What is Risk Based Approach to AML?

Money laundering is a severely growing problem, and it’s not limited to any one country. The United Nations Office on Drugs and Crime (UNODC) that money laundering figures worldwide will exceed the global 2% of global GDP ($1.7 trillion).

Eurojust Report on Money Laundering, states that cases registered regarding money laundering have doubled within the last 6 months. 

Anti-Money Laundering (AML) is a set of guidelines pertaining to financial institutions and other related industries. These guidelines are meant to prevent activities that support the financing of terrorism. Regulated businesses should not knowingly or unknowingly support these activities.

Risk-Based AML and Global Regulation

There are several anti-money laundering regulatory bodies that set up rules and regulations that local and international organizations have to follow. For companies to do business in a particular location, they have to comply with the rules and regulations set by the governing body. 

The Financial Action Task Force is the global money laundering and terrorist financing regulatory body. The FATF has the responsibility to set international standards that aim to prevent illegal activities and the harm they cause to society. 

FATF works with several governments and national regulatory bodies to achieve regulatory reforms. Regulations made by FATF cover more than 200 countries and jurisdictions. 

The UK was the first one to propose a risk-based assessment for anti-money laundering. It was further adopted and improved by the FATS in 2012. this led to the development of proactive risk management.

Common AML Risk Factors

A proactive risk-based approach to AML can only be done when there is an accurate risk assessment. And there are 3 distinct areas of risk that regulated industries need to focus on during risk assessment.

  1. Individual Risks

Governments need to collect and maintain lists of high-risk individuals. These lists include known fraudsters, money launderers, terrorists, and red-flagged Politically Exposed Persons (PEPs). 

These individuals are considered high-risk individuals because of their influence and access to a large number of funds. During customer onboarding, businesses need to identify high-risk individuals as it’s a KYC requirement. 

  1. Location Based Risks

Governing bodies also compile assessments of risk that comes with geographical jurisdictions,  flagging unsatisfactory money laundering and terrorist financing. 

The geographical location determines the laws, regulations, technology, security, data privacy, and data accuracy of a business environment. To take a risk-based approach to AML, businesses need to take location-specific risks into consideration. 

  1. Channel Risks

The way a product or service is taken to the market can also affect the risk level. Now that we’re living in an internet-based economy, sales of products and services that happen online always carry a hint of risk. Without robust KYC verification and ID verification process, there’s no way to eliminate the level of risks associated with online transactions.

How to Implement a Risk-Based Approach to AML?

Taking a risk-based approach to AML is similar to managing any other type of risk in your business. A risk-based approach to AML includes:

  1. Identifying Business Risks

To be able to take a proactive approach to AML, you first need to identify the risks. A business needs to review products, services, and portfolios, that contain common AML risk factors, such as:

  • Customers – How much do you know about the type of customers for your service?
  • Geography – What’s the exposure of the target markets to financial crime?
  • Delivery channel – By what means the product will be delivered to the customers?
  • Industry – How advanced are the regulations of your business’s industry?
  • Monetary Value – Does your product and service has a high monetary value?
  • Regulatory Controls – If the regulations in the country are advanced enough.
  • Process Controls – How well can you document and follow your processes as a business?
  1. Analyzing Business Risks

Analyzing and assessing risks that a business has to face is crucial for a risk-based approach to AML. Using a table of risk factors for each product or service, a business can assign risks. Then the level of risk can be categorized as “low, medium, or high”. 

The FATF has a guide that businesses can use to show how to rank risks using a simple matrix.

  1. Implement Policies that Eliminate Risks 

Once the risk assessment is complete, businesses need to make policies and implement policies that help mitigate risks. These policies should make sure that the right level of scrutiny is applied to the right type of risks. 

There should be an ideal balance between high scrutiny for high risks, and minimal friction for customers with low risks.

Technologies Involved in Anti-Money Laundering

To manage risk and maintain the risks of a business, there needs to be a solution that can cover every part of the business. There are a lot of AML technologies out there that can automate the risk-assessment process for new customers, and new transactions within seconds. 

Technologies involved in anti-money laundering can be broken down into two categories:

  1. Know Your Customer

Know Your Customer (KYC) is the combination of customer due diligence and enhanced due diligence that regulated organizations comply with to make sure their customers are real people and not someone posing as someone else. If there’s a customer that poses a level of risk needs, to be monitored throughout the relationship with the business. 

In an economy that’s moving towards digital solutions, new solutions that cater to online ID verification, and ID proofing are always coming up. These technologies can help businesses identify whether a customer is a genuine person or a criminal with stolen ID data.

  1. Transaction Monitoring

The process of monitoring a customer’s transactions, be they small or big is known as transaction monitoring. Transaction monitoring techs are designed to eliminate the risk of money laundering. These techs can monitor digital transactions across all business channels and look for suspicious behavior.

The cost of these solutions to the business is the only consideration businesses need to have before finalizing a technology.

Frequently Asked Questions

1. What is Anti-Money Laundering?

Anti-money laundering is a set of rules and regulations outlining steps a business needs to take to manage or prevent the risks of money laundering. These regulations help businesses fight terrorism financing and other illegal activities. Businesses that work in under-regulated industries need to comply with these rules and regulations.

2. What is a risk-based approach to AML?

AML regulations can be enhanced by taking a risk-based approach. The risk-based approach includes assessing the risk of a product and service’s exposure to the market, customers, channels, transactions, and other risk factors. 

The assessed risk is categorized into low-risk, medium-risk, and high-risk categories. The potential impact on the business needs to be analyzed so businesses can come up with policies to prevent and manage these risks.

3. What is Know Your Customer (KYC)?

Know Your Customer or KYC refers to the customer’s due diligence and enhanced due diligence process. Regulated companies have to make their customers go through the diligence process to verify if the customer is an actual individual or not.

The KYC process also includes continuous transaction monitoring, through which businesses can figure out suspicious activities.


