Anti-money laundering software

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Anti-money laundering software (AML software) is software used in the finance and legal industries to help companies comply with the legal requirements for financial institutions and other regulated entities to prevent or report money laundering activities. The digital design facilitates faster and more accurate compliance and investigations.[1]


Anti-money laundering guidelines came into prominence globally after the September 11, 2001 attacks and the subsequent enactment of the Patriot Act in the United States and the establishment of the Financial Action Task Force on Money Laundering (FATF). By 2010 many jurisdictions globally required financial institutions to monitor, investigate and report transactions of a suspicious nature to the financial intelligence unit in their respective country.

The UK introduced The Terrorism Act in 2000, subsequently amended by the Anti-Terrorism, Crime and Security Act 2001, the Terrorism Act 2006 and the Terrorism Act 2000 and Proceeds of Crime Act 2002 (Amendment) Regulations 2007). The Terrorism Act imposes counter financing of terrorism obligations on banks and financial institutions, which also include customer due diligence, transaction monitoring and reporting obligations.

The UK introduced the Proceeds of Crime Act (POCA) in 2002 as the UK's primary AML regulation focusing on money laundering offenses. POCA defines the offenses that constitute money laundering. Under POCA, banks and financial institutions must put appropriate AML controls in place to detect money laundering activities.

The UK's Financial Conduct Authority (FCA), established in 2012, is the UK's main financial services regulator with authority over banks, building societies, credit unions and other regulated sectors. The FCA's purpose is to maintain the safety of the UK's financial system and its financial institutions. Financial institutions in the UK must register with the FCA who oversees compliance with AML regulations.

Her Majesty's Revenue and Customs (HMRC) issues guidance on anti-money laundering in the UK, sharing money laundering offense investigative responsibilities with the FCA. AML guidance includes compliance requirements for customer due diligence, transaction monitoring, and issuing anti-money laundering policy.

The UK instituted further AML Regulations in 2017. Beyond POCA and the Terrorism Act, the next most important AML/CFT legislation is the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. The MLR 2017 transposes the obligations set out in the EU's 5th AMLD, tightening controls in the private sector and introducing the need for firms to implement a written AML/CFT risk assessment. This led to an entire industry developed around providing AML software to analyze transactions in an attempt to identify transactions or patterns of transactions, called structuring, which requires a SAR filing, or other suspicious patterns that qualify for SAR reporting. Financial institutions faced penalties for failing to properly file CTR and SAR reports, including heavy fines and regulatory restrictions, even to the point of charter revocation.

Some jurisdictions, such as Singapore, require financial institutions to conduct an independent assessment of technology solutions used in anti-money laundering procedures, if such financial institutions allow for non-face-to-face onboarding of customers.[2]


There are four basic types of software addressing AML business requirements:

  • Transaction monitoring systems, which focus on identification of suspicious patterns of transactions which may result in the filing of suspicious activity reports (SARs) or Suspicious Transaction Reports (STRs). Identification of suspicious (as opposed to normal) transactions is part of the KYC requirements.
  • Currency transaction reporting (CTR) systems, which deal with large cash transaction reporting requirements ($10,000 and over in the U.S.)
  • Customer identity management systems which check various negative lists (such as OFAC) and represent an initial and ongoing part of Know your customer (KYC) requirements. Electronic verification can also check against other databases to provide positive confirmation of ID such as (in the UK: electoral roll; the "share" database used by banks and credit agencies; telephone lists; electricity supplier lists; post office delivery database
  • Compliance software to help firms comply with AML regulatory requirements; retain the necessary evidence of compliance; and deliver and record appropriate training of relevant staff. In addition, it should have audit trails of compliance officers activities in particular pertaining to the handling of alerts raised against customer activity.

Transaction monitoring software[edit]

These software applications effectively monitor bank customer transactions on a daily basis and, using customer historical information and account profile, provide a "whole picture" to the bank management. Transaction monitoring can include cash deposits and withdrawals, wire transfers and ACH activity. In the bank circles, these applications are known as "AML software".

Each vendor's software works somewhat differently. Some of the modules which should be present in an AML software are:

  • Know Your Customer (KYC)
  • Entity Resolution
  • Transaction Monitoring
  • Compliance Reporting
  • Alert based case management
  • Investigation Tools
  • Document management to hold the customer related documentation such as account opening package, customer identification documents, etc...
  • Delivery of AML Training
  • Customer due diligence checks, including electronic verification
  • Automated Standard operating procedures e.g. workflow engine/
  • Dissemination of AML policies and procedures

Customer Identity Management Systems[edit]

The definition for Customer Identity Management Systems varies in different regions and jurisdictions. Most vendors include the following features in their solutions:

  • Sanction List Check
  • Politically Exposed Person (PEP) Check
  • Fraud Detection System
  • False Positive Recording
  • Single Scan and Batch Scanning
  • Auditing and Reporting

Machine learning for money laundering detection[edit]

There are solutions based on artificial intelligence, which are characterized by much better efficiency in detecting money laundering, comparing to rule-based approach. Especially, deep neural networks are able to discover complex interdependencies between various activities performed to launder money. This translates into fewer false alarms and more accurate detection. In the near future, transaction monitoring systems will be based on machine learning rather than on rules and scenarios.[3]

See also[edit]


  1. ^ Gao, Shijia; Xu, Dongming; Wang, Huaiqing; Green, Peter (2009-04-03). "Knowledge-based anti-money laundering: A software agent bank application". Journal of Knowledge Management. 13. doi:10.1108/13673270910942709.
  2. ^ Chris Holland, Felicia Marie and Maya Deering. "Non-Face-to-Face-KYC Explained". Holland & Marie. Retrieved 10 August 2019.
  3. ^ Czech, Tomasz. "Deep learning: the next frontier for money laundering detection". Global Banking and Finance Review.