Guidance on Anti-Money Laundering (AML) in Banking and Finance for 2021

Anti-money laundering (AML) policies are put in place to deter criminals from integrating illicit funds into the financial system. Money laundering schemes are used to conceal the source and possession of money obtained through illegal activities, such as drug trafficking and terrorism. Banks and other financial institutions are legally obligated to follow AML regulations to ensure that they do not support money laundering activities.

How Does Money Laundering Happen in Banking?

Money laundering is the process of making illegally obtained funds (“dirty money”) appear legal. The illegal funds are first introduced into the legitimate financial system to hide their real source. The dirty money is often moved around to create confusion through wire transfers to numerous accounts. Money launderers also deposit cash in small increments or sneak money into foreign countries to avoid suspicion.

Through these multiple transactions, the dirty money appears clean and is integrated into the financial system. Criminals can withdraw the laundered money from legitimate accounts and use it to finance organized crime, drug trafficking, human trafficking or terrorism.

AML is a set of regulations, laws and procedures that detect and prevent criminals from disguising illegal funds as legitimate income. AML policies help banks and financial institutions combat financial crimes.

AML regulations require banks to collect customer information, monitor and screen their transactions and report suspicious activity to financial regulatory authorities. Additionally, the AML holding period requires deposits to remain in an account for at least five trading days. Banks can use this holding period to help in anti-money laundering and risk management.

Why Is AML Important to the Banking Industry?

Banks are among the largest institutions in the field of finance. Since banks worldwide mediate millions of transactions throughout the day, these institutions are at a higher risk of financial crimes. And in fact, criminal organizations often carry out their money laundering activities through banks and other financial institutions.

Banks must identify the risks by fulfilling their AML obligations and taking necessary precautions. The AML process is critical for the financial and reputational standing of banks. Auditors and regulators legally require this process.

In addition, the technological shift in financial infrastructure and the rise of online payments has increased the demand for more rigorous customer identity protection. In response to new and more stringent directives, banks and financial institutions adopt emerging trends in AI-based AML solutions to handle AML compliance with greater efficiency.

How Does AML Work in Banking?

There are four key areas banks must address with their anti-money laundering compliance program:

  • Know Your Customer (KYC)
  • Customer due diligence (CDD)
  • Customer and transaction screening
  • Suspicious activity reporting

Know Your Customer

Know Your Customer (KYC) involves identifying and verifying a customer’s identity when they open a bank account. Mandatory for banks, KYC is the first critical step in an AML program.

In the KYC procedure, banks collect customer information and check its accuracy. Banks make sure that a customer’s digital identity matches their real-world identity, proving they are who they say they are.

This process can be done using ID document verification, face verification and proof of address (bills or bank statements). An identity verification solution can help you meet your KYC obligations while delivering protection for your business and convenience to your customers.

Customer Due Diligence

Banks implement a control process called customer due diligence (CDD), through which relevant information of a customer’s profile is collected and assessed for potential money laundering or terrorist financing risk. Although CDD procedures vary from country to country, there is only one goal: to detect risks.

After the KYC control process, banks apply risk assessment to their new customers. Customer information is checked and screened against several online databases, including politically exposed persons (PEPs), government records, watchlists and sanctions screening.

The people included in these lists carry high risks for money laundering and terrorist financing. In banks that provide global services, a customer’s nationality and record of financial transactions can also affect a customer’s risk rating.

Customer and Transaction Screening

Banks and financial institutions generally have a broad customer portfolio. The transactions mediated by these banks are not limited to their own customers. For instance, one customer of a bank can transfer money or make payments to another bank’s customer. Throughout the day, an average-sized bank mediates thousands of money transfers.

Banks are obligated to monitor and control the people involved in money transfer transactions. It is a major crime for a bank to mediate payments sent to a sanctioned or banned person.

The consequences of the crimes brought about by the uncontrolled transaction between the sender and the receiver include severe administrative fines. The banks could also lose their credibility and good reputation.

Banks and financial institutions must monitor all customer deposits and other transactions to ensure they are not part of a money laundering scheme. This includes verifying the origin of large sums of money and reporting cash transactions exceeding $10,000.