KYC and AML Risk Assessment for Customer Onboarding

When onboarding new customers, financial institutions must balance the need to mitigate risk with the necessity to keep the customer experience frictionless. To that end, AML/KYC risk assessment is critical for onboarding new customers. Indeed, financial institutions are under increasing pressure to meet regulatory standards while making the customer onboarding process frictionless. The combination of digital and mobile technologies makes it easier than ever for customers to open new accounts.

As a result, financial institutions must maintain strict Know Your Customer (KYC) and Anti-Money Laundering (AML) standards while streamlining the onboarding process for new customers. In this article, we’ll explore different onboarding methods and how they impact your institution’s KYC/AML risk assessment.

What is AML/KYC Risk Assessment?

KYC/AML is an acronym standing for “Know Your Customer” and “Anti-Money Laundering.” These are compliance regulations that require financial institutions to verify the identity of their clients. This is done to prevent money laundering and other financial crimes. KYC is a procedure that requires financial institutions to collect and verify information about their customers. This data is then documented in an effort to prevent money laundering and terrorist financing.

KYC regulations are designed to strengthen the integrity of the financial sector and the wider economy by reducing crime and increasing trust. AML refers to the regulations that govern financial institutions’ due diligence when determining the source of their customers’ funds. For example, financial institutions must verify the source of funds deposited in accounts by customers who are opening new accounts. This is done to prevent money laundering.

Digital Customer Onboarding Methods

Digital onboarding methods are low-touch and mostly occur online. They include onboarding methods such as e-KYC, SMS verification, and OTP verification. E-KYC is the process of onboarding new customers digitally by collecting and verifying their identity and other relevant information. E-KYC uses the government-issued Unique Identification Number (UID) issued by the Indian government.

Once verified, the e-KYC process provides an electronic validation of the customer’s identity. This electronic verification is stored in an electronic format and is used to onboard new customers, transfer funds, and open new bank accounts.

E-KYC is the most common digital onboarding method. It is used by banks across the world to onboard new customers. SMS verification is a low-touch onboarding method that telecom companies commonly use to onboard new customers.

Manual KYC/AML Risk Assessment

Manual AML/KYC risk assessment is a low-to-moderate touch method that relies on a combination of digital and manual methods. It is an onboarding method that requires an initial review of customer information and documents that is followed by a final review of all customer information and documentation.

A manual review is necessary in order to accurately complete KYC/AML compliance. Manual KYC/AML risk assessment is the most common onboarding method. It is used by large money transfer companies and financial institutions that have large volumes of new customers. Manual AML/KYC risk assessment is conducted by an employee and typically involves reviewing documents such as passports, utility bills, and letters of employment.

This method is necessary to complete the full KYC/AML compliance for customers. Manual KYC/AML risk assessment is the traditional way that financial institutions onboard customers. It is done by reviewing customer information and documents by an employee. This process is necessary to complete the full AML/KYC compliance for customers.

Computerized AML/KYC Risk Assessment

Computerized KYC/AML risk assessment is a high-touch method that involves the use of technology to onboard customers. It is an onboarding method that uses technology to identify and verify customer information and documents. This onboarding method is often used by large financial institutions with high volumes of new customers.

Computerized KYC/AML risk assessment is done by an online system that uses algorithms to screen and filter documents. The system uses algorithms to identify common information found in identity documents such as passport numbers, birth dates, and driver’s license numbers. This onboarding method uses preloaded customer information to verify identity and collect the necessary information.

Computerized AML/KYC risk assessment is a high-touch onboarding method that relies on technology to collect customer information and verify identity. This method is necessary to complete the full KYC/AML compliance for customers. This method is used by large financial institutions. It is the most efficient way to onboard new customers.

Combination of Digital and Manual AML/KYC Risk Assessment

Co-editing is a high-touch method that uses both digital and manual methods to collect and verify customer information and documents. This onboarding method uses both technology and employees to collect and verify customer information and documents. Co-editing is a manual onboarding method that relies on employees to verify customer information and documents.

It also uses software to filter information and documents. Manual KYC/AML risk assessment is the most common onboarding method. It is done by an employee and typically involves reviewing documents such as passports, utility bills, and letters of employment. This method is necessary to complete the full AML/KYC compliance for customers. Co-editing is the most efficient way to onboard new customers.


KYC/AML risk assessment is critical for onboarding new customers. When onboarding new customers, financial institutions must balance the need to mitigate risk with the necessity to keep the customer experience frictionless.

To that end, AML and KYC risk assessment is critical for onboarding new customers. Indeed, financial institutions are under increasing pressure to meet regulatory standards while making the customer onboarding process frictionless. The combination of digital and mobile technologies makes it easier than ever for customers to open new accounts. As a result, financial institutions must maintain strict KYC and AML standards while streamlining the onboarding process for new customers.


Money Laundering and Wash Trading in NFT – Taking a Deeper Look

Wash trading is becoming common practice for a number of reasons. The trader or company may be trying to promote buying to raise prices, or to get people to sell at lower prices. The real reason is that the trader wants a tax refund whenever they engage in wash trading. This helps them in collecting capital so they can perform the same activities over and over again.

Understanding Crypto Wash Trading

In layman’s terms, Wash trading is done to trick and mislead traders, investors, and collectors about the true value and liquidity of a coin or NFT. Any trader or investor that does wash trading buys and sells the same asset over and over again.

Wash trading is impacting the market in the favor of the NFT owner/developer as it changes the actual value of the account. Wash trading requires the trader to quickly purchase and sell an asset in a short time period. Usually, one or more collaborating agents make multiple deals without any account of market risk. This makes the initial position of hostile agents the same as before.

On the Ethereum Blockchain, “Cryptopunks, a Larva Labs NFT Project”, went through a wash sale in October 2021. CryptoPunk 9998, crypto was sold for 123,457 ETH.

This was not just a flash loan, but it was an example of NFT money laundering.

How Does Wash Trade Work?

The Constant buying and selling of a crypto coin or NFT are known as wash trading. The concept of Wash Traders goes one step beyond, and it also considers the investor’s goal and outcome of the transaction into consideration.

