. That’s why we’ve designed our platform specifically with AML in mind. Leverage our Verifications solution during customer onboarding to meet KYC and CDD requirements. Leverage our Reports solution for customer screening against sanctions lists, watchlists, adverse media, and more. And leverage Cases to streamline investigations when you identify potentially suspicious activity.

Interested in learning more? Start for free or get a demo today.

Frequently asked questions

Why is AML important in finance?

Companies operating in the financial industry — like banks, brokerages, insurers, lenders, etc. — are required by law to implement certain policies that make it more difficult for criminals to launder money through their businesses. Without these policies, it would be much easier for criminals to deposit their ill-gotten gains into the global financial system and spend those funds without raising the suspicion of investigators. 

If a financial institution does not comply with all relevant AML regulations, it can find itself on the receiving end of regulatory fines, lawsuits, sanctions, and even jail time.

What are some common AML regulations that apply to the finance industry?

Around the world, there are many different AML regulations targeted at the financial industry. 

In the United States, the most important of these regulations include the Bank Secrecy Act, Money Laundering Control Act, and USA PATRIOT Act. In the European Union, AML guidelines are established in a number of directives, including the 6th Directive (6AMLD). Internationally, the Financial Action Task Force (FATF) has issued 40 recommendations that all governments are encouraged to implement to limit money laundering risk.

How does customer due diligence relate to AML?

Customer due diligence (CDD) refers to the processes a business must complete in order to assess customer risk. In the United States, CDD requires financial institutions to:

  • Verify the identities of all individuals who wish to open an account
  • Verify the identities of all beneficial owners of companies that wish to open an account
  • Develop risk profiles for customer
  • Perpetually monitor customer transactions and activity

With this in mind, customer due diligence can be thought of as just one piece of a broader set of AML requirements.

What happens if a financial institution does not comply with AML regulations?

If a financial institution does not meet AML requirements, it can experience a number of serious consequences. These include but are not limited to:

  • Regulatory fines: Regulators such as the SEC, FINRA, and FinCEN all have the authority to issue fines to institutions under their purview that do not meet AML requirements. These fines can be tens of thousands of dollars per incident and often total millions of dollars. In 2022, for example, the SEC fined Wells Fargo $7 million for failing to file 34 suspicious activity reports as required. 
  • Civil and criminal lawsuits: Financial institutions can face legal proceedings on both the civil and criminal front. Civil lawsuits may result in additional damages being paid out on top of regulatory fines. Criminal lawsuits may result in jail time for parties deemed responsible for the AML failures. 
  • Reputational risk: Money laundering is a serious crime, and financial institutions that are accused of failing to enforce AML regulations can experience significant reputational risk. Customers may think twice about doing business with a financial institution convicted of AML failures. Investors, too, may no longer be willing to purchase a company’s bonds or shares.

What’s the difference between AML and combating the financing of terrorism (CFT)?

Anti-money laundering and combating the financing of terrorism are often discussed together, for one simple reason: Funds from illegal activities are often used to fund terrorist activities around the world. But before this money can be sent and used, it must be laundered. 

Therefore, it can be said that when a financial institution prevents money laundering, it is also combating the financing of terrorism (CFT). In addition to the general AML policies outlined above, combating the financing of terrorism includes additional scans and checks to ensure that customers are not known or suspected terrorists, or individuals connected to terrorist groups.

Continue reading

Continue reading

Identity challenges in the travel industry: How hospitality businesses can fight fraud
Identity challenges in the travel industry: How hospitality businesses can fight fraud

Identity challenges in the travel industry: How hospitality businesses can fight fraud

Identity fraud in the travel industry has become increasingly common. Here are some common identity challenges and potential solutions businesses need to know about.

How digital health apps can overcome four barriers to converting users
How digital health apps can overcome four barriers to converting users

How digital health apps can overcome four barriers to converting users

New patients might abandon onboarding if they’re confused, frustrated, or overwhelmed. Here are four ways digital health apps can improve conversion.

How to create scalable and compliant international KYB processes
How to create scalable and compliant international KYB processes

How to create scalable and compliant international KYB processes

Industry experts discuss international KYB and debunk common myths while sharing how to build a scalable global KYB process.

AML screening: Why it's important and how it works

AML screening: Why it's important and how it works

AML screening is the process of checking whether customers pose a specific risk of money laundering. Learn more.

How to implement the five pillars of AML compliance

How to implement the five pillars of AML compliance

Learn what a compliant AML program looks like and how to establish one at your company.

The AML compliance checklist: best practices, tools, and processes

The AML compliance checklist: best practices, tools, and processes

In this AML checklist, we’ll briefly go over the five AML pillars, then dive into four processes that can help improve AML compliance.

Ready to get started?

Get in touch or start exploring Persona today.