With today’s technology, manual money laundering controls are outdated and inefficient. Banks need an automated transaction screening process to carry out customer transactions per AML policies.

Suspicious Activity Reporting

Money laundering investigations by law enforcement agencies often involve scrutinizing financial records for suspicious activity or inconsistency. In the current regulatory environment, extensive records are kept on every significant financial transaction to help law enforcement trace a crime to its perpetrators. It’s critical for banks to have an immutable audit trail that regulators can trust. But it’s also important that compliance analysts at financial institutions can easily investigate and close cases quickly and efficiently.

What Does an AML Compliance Program Require?

Banks must create an effective AML compliance program that meets the regulatory requirements and manages money laundering risks. Failures in the AML compliance program can result in banks being punished by the regulators.

AML compliance programs consist of all controls and directives applied to ensure banks meet obligations and are protected against regulatory penalties. An effective AML compliance program includes several key features as described below.

Why KYC Isn’t Enough

A Guide to Fighting Fraud and Financial Crime from Onboarding to Ongoing Monitoring

Risk-Based Approach

Customers have different financial circumstances and risks. Banks are obligated to apply a risk-based approach in customer account opening processes and perform a risk assessment with KYC and CDD procedures. Banks must also control their customers’ transactions based on their risk levels.

A risk-based approach is an essential element of an effective AML compliance program. Banks must implement AML responses that are specific and proportional to the criminal risks they face.

Identity Verification

A crucial component of risk-based AML compliance is identity verification. Banks must know the customer they are dealing with and ensure the customer is who they say they are.

An AML compliance program should prioritize identity verification through customer due diligence procedures and enhanced due diligence (EDD) measures for higher-risk customers. General information to be collected includes the following:

  • The customer’s personal information, including full name and any aliases, residential and mailing addresses, specimen signature and place and date of birth
  • Beneficial ownership of a business or company where the owner is not the client or customer
  • The nature of the business in which the customer is involved

PEP Status

Banks must establish whether a customer is a politically exposed person (PEP). Because of their positions, PEPs are at a higher risk of being involved in money laundering.

Clients who are PEPs are subject to enhanced due diligence measures. A bank’s AML compliance program should feature PEP screening during onboarding and throughout the business relationship to detect any status changes.

Sanctions Screening

Banks must also ensure that they do not do business with individuals, companies or countries included in international sanctions lists. A bank’s AML compliance program should include a sanctions screening process that takes all relevant lists into account, including those lists issued by national and international authorities. For example, banks in the United States must screen customers against the U.S. Office of Foreign Assets Control (OFAC) sanctions list.

Transaction Monitoring

AML compliance programs must monitor customer transactions for suspicious activities and evaluate their client’s risk profiles. Transaction monitoring should detect the following:

  • Transactions above regulatory thresholds
  • Unusual transaction patterns
  • Transactions involving unexpectedly high amounts or a large volume of transactions
  • Transactions with PEPs or with sanctioned individuals
  • Transactions with high-risk countries
  • Adverse media stories involving customers

Suspicious Activity Reports

AML compliance programs should include the process of submitting a suspicious activity report (SAR) to financial authorities if potential money laundering is observed. The submission process of SAR should be straightforward and inclusive of input from senior management.

Record Keeping

The record-keeping practice is essential at every stage of the AML process. Banks must evaluate financial risks based on their customer records.

A bank’s AML compliance program should cover the need for effective record keeping and documentation from onboarding to monitoring, screening and submission of SARs.

AML Training

Bank employees should undergo AML training to remain capable of identifying suspicious transactions for potential money laundering or terrorist financing. The bank’s policies should also include ongoing AML training, keeping employees well-informed to adapt to new legislation and emerging trends in criminal methodologies.

AML Compliance Officer

Banks and other financial institutions are required to appoint a compliance officer that provides oversight for the AML compliance program and acts as a liaison for the financial authorities. The AML compliance officer should be a senior employee with the expertise and authority to carry out their role effectively.