Investors or traders that buy and sell assets with a common benefit in a short time period are engaging in wash trading. Traders across accounts with the same Beneficial Owner are a concern for financial regulators as they may be involved in money laundering. 

To trick regulatory bodies and manipulate the market, some wash traders don’t include any actual transactions. Wash trading can also happen when traders pretend to buy the assets without any money being exchanged.

Why Is Wash Trading Forbidden?

In traditional financing, wash trading is considered illegal and forbidden. When it comes to the decentralized NFTs, whether Wash trading is illegal or not is not defined yet. 

Even though there are no rules and regulations in the world of NFTs, several governments have established oppressing rules. For example, a South Korean crypto exchange “Bithumb” was charged by the government for promoting the wash trade. This trade was worth more than $250 million back in 2018. 

While crypto wash trading isn’t considered illegal in some countries, it is a challenge to figure out the offenders. This is due to the decentralized nature of the crypto and the NFT industry. Due to the anonymous nature of coins and NFTs, they can be purchased and sold repeatedly. This increases the risk of wash trading and money laundering. 

The risk is increased with fake prices and fake volume data. There’s no way for legit traders to uncover valid data until regulatory bodies in which countries or regions overseeing particular assets get involved. This is completely different from traditional financial trading assets such as equities, which are backed by customer verification protocols.

Role of NFTs in the Money Laundering Process

Money laundering is a huge concern when it comes to art trading. As NFTs are anonymous, many people question if NFTs can be used for money laundering. So, the question arises, can NFTs be used for money laundering?

The answer is Yes. Developers and scammers are using NFTs to launder money. As NFTs have an advantage over traditional banking methods, there is a lot of use of crypto assets for money laundering. 

As it’s difficult to quantify money laundering in the worth of physical art, NFTs don’t have that problem. NFTs provide a better idea of how much money is being laundered. Recently, most NFT marketplaces have become a hub for money laundering.

Why does Wash Trading Affect the NFT Market?

The reason is simple: traders use less liquid NFTs to affect an asset’s price. NFT Wash trading is a major issue for legit investors, the general public, and collectors. 

As investors have to rely on quantifiable data to make a decision, most of them end up making the wrong choices. Specialists have to look at data changes to promote NFT Investments and prevent the Wash trading scams. The NFT community is most riddled with scammers. Wash trading is becoming a common practice that regulators can use to fight the decentralized nature of the Crypto space. 

Due to wash trading, traders and investors are unable to make smart and informed decisions about their purchases. So, is there a way to identify wash trading in the NFT market?

When new coins are released in the market, they’re completely fresh and have no old data. Thus, developers and insiders may perform wash trading to boost the value of the coin. So, it’s better to stay away from such digital assets.

When it comes to NFTs, limited NFTs have investor interest or trading activities. So, the NFT owners get into wash trading to entice new traders to buy the NFT at an enormous cost. 

To not fall prey to wash trading scams, a trader should always focus on established crypto with higher volume. Scammers need more money to effectively manipulate the market. So, avoiding new currencies can prevent them from doing so.


Money Laundering Stats and Data

Money laundering is known for making financial organizations fight hard for preventing crime. It has become a universal concern for regulatory bodies like the Financial Action Task Force (FATF), Financial Conduct Authority (FCA), and Financial Transactions and Reports Analysis Centre of Canada (FINTRAC).

Financial organizations have somehow succeeded in their fight against money laundering by creating stronger Anti-Money Laundering laws and regulations like ID Verification and background checks. These strategies are proven to be an effective fraud prevention solution.

This doesn’t mean that the money laundering situation has ended abruptly, the situation persists and remains a huge issue for the global economy. Money laundering cases continue to appear around the world. Here are some of the basic statistics stating the impact of money laundering on a global scale.

Common Statistics About Money Laundering

  1. According to a report by the United Nations Office on Drugs and Crime (UNODC), the average loss by laundered cash in one year is around $800 billion – $3 Trillion. Which is 2-5% of the worldwide GDP.
  2. Switzerland published 160 money laundering reports in 1989, with a monetary loss worth 330 million Swiss francs. Approximately $210 million in US currency.
  3. Regulatory bodies uncovered that Ferdinand Marcos hid almost $500 million in a series of Swiss Bank accounts.
  4.  The GDP of Switzerland is about 1/8th of the annual money laundered. That is $191,000,000,000.
  5. Dow Jones published that 1989 GDP had a score of 5% for money laundering. The amount ranging between $1 trillion – $3 trillion.
  6. A 1996 report published by Chulalongkorn University in Bangkok stated that the amount of money laundered in cash was equivalent to 15% of the nation’s GDP.
  7. The assessed GDP of the United States in 1998 was $8.511 trillion, which is triple the rate of multiple national economies.
  8. According to the Canadian Solicitor General, in 1998 the illegal assets created and laundered were around $5 – $17 billion. This is ironic because Canada is one of the biggest countries to follow and implement AML regulations.
  9. In 1998, the Swiss Finance Ministry affirmed that the nation was involved in $500 billion of money laundering every year. Switzerland is one of the biggest countries to contribute to global money laundering losses.
  10. The Republic of Ireland assesses that in 1998, $126 million were laundered throughout the country.
  11. In 1999, an illegal pharmaceutical deal was the reason for $48 billion in terms of money laundering.
  12. It is assessed that two-hundred million pharmaceutical clients intake almost $400 billion in laundered cash.
  13. In February 2000, General Motors turned over $161,315,000,000 which is almost 1/10th of money laundered annually.
  14. In 2008, banks paid up to $321 billion in fines for non-compliance with money laundering regulations, cyber financial fraud prevention, and market control.
  15. In 2009, worldwide AML guidelines were only 0.2%, as indicated by the UN and US State Department.
  16. In 2009, money laundering accounted for 3.6% of worldwide GDP with $1.6 trillion money laundered as indicated by the UNODC.
  17. FATF detected and blocked $3.1 billion worth of laundered cash in 2009 out of which more than 80% was seized in North America.
  18. In 2014, worldwide expenses on AML regulation-related fines was $10 billion. 
  19. In the year 2016-2017, 167 cases were documented for money laundering and illegal use of financial resources.
  20. The annual value of the Fraud Detection and Prevention market was assessed to be worth more than $19.5 billion in 2017.
  21. In the year 2017-19 in the UK, the legal fine for involvement in money laundering and financial fraud was £241,233,671.
  22. In the year 2018, India had more than 884 organizations reported on high alert for money laundering and illegal financial resources worth INR 50 Billion. The organizations are now being regulated under the Prevention of Money Laundering Act (PMLA 2002).
  23. In 2018, India was compliant with only four out of forty FATF-suggested regulations.
  24. According to a report by the Public Authority of India, around $18 billion is lost through illegal money laundering annually. This amount makes India a huge target for international money laundering.
  25. In 2018, the reported count of global money laundered cash washed annually was 2-5% of the global worldwide GDP, meaning $800 billion – $2 trillion.
  26. Florida International University was positioned in 9,500 Non-Banking Financial Companies out of 11,500 enrolled as a potential money laundering associate in 2018.
  27. In 2019, banks all over the globe paid more than $6.2 billion as AML fines around the world.
  28. Brazil became the nineteenth country with the least money laundering cases in 2019.
  29. For the last 2 years, Chile has had a laundering index of 4.16 thus making it one of the lowest money laundering indexes. 
  30. Haiti became one of the largest Caribbean countries in 2020 for money laundering in Latin America, with a money laundering score of 8.15 according to FATF.
  31. About half of cases of money laundering in Latin America show that banks were involved in these cases. 
  32. In 2020, Cayman Islands had an index score of 7.46 for money laundering, in the same year, Chile became the lowest ranking country.
  33. Iran is still at the highest point of the Anti-Money Laundering hazard file with a money laundering index score of 8.6. Afghanistan comes second with a score of 8.38 and Guinea-Bissau is third with a score of 8.35. 
  34. Money laundering accounts for about 1.2% of the European Union’s entire GDP.
  35. Russia has illegally laundered more than $15 billion through fake or paper bank accounts. 

