AML controls and procedures are put in place so that companies can operate in the marketplace under the relevant regulatory standards. This is especially notable, and of great importance, in the banking and financial sectors.
Today's regulatory environment is constantly changing and it is important that both major financial institutions and any players in this sector and related industries are aware of the restrictions that may arise from potential penalties for malpractice in their processes and systems.
Many companies lack sufficiently mature policies and processes, and the technology to implement them, and are unable to meet Anti-Money Laundering requirements.
While compliance is already a reality in many companies, not all comply with the specific sets of procedures and best practices that must be implemented to identify and classify legal and operational risks, being money laundering one of the main ones.
AML is the acronym for Anti-Money Laundering. This term is commonly used in the areas related to finance and regulatory compliance to define the standardized processes that companies in these sectors use to prevent their customers, when using their products and services, from laundering money.
Identifying suspicious behaviour is crucial to mitigate the risk of it becoming an illegitimate activity. Establishing concrete AML policies and controls will prevent potential offenders from ever committing a money laundering-related crime.
While this is important in all areas, in the online or remote environment it is of particular importance, as this is the place where companies are most exposed to this type of risk. This has not gone unnoticed by the public authorities, who have regulated accordingly, establishing very specific AML praxis for this scenario.
Concealing the illicit origin of income is, due to identity fraud, a practice that occurs on more occasions than we imagine. Thus, AML has a great ally, the KYC process, as an essential control in any money laundering prevention strategy.
AML (Anti Money Laundering), as a concept, is closely related to others that support it or are a fundamental part of the controls carried out:
The main way for criminals to launder money is through identity fraud. KYC and AML, together, came to solve this problem. The KYC (Know Your Customer) process consists of a series of steps to verify a customer's identity.
Corroborating that a person who wishes to open a bank account, take out insurance or make investments is who he/she says he/she is, and establishing an exhaustive process to verify their identity before allowing the customer to operate, is the AML control par excellence and the one alluded to in all AML regulations. Identity verification makes it possible, today, to open a bank account in minutes instead of days or weeks if the proper standards are met.
Due Diligence, or Due Diligence, is the concept used to refer to the set of investigations that are carried out on a natural or legal person before entering into a contractual relationship or carrying out any type of joint operation.
Although it is a term generally used to refer to a company's purchasing process, it is also used to work with suppliers. It is closely related to KYB (Know Your Business).
Similarly, and now fully related to AML and KYC, when the term is used as CDD (Client Due Diligence) it does act as a synonym for KYC and AML controls. As part of AML controls, the background check is one of the most common practices within all controls to prevent money laundering and is often associated with CDD.
In general, businesses and institutions that are subject to AML regulations and must establish procedures to comply with them have two options available to them for carrying out checks and verifications:
RegTech, Regulation Technology, is the union between cutting-edge technological solutions for the digitization of processes and compliance with the legal and regulatory framework by businesses and organizations.
Technology has been able to completely eliminate the bureaucracy of having to carry out complex controls to comply with the laws that affect the activity of companies and the frictions that these caused in the processes and operations.
Process automation has come to AML in full force, both to eliminate mechanical and bureaucratic tasks and to create new ways of performing previously unthinkable AML controls. Here are just a few examples out of hundreds that could be cited:
Digitizing the fraud prevention strategy and anti-money laundering controls is, today, an imperative that the financial sector is aware of. As a result, and thanks to the rise of RegTech and Fintech, the sector can grow while offering the best frictionless experience to its customers.
AML4 (or 4AMLD, Fourth Anti-Money Laundering Directive), passed in 2015, started the way by establishing very concrete assessment guidelines for risks in the legal, banking, financial and related industries, addressing guidelines for conducting AML processes internationally. In other words, thanks to AML4 a company from one particular country can operate in another if it complies with the relevant standards.
However, it was not until AML5 came into force (2018), and with effective enforcement from 2020, that a single space was created, together with eIDAS (electronic IDentification, Authentication and trust Services) in which companies can operate securely, confidently and fully digitally and remotely. These standards regulate identity verification and the onboarding process in many sectors, with very specific technical standards that must be met.
AML5, or 5AMLD, introduces the obligation of secure and certified identification of account holders in companies in the financial, banking, insurance, investment and related sectors. Thus, it expands the subjects obliged to comply with AML and incorporates e-wallet services, art dealers or cryptocurrency trading platforms. Not adapting to AML was no longer an option.
Just a few months later, at the end of October 2018, AML6 was approved, an update to the AML rules contained in 5AMLD and to which companies must have adapted by June 3, 2021. Otherwise, they are at serious risk of being sanctioned, and is that, one of the major introductions of the new AML6 directive focuses on the corporate responsibility of companies.
This latest amendment makes legal entities liable for the possible "lack of supervision or control" since they are in a leading position. Because of this, companies must have a decided AML strategy and their own tools in place to execute it in order to operate in the market safely. In all states, the laws clearly indicate how to proceed and what controls must be in place regarding AML.
In any case, Anti-Money Laundering regulations should not be seen as a blockage or difficulty, but as an opportunity. Thanks, for example, to AML6, any company can offer its products and services without additional investment to 508 million consumers in an agile and secure way. The standardization of customer onboarding is driving the growth of hundreds of businesses and facilitating their expansion into other markets where they would otherwise not have been able to operate.
Leaving aside laws that affect several countries (such as the views that affect the entire European Union), each state regulates on its own by creating laws for the prevention of money laundering and terrorist financing. In EU member states, these laws are linked to AML5, although some even legislate further.
Leaving aside the European continent, as we have been saying, each country has its own laws in this area and it is usually the central banks that set the guidelines to be followed. It is important to have a RegTech partner to advise the legal and compliance departments of companies on how to comply with AML regulations in the country in which the business operates and establish processes to adapt to them.