How Do AML Policies Affect Financial Institutions?

Financial institutions are held to high standards when it comes to following procedures that identify money laundering. Employees are trained to detect and monitor suspicious customer transactions. Transactions and processes are recorded extensively to help law enforcement agencies trace the financial crimes back to the source.

Although financial institutions are legally obligated to follow anti-money laundering regulations, not all institutions agree with them. Many institutions believe that implementing policies is costly, time-consuming, ineffective and not worth the money.

But in recent years, audits made by regulators to organizations have increased. Organizations that did not comply with their AML obligations paid hefty administrative fines.

In 2018, a total of $4.27 billion in penalties were imposed on organizations that failed to comply with AML regulations. The penalty amount nearly doubled in 2019 to $8.14 billion. And the AML penalties paid in 2020 were over $10 billion.

Aside from facing steep administrative penalties, organizations that do not meet AML compliance can damage their reputation and lose customers. The financial institution’s image is affected once it has been associated with corrupt individuals or businesses.

What are the Latest AML Regulations?

AML regulations are constantly changing to keep up with money laundering trends. Over the last 50 years the Bank Secrecy Act has continually evolved in the United States. And with the recent surge in crypto, new AML laws are being written to prevent virtual currency from being used for financial crime. Here are some of the latest changes in regulations around the world:

  • The European Union’s Sixth Anti-Money Laundering Directive (6AMLD) broadens the definition of money laundering, allows criminal prosecution of any legal person including businesses, increases prison time and penalties and more.
  • The AML 2020 Act is the most extensive reform to the U.S. AML regulations since the Patriot Act almost two decades ago. Among other changes, it includes language designed to eliminate anonymous holding companies (“shell companies”) and expand its definitions to include antiquities traders and virtual currencies.
  • Singapore has offered new guidance on AML that takes aim at digital currency businesses and other virtual asset service providers (VASPs).
  • South Korea also passed new AML rules for digital currency companies.

What is the Best AML Compliance Solution?

Jumio supports banks’ AML compliance programs on a global scale. Our identity verification, watchlist screening, transaction monitoring and case management solutions strictly adhere to the most comprehensive regulations. We can help your organization improve account opening conversions and speed up real-time onboarding while meeting stringent AML requirements and screening obligations. Jumio provides everything you need to meet your regulatory obligations while streamlining the process for your compliance teams as well as your customers.

Identity Verification

Jumio enables you to fulfill your KYC compliance requirements with our accurate, real-time online identity-proofing solutions. We have helped banks and financial institutions accurately establish, maintain and reassert trust from account opening through the entire customer lifecycle. We pioneered the ID + selfie approach to identity verification, leveraging 10 years of real-world production data and hundreds of millions of domain-specific data points. You can easily embed our automated solutions within the online account setup and onboarding process. We make it easy for you to verify customers across different countries, languages, ID types and devices.

Watchlist Screening

Jumio’s AI-powered screening solution can assess your customers’ risk factors and verify that they are not on any watchlists. Our automated database pings include government watchlists and sanctions to identify AML risks and fraud faster. You can decide which lists to screen against, including global or regional sanctions, PEPs and adverse media.

Transaction Monitoring

Jumio’s transaction monitoring solution streamlines regulatory compliance. It allows you to detect suspicious activity and leverage external data sources. You can securely send us your customers’ accounts, transactions, payment methods and other relevant data. Our library of expert-built AML rules and advanced machine learning platform result in superior detection of suspicious financial activity with a lot fewer false positives.

Case Management and Reporting

Jumio’s investigation manager lets you quickly review issues, perform thorough investigations, document findings, make recommendations, advance through workflows, perform regulatory filings, and resolve or close cases. By making investigations faster and easier, banks and other financial institutions increase compliance while reducing costs.

The investigation manager also eases the burden of regulatory filings, including SARs. We provide fully automated suspicious activity reporting that you can electronically submit to regulators on the days and times you specify.

Let a Jumio expert show you how easy it can be to integrate our automated AML solutions into your compliance program. Contact us here, and we will be in touch shortly.