Conclusion: Money Laundering & Its Impacts

Money laundering has been a major worldwide issue and it will continue to become even a bigger threat if the right regulations aren’t followed strictly. The annual losses by money laundering are equal to 2-5% of the global economy.

Banks and financial institutions need to follow AML regulations set up by international financial associations. While banks, financial institutions, and governments keep searching for newer and stronger methods for tackling financial crime, till then anti-money laundering regulations are the most successful solution.


EU Money Laundering Action Plan

The European Union launched an ambitious and multi-featured action plan for tackling money laundering. This plan sets out concrete measures for banks, financial institutions, credit unions, and other businesses operating in the financial industry. These set of rules and regulations are built to ensure better enforcement, supervision, and coordination of the European Union’s rules on anti-money and fighting terrorism financing. Let’s dive deeper into the EU’s Money laundering action plan.

Timeline of EU’s Money Laundering Action Plan

On May 7th, 2020, the European Commission (EC) published its action plan to further streamline the EU’s fight against money laundering fraud and terrorist financing. The legislative plans to roll out this action plan were timelined around July 2021. The action plan targets six main problem areas, each of which is aimed at shutting down and eliminating loopholes and weak links in the already existing rulebook against ML/FT. One of these pillars is streamlining and strengthening the already existing rulebook. 

The current EU legal framework already offers comprehensive regulatory guidelines to all the EU Member states. These regulations outline how to tackle money laundering and financial terrorism. The current approach is diversifying regulation implementation across all EU member states. This fragmented legislative anti-money laundering environment leads to additional costs, burdens, and regulatory mistakes for businesses that provided services globally. The aim of a singular rulebook is to simplify the process for all entities involved, not increase costs and burden. 

Based on this, the EBA published a new report that highlights how the EU’s framework should be fixed and changed to tackle vulnerabilities and loopholes in the existing system.

Minimum Harmonization and Open Standards

To limit the fragmentation in the interpretation and application of rules, the EU considers it essential to convert specific parts of AMLD into applicable guidelines for all banks and members. Opting for regulation instead of a directive will ensure a consistent approach to AML/CFT compliance and enforcement. A regulation should outline rules and guidelines related to:

  • List of obligated entities
  • Tasks of FIUs
  • Structure and tasks of supervision
  • Customer due diligence
  • Electronic identification and verification
  • Record keeping
  • Internal controls
  • Reporting requirements
  • Beneficial ownership verification
  • Central bank account mechanisms
  • Limit large cash payments
  • Freezing powers for FUIs
  • Sanction lists

Adoption of New Rules and Regulations

According to the EC, harmonization can also be achieved by utilizing empowerment to adopt detailed rules and regulations through delegated or implemented acts to keep up with the changing environment. 

A similar approach was introduced in 2001 to improve the regulatory procedures and implementations in the financial services industry. The process has a 4-step approach, with committees of national experts working on different parts of new legislation.

The four levels are:

  • The European Parliament and the Council adopt the framework suggested by the EC in form of a directive or regulation.
  • These directives or regulations contain guidelines for level 2. This includes the adoption of a regulation by delegated acts or implementing acts. During the second stage of the approach, the EC is backed by consulting bodies that include several EU countries’ reps. 
  • At level 3, committees of national supervisors are responsible for advising the EC on the adoption of levels 1 and 2 and for issuing guidelines and recommendations for implementing the rules. This is how the uniform and consistent application of new legislation within EU Member states is completed. 
  • At level 4, the EC is required to monitor the implementation of compliance by the member states, and for warning about differences in impact between the countries. In case there are major differences in implementation, the EC can issue amendments to regulations. 

Six Pillars of Money Laundering Action Plan

The EU is committed to building a better and stronger framework for fighting and preventing ML/TF. To enhance the current rulebook, the EU devised a methodology for identifying weak points and loopholes. 

1. Ensuring Proper Implementation of Existing Framework

For winning a fight against money laundering and terrorism financing, the European Commission expects the member states to follow the rules. The EC will be monitoring the compliance closely to find those who don’t comply with guidelines. Since the implementation of the plan, 3 member states have been reported to the Court of Justice of the EU and they’ve paid hefty fines for non-compliance. 

2. Establishing a Single Rulebook for AML/CTF

The EC has developed a single set of rules that all member states must follow to prevent ML/TF. Some of the biggest rules include digital customer identification, due diligence, and provision on beneficial ownership registers and central bank account mechanisms.

3. Constant Supervision by the EU

One major plan in the EC’s plan is to make sure that all member states are monitored by them. Monitoring the application and implementation of rules at a national level isn’t enough. The EC will now provide help and support and relevant information to member states to improve implementation.

4. Building a Support and Cooperation Structure for FIUs

The fourth pillar of this new action plan includes offering more support to the financial intelligence units (FIUs) under the new plan. The primary goal of the commission is to improve cross-border information sharing, investigation of potential fraud, streamline the process, and much more. The EC will also take over the management of the tool to improve user-friendliness.

5. Enforcing EU-Level Criminal Law Provisions

This pillar aims to make cross-border criminal investigation easier and more efficient. It encourages sharing of information between FIUs, law enforcement, and the private sector, and enhances public-private partnerships. Further support will be provided when information sharing raises data protection and privacy concerns. 

6. EU’s Global Role

While the new action plan aims to improve the workings of member states, they also aim to be more serious about their global responsibilities. It works closely with the Financial Action Task Force (FATF), and they’ll be guaranteeing that each member state follows the regulations as strongly as possible. 

Final Take: EU’s Money Laundering Action Plan

With these 6 pillars, the EU plans to enhance its overall process of improving safeguards against money laundering and terrorism financing. The commission is also launching several other tools to make the changes and implementation as easy as possible. The EU Commission aims to implement all the changes by the end of 2022.


New EU Anti-Money Laundering Directive

To make the European Union AML regulations and Countering the Financing of Terrorism (AML/CFT) stronger, the European Commission introduced a new EU AML proposal on July 20, 2021. The European Union AML directives consist of four legislative proposals. These proposals, more often known as AML Legislative Package, have been published to streamline compliance processes by creating a harmonious and consistent framework of AML/CFT rules throughout the EU. 

These changes in the EU AML proposal will help you tackle the issues related to the detection of suspicious activities and transactions, and it’ll also eliminate the existing loopholes that criminals exploit. As stated in the EU’s Security Union Strategy for 2020-2025, by enhancing the country’s AML/CFT framework, it is possible to provide Europeans with a chance to protect themselves against fraudulent activities.

Four New Legislative Proposals

1. A New EU AML Authority (AMLA)

The European Union came into the global spotlight after its members launched an investigation into Denmark’s largest bank, Danske Bank which supported suspicious transactions worth 200 billion euros through its small Estonian brand for 8 years. In the past, the EU had to rely on national authorities for the implementation of AML policies in such situations.

To fix this challenge, the formation of a new Anti-Money Laundering Authority (AMLA) has been made the focus of the new AML proposal. The main purpose of AML is to address the current weak points of the AML/CFT regulation within the EU. AMLA will act as the central authority that coordinates between national authorities to ensure that anti-money laundering regulations are applied throughout the country.

2. Single EU Rulebook for AML/CFT

The second proposal suggests the transfer of provisions from AMLD5 to a regulation that is applicable to all the EU Member States. This proposal is included in the process to address the European Commission’s concern while the AMLD4 has widespread application and the directive is currently fragmented. 

Having a single rulebook for AML/CFT will help in creating harmony. For example, it will provide elaborate rules on CDD (Customer Due Diligence), Beneficial Ownership verification, and authority tasks of financial supervisors and FIUs. It’ll help existing centralized bank account registers become interconnected and provide access to law enforcement agencies. This will enhance the fraud investigations and recovery of stolen assets, but will also create transparency in the AML frameworks.

3. Expanding Traceability Requirements on Crypto

When it comes to the crypto industry, AML/CFT rules in the EU are only applicable to specific types of service providers. The fragmentation allows criminals to exploit the loopholes to their advantage. The European Union’s report states:

“The lack of such rules leaves holders of crypto assets exposed to money laundering and financing of terrorism risks, as flows of illicit money can be done through transfers of crypto assets.”

The new European Union Anti Money Laundering proposal aims to bring the cryptocurrency sector under the scope of AML regulations. All the service providers are thus mandated to perform due diligence on their customers. Additionally, anonymous cryptocurrency will be prohibited. These suggestions have been added to ensure complete traceability of cryptocurrency transactions, allowing for timely prevention and detection of money laundering. Due to the initial anonymous nature of cryptocurrencies, they quickly became a hub for money laundering.

4. AMLD6 Revokes AMLD4

The last proposal of AML regulation suggested that the 6th Anti-Money Laundering Directive will annul the current AMLD4. This directive will contain new guidelines that will be transported into the national law, such as the AML rules on national supervisors and FIUs in the member states. 

To put it simply, the new Directive will update the relevant provisions of AMLD4, and add some other amendments to it. The AMLD6 also includes the clarifications on the powers and tasks of FIUs and financial supervisors, entities that manage UBO information, the introduction of new tools to streamline risk-based supervision, and cross-border interconnection of bank account registers, and so on. All these amendments are considered vital for European Commission to tackle money laundering and terrorism funding.

Future of AML Regulations

The new EU AML proposal will be discussed by the European Parliament and council. The consultation period is set to end on 7th October 2021. 

Once the directive has been finalized, and the new AML framework has been approved, the AMLA is expected to become functional in 2024.  


Best AML Compliance Rules for Fraud Prevention

Money laundering schemes are almost impossible to detect if a financial institution doesn’t have a proper anti-money laundering compliance regulations program. Money launderers leverage internal systems of businesses like FinTechs, banks, insurance companies, cryptocurrency dealers, gaming platforms, casinos, and other financial institutions to move illegal money around to make the money look legit. The flow of money laundering can be disrupted following AML compliance rules.

The primary goal of anti-money laundering rules is to uncover abnormal patterns between millions of transaction data, generated every day with financial accounts. By implementing regulations that have been outlined by AML laws in the Bank Secrecy Act (BSA) and the USA Patriot Act, financial institutions and related service providers can help regulatory bodies and federal law enforcement agencies and prevent the flow of money laundering. In this article, we’ll discuss the top 10 AML rules for compliance programs.

What AML Compliance Rules Do I Need to Consider?

While building a successful AML compliance rule program, firms need to meet a minimum standard set forth by the federal government. If a financial institution, does not meet these standards, government agencies such as:

  • Financial Crimes Enforcement Network (FinCEN)
  • Financial Action Task Force (FATF)
  • Financial Industry Regulation Authority (FINRA)

If financial institutions fail to follow through on the rules and regulations, these agencies can fine the institutions.

Compliance teams need to make sure that all the regulations apply to a financial institution and its specific business type and locality. Businesses need to develop proper methods and internal controls, including risk assessment and customer identification programs, to fulfill the due diligence requirements.

Anti-Money Laundering Rules for Compliance Program

Complying with anti-money laundering rules can be challenging for businesses of all scales. As all businesses have different risk factors and appropriate thresholds. However, there are some basic rules that every financial institution needs to follow. 

Below, we have mentioned 10 rules for anti-money laundering compliance programs, and these rules are the first point in building a successful compliance program.

1. Structuring Over Time

Structuring is a money-laundering activity that involves splitting the transactions into multiple smaller transactions to avoid reporting requirements. This rule should detect an excessive proportion of transactions below the reporting limit. Financial institutions are required to report transactions over $10,000, so banks need to look for transactions that are just below $10,000.

2. Profile Change Before a Large Transaction

This rule is for identifying instances where customers make profile changes to PII (personally identifiable information) shortly after making a huge transaction. This often signifies account takeover or potential “transaction layering” activity to obscure the path of the funds.

3. Suspicious User Financial Behavior

Another common rule for anti-money laundering is keeping track of suspicious financial behavior. Financial institutions should look forward to identifying transactions that are different from an individual’s usual spending behavior. You should also look for behaviors that are not common for a financial party’s financial profile. 

4. Increase in Transaction Volume/Value

This rule for anti-money laundering should help in identifying parties with high pay-out transaction volumes or a significant increase in the value of a party’s outgoing transactions compared to their recent average.

A rule like this is perfect for a P2P payment network with the capability to withdraw funds to an external account. The rule should filter out entities that have their bank accounts for a short amount of time and parties with a low balance and low outgoing transaction value over the relevant time window.

5. Circulation of Funds

Circulation of funds happens when individuals pay themselves using different accounts. This rule should detect situations where:

  • The party deposits casino checks
  • Purchase of bank drafts that are used at casinos
  • Casino checks whose memo indicates that the funds aren’t the result of casino winnings

This rule should also look for transfers between parties that have the same IP address.

6. Excessive Flow-Through Activity

This rule for anti-money laundering should help in identifying parties where the total value of the credit is similar to the total value of debits in a short period. A rule like this should be perfect for a financial service that offers a collection of funds where there won’t be comparable spend activity.

7. Low Number of Buyers

For platforms that see several buyers, interacting with a single seller, the rule should detect merchants that only receive from limited buyers. This can help regulatory bodies uncover collusion and circulation of funds. This rule for anti-money laundering should only look for accounts older than a specific time period.

8. Low Communication Between Buyers and Sellers

Platforms that keep track of the frequency of communication between buyers and sellers on the service, this rule can also identify merchants with high earnings but very few sent messages, which can indicate money laundering instead of normal business activities. 

9. High-Risk Jurisdiction

This rule for anti-money laundering compliance relies on geographic-based risk factors for countries and regions where money laundering is common. Some examples of risk categories include high banking secrecy, high financial crime, high drug trafficking, and known tax-evading countries. 

It’s important to keep this AML program rule updated based on the latest information. For example, in June 2021, the FATF updated its list of the geographical locations under monitoring to also include Haiti, Malta, the Philippines, and South Sudan. Ghana was removed from the list after new information. 

10. Anonymous Source of Funds

The last AML Program rule should look out for situations where the party sends funds into decentralized exchanges and then extracts the funds, which is used to anonymize the funds. 

It can also help in identifying when the party converts the currency into gaming tokens and then withdraws them for money laundering purposes.


Digital Banking and AML Regulatory Compliance

As banks and financial institutions try to embrace advancements in financial technology, the digital banking sector has grown exponentially. The pace of digitization of banking systems has been reinforced by the covid-19 pandemic. Out of all bank customer onboarding in 2020, almost 65% of them were done with online methods. Unfortunately, as digital banking services become more meticulous, so do the criminals trying to find a way into banking systems.

In a changing and growing financial sector, firms need to prioritize compliance for their digital banking sectors and they need to make sure that they can detect and prevent money laundering and terrorist funding, and other financial activities. Banks and financial institutions need to continue to deliver regulatory compliance.

Digital Banking AML Regulation

Digital banking service providers are now facing both the traditional money laundering risks and other risks that have become possible due to technological advancements in the banking sector. Those risks may be the reason for new methodologies such as phishing scams, malicious software, virtual currencies to launder money with new digital banking systems. Digital banking services are popular with money launderers because of the anonymity offered by the digital banking systems.

Global financing authorities are quickly trying to handle these threats and fill in the gap in regulations, by focusing on improving digital banking services. In the United States, the Financial Crimes Enforcement Network (FinCEN) has issued a set of rules and guidelines for organizations dealing with virtual currencies. Europe’s 5th Anti-Money Laundering regulations are a set of regulations for digital financial sectors and cryptocurrency service providers. Similar to that, the Financial Action Task Force (FATF) has also released its guidance on digital identification and compliance with KYC and AML regulations.

How to Comply with AML Regulation in Digital Banking?

Banks and financial institutions need to make sure that they offer digital services in compliance with AML to reduce the risks of money laundering. Under FATF policies, most financial organizations need to follow a risk-based approach to fight AML. They need to implement an internal compliance program:

  • Customer Due Diligence (CDD): Financial institutions need to set up CDD measures to verify the identities of their digital banking customers. Under the risk-based approach, customers that come under a higher risk of money laundering should be verified with proper due diligence measures.
  • Monitoring Measures: Banks and Financial institutions will need to set up measures to monitor suspicious customer activities during digital transactions. Suspicious activities can include unusual transactions, transactions over the usual limit, or regular transactions with high-risk countries. 
  • PEP List Screening: Screening and monitoring potential customers on PEP (politically exposed persons), international sanction lists, and customer involvement in adverse media stories. Any of these can be enough to deem the customer as a potential risk.

Some rules and regulations require financial institutions to get licenses for certain digital services such as cryptocurrency exchange or features like digital wallets. FATF policies also require organizations to train their employees and appoint a compliance officer to go over all the AML programs.

Digital Banking AML Measures

To manage the new money laundering and digital banking risks, banks and financial institutions need to take new approaches to keep up with regulatory compliance. Firms need to change the way they collect and verify customer data. The most effective factors of a digital AML solution includes:

  • Digital Identification: Digital ID systems include biometric verification such as fingerprints and retinal scans. Combine that with fully equipped smartphones, both the customers and banks may use those systems for customer onboarding. Digital identities can support more accurate and efficient CDD during onboarding and throughout the business relationship. Technologies such as DIRO’s online document verification technology can verify customers online by verifying documents such as bank statements, address proof, and utility bills. DIRO’s document verification tech can verify documents instantly thus improving the overall digital onboarding process.
  • Artificial Intelligence: AI technology offers a wide range of opportunities for firms to improve their AML and KYC compliance. AI can help in prioritizing data collection and transaction monitoring. AI-based technologies can also improve the detection of red flags during online transactions and reduce the time and efforts banks spend on detecting suspicious activities manually.
  • Blockchain: As cryptocurrency is slowly growing, blockchain technology is also becoming more common among banking institutions. Blockchain is a public distributed ledger and blockchain allows firms to record and verify transactions. The technology could be used to store and encrypt customer information as a secure block of information. The use of blockchain technology within AML regulations would help fight the challenges associated with digital banking.

Integrating Technologies for Smoother AML Compliance

Managing customer data and following compliance in the era of digital banking means leaving the traditional AML rules behind. Embracing smart technologies for verification and automation for a better customer experience. 

The utilization of DIRO’s document verification technology can offer real-time document verification with 100% of proof of authentication. DIRO’s online document verification technology can verify:

  • Bank statements
  • Bank account holder information
  • Proof of address
  • Insurance information
  • Utility bills
  • Student records & many more.

By employing instant online document verification technology, banks, financial institutions, and FinTechs can improve their digital banking methods. 


Global Anti Money Laundering Regulations: New AML/CTF Laws & Regulations in European Union

The United Nations Office on Drugs & Crime reports that the estimated amount of money laundered annually is 2-5% of the global GDP. To put that in number, the losses due to money laundering are $800 billion – $2 trillion. Following the Anti-Money Laundering Act 2020 being signed into law in the US, the EU and its member states are enacting the same legislation to combat money laundering and terrorist funding. In this article, we will go over the requirements for banks and financial institutions to conduct identity checks for money laundering and terrorist financing and the Know Your Customer process.

Identity Checks for Money Laundering & Fraud Prevention in EU

Identity checks are crucial for banks and financial institutions to screen for money laundering, fraud and uncover illegal financial activities. KYC (Know Your Customer) is the process of verifying a customer’s identity to ensure the customer provides personally identifiable information. KYC is also needed to understand the past financial behavior of customers with previous institutions or other money service providers. 

The Know Your Customer regulation helps in ensuring that the financial institution’s services aren’t misused for money laundering. Compliance with KYC ensures that customers with a suspicious financial background aren’t approved for an account at the bank or other institutions.

KYC Obligations in the EU 

There is a major push to develop identity documents across the EU because most Member States have their own independent regulations regarding KYC and ID verification.

ID Tampering & Fraud: Security Features & Common Criminal Typologies

One of the biggest challenges with identity document verification is forgery and document tampering. EU passports, national IDs, and other identity documents are targets for regular ID thieves and criminals. A strong AML compliance program includes ID tampering and fraud prevention strategies. 

Regulators and law enforcement authorities face threats every day such as:

  • Falsification of documents by overprint
  • Adding a laser-engraved personalization
  • Simulating optical variable devices (OVD)
  • Grinding to access the core of a document
  • Facial spoofing during remote eKYC activities

Common methods used in document tampering are:

  • Scratching
  • Dissolving
  • Cutting
  • Opening using heat, solvents, and tools

It is crucial for banks and financial institutions to keep their eye out for these threats and illegal activities during KYC verification processes. Banks and other institutions should focus on detecting the fraudsters in the manual and remote onboarding process.

eKYC Challenges That Banks Face

eKYC comes with a number of challenges not just in the sense of applying numerous regulations and obligations from regulators and preventing tampering of ID cards. Banks have to be able to use anti-fraud technology such as liveness detection to prevent bad actors before they access the bank’s resources for their gain. 

Ever since the beginning of the Covid-19 Pandemic, banks had to switch to digital technologies. Banks all over the world are now facing challenges with online financial services.

Anti-Money Laundering & Counter-Terrorist Financing Laws and Regulations in EU

The European Union has forced a number of regulations and laws in the past two years including:

  • Sixth Anti-Money Laundering Directive (AMLD6)
  • Markets in Crypto Assets Regulation (MICA)
  • Second Payment Services Directives (PSD2)
  • General Data Protection Regulations (GDPR)

According to industry experts, financial institutions and authorities do even more in their fight against money laundering and terrorist financing. The aim should be to close gaps and loopholes in the current legislation, clarifying regulatory details and toughening criminal penalties across the EU.

The new directive brought better insights and clarification and transparency in regards to some areas:

  • List of offense
  • Money laundering
  • Scope expanded
  • Stricter persecution and punishment (4-year sentences instead of 1 year)

According to some experts, the EU Second Payment Services Directive is bringing in change and innovation in the online payment industry. The directive consists of two main elements of popular importance for e-commerce merchants: strong customer authentication and the emergence of two types of new regulated payment providers. Privacy and customer experience are among the most critical aspects that push new bank customers to complete the onboarding process.

General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR) is a number of directives for the European Union (EU) that enhance the protection of the personal data of EU citizens. It also requires companies to comply with the latest rules and regulations that enhance the data privacy and security of every individual within the EU. These rules are strict and include many rules that increase the rights of data subjects. 

Three concepts are important under the GDPR:

  • Consent
  • Security
  • Legitimate interest

Five Ways to Tackle the Growing Money Laundering Problem

Banks, financial institutions, and other organizations face countless challenges every day to keep their business secure from fraud. Keeping track of all the anti-money laundering regulations and making use of the latest and efficient technology to tackle the money laundering problem can be tough. This is basically an endless battle against fraudsters who try to acquire funds using illicit methods and banks need to learn how to combat money laundering. 

All that a fraudster needs is one bank system to stop paying attention and they gain a new portal to launder money. A single banking institution’s mistake can have a huge impact on the global economy, in a particular industry or the money could be used to fund terrorist activities. All major regulatory bodies like the FinCEN, need to keep updating their regulations to be able to fight the money laundering situation from growing and so that banks and other financial entities can service ways to combat money laundering.  

There are several things that banks and other FinTechs can do to tackle money laundering. Following the ways to combat money laundering to the last point can reduce the chances of online fraud by tenfold.

How Technology Can Stop Money Laundering

1. Improve Searches By Utilizing Technology

The growth in technology can be utilized for providing fake information such as bank statements, wrong proof of address to trick banks. It is becoming increasingly difficult for organizations to filter between potential threats and false positives. 

If a bank or any other financial institution wants to protect their current customers, they need to look at their past mistakes and set up countermeasures for future mistakes. If institutions can reduce the count of false positives, they can expand their scope of fighting money laundering and other kinds of online fraud. 

Using machine learning and AI-based technologies to conduct searches at regular intervals can reduce the burden on AML officials. AI and Machine Learning technologies can help in finding out some false positives while searching through the database. You can even strengthen your process by AI searching on a broader scale and your manual team focused on one specific location. This combination of technology and manpower is one of the answers on how to combat money laundering with the use of technology.

2. Have Regular Cross Communication

Multiple organizations have a quarterly or half-yearly round table meeting with state and local law enforcement and other banks in the area to discuss all the latest trends and how to fight money laundering problem. The primary goal of these meet-ups is to stay up to date on all the methods of fighting fraud that can risk the security of customer data in any way. 

By staying connected to each other, law enforcement can inform banks about the latest schemes opted by fraudsters to trick organizations. While a lot of banks have systems in place that allow them to stay on top of all the new schemes used by fraudsters, this alliance can be really helpful in curbing money laundering activities. 

By having constant meetings, banks and law enforcement can keep each other on top of all the new trends/schemes. Verify any suspicious activities and enhance the business-law relationship. All this is one strong step in keeping customer’s information safe and making sure no one acquires money using illegal methods. While this isn’t the answer to how technology can stop money laundering, it is still an effective method of making sure the fraudsters don’t operate freely.

3. Use Data Analytics to Find Patterns

Making use of data analytics is one of the best methods of fighting money laundering practices. Data analytics helps banks and financial organizations understand the pattern in recurring money laundering or online fraud activities. There can be a pattern like a specific geographical location origin, specific product/service type, and a specific job occupation type. 

Once the AML officials recognize such patterns, they can develop countermeasures or special strategies that can reduce potential risks. The objective of using data analytics is to analyze a customer in “real-time” and reduce the risk for banks before anything happens. Money launderers need less than a week to place the money in the bank and after that, the money is gone, so is the person who deposited it. 

Data analytics deem people with multiple PINs or people with connections to tax frauds as potential threats. Knowing this information during the customer onboarding process can help banks prepare for fraud and learn how to deal with money laundering problems.

4. One Standard System All Across The Institution

 Like any other industry, banks also grow themselves by acquiring their rivals. Constant acquisitions lead to a wide network of different computer systems, different bookkeeping types, and other differences. 

Some divisions may use spreadsheets, some may use ledgers, and this difference in the system can benefit those who are looking for a weakness in the system for fraudulent activities. That’s not all, this can also lead to information breach, customer information loss, and loss in working efficiency. 

This is one of the reasons why all industries are moving towards a complete digital working environment. The growth of the cloud industry can support huge organizations running on digital technology, this also improves the privacy of data.

5. Training Against Fraud Is Crucial

Almost every bank or financial institution has a team of AML officials that ensures finding and getting rid of any suspicious activity. To be able to do that, AML officials need to know what to look out for. That’s why proper training is needed to detect fraud and report it to the right authorities.

Training the staff that’s your first countermeasure against money laundering is crucial. Let’s say some cyber attacker is using an account of a deceased person to launder money, if your staff doesn’t know what anomalies to look out for, this activity would go unnoticed. Training the front-end staff on what they need to notice is one of the best methods to fight money laundering problem and comply with AML regulations.

DIRO’s Assistance to Banks for Fulfilling AML Regulations

DIRO’s award-winning document verification technology aims to weed out fake or fabricated documents. Banks, financial institutions, and FinTechs can use DIRO’s instant document verification technology to verify documents submitted during the KYC and AML Compliance process. 

The technology instantly verifies the document against the original document on any third-party web source. It even provides strong proof of authentic documents that can be used as original documents. DIRO places the document on the blockchain which makes sure the information is provable and unable to temper with. Using the technology, banks can improve the overall customer onboarding process by reducing friction and also reducing the risk for money laundering and other types of online frauds. The utilization of DIRO’s document verification technology is one example of how technology can stop money laundering.