Share to FacebookShare to TwitterShare to LinkedIn

What is anti-money laundering? A guide to getting started

A strong AML program is necessary for any bank and financial institution. Learn why AML matters and how organizations can prevent money laundering.

August 12, 2021

Jennifer Lowe
Jennifer Lowe

Jennifer is a writer at Plaid, covering lending and payroll. She believes in the potential of new financial services to enable greater financial access.

Introduction

Having and implementing a strong AML program is critical for the financial security of banks and other financial institutions (such as credit unions, investment companies, and certain other financial services companies). More broadly, AML obligations are necessary to help countries around the world maintain economic security and protect against potential terrorism. However, navigating AML requirements can be challenging. In this article, we’ll cover basic AML requirements in the U.S. and how financial institutions can prevent money laundering.

What is anti-money laundering?

Anti-money laundering (AML) is a system of policies, laws, and regulations for preventing, detecting, and reporting money-laundering activities and terrorism financing. To comply with  AML obligations, financial institutions must monitor their customers' transactions and report suspicious financial activities.

In theory, AML applies only to a limited number of transactions and criminal behaviors. But, in practice, it impacts nearly every aspect of a financial institution’s relationships with its customers. It’s the institution’s responsibility to detect and prevent illicit transactions, which can lead to many requirements for customers to follow.

What is the history of anti-money laundering?

Anti-money laundering first rose to prominence in 1989 when countries and organizations around the world formed the Financial Action Task Force (FATF) to combat money laundering. In response to the 9/11 terrorist attacks, FATF expanded its mission to include preventing terrorist financing. 

The term “laundering” alludes to the Mafia’s 1920s practice of moving money through laundromats, which served as fronts for their criminal businesses. It also references the process of making “dirty” money “clean.”

In 1989, the FATF was established as a global watchdog against money laundering. Its mission is to create standards and policies that combat money laundering and terrorism financing at both national and international levels. The FATF has developed 40 recommendations on money laundering and 9 special recommendations regarding terrorist financing.

The International Monetary Fund (IMF) is another important organization in the fight against money laundering. Formed in July 1944, the IMF was created to reconstruct the international monetary system after World War II. Today, the IMF works to foster global monetary cooperation, financial stability, international trade, high employment, and sustainable economic growth, and reduce poverty. It also helps ensure that its 190 member countries comply with international standards to fight terrorism financing.

In the United States, the Bank Secrecy Act (BSA), created in 1970, formalized requirements for financial institutions to identify and document the source, volume, and movement of currency deposited into those financial institutions. Among other requirements, the law requires financial institutions to report and record suspicious cash transactions over $10,000.

What are the three stages of money laundering? 

The three stages of money laundering consist of:

  1. Placement of illegal funds in a legitimate financial institution

  2. Layering and mixing of illegal and legal funds to hide the origin of the illegal proceeds

  3. Integration of funds back to the criminal

During the placement stage, money launderers use a variety of techniques and venues to hide their funds, such as:

  • Legitimate cash businesses (for example, car parks, tanning salons, car washes, and casinos)

  • Trusts and offshore companies

  • Foreign bank accounts

The layering stage is complex, as money launderers utilize bookkeeping tricks to obscure the audit trail. This can involve:

  • Transferring funds from one country to another

  • Moving funds between multiple banks or between accounts within the same institution

  • Investing in real estate

  • Converting cash into money orders, wire transfers, and stocks

In the integration stage, money launderers must extract their funds without triggering attention from law enforcement or tax authorities. They can do this with: 

  • Fake employees

  • Loans that are never repaid

  • Investments into a property, high-end cars, artwork, jewelry, and other high-priced commodities

See file name above

Stay informed. Sign up for Plaid's newsletter on the latest in financial services and tech.

How is money laundering detected?

To detect money laundering, U.S. financial institutions must follow Know Your Customer and Customer Due Diligence procedures. They must verify the identity of customers and the beneficial owners of companies opening accounts, and engage in ongoing monitoring based on client risk profiles.

Know Your Customer (KYC) regulations are a standard set of procedures that help financial institutions verify the identities of their clients and assess and monitor customer risk for the purposes of opening and maintaining an account. Under the KYC obligations, clients must provide credentials (e.g., identification documents, like a driver’s license or passport) that prove their identity and address. 

Customer Due Diligence (CDD) is often one component  of a financial institution’s KYC procedures and focuses on assessing the risk level of a potential client. Under the CDD requirements, in addition to verifying the identity of the client and/or the beneficial owners of a company, financial institutions engage in ongoing monitoring of transactions a customer makes  in order to detect anomalous or suspicious behavior.

AML holding periods can require that deposits stay in an account for a minimum number of days. This tactic slows down potential money laundering and builds in more time for risk assessment.

Why is AML necessary?

AML helps financial institutions combat money laundering by stopping criminals from engaging in transactions that disguise the origins of funds connected to illegal activity. AML policies also address terrorism financing, which uses similar methods to source and hide funding.

According to the International Monetary Fund (IMF), the money laundering rate is between 2-5% of the world's GDP. Money laundering enables criminals to reap the benefits of crimes such as corruption, tax evasion, theft, drug trafficking, and migrant smuggling. These crimes can diminish the economic resources available to countries and threaten their economic stability. 

AML regulations were introduced in 1989 to combat money laundering. After the 9/11 terrorist attacks, AML regulations were updated to include measures that seek to prevent financial terrorism. The techniques used to launder money are essentially the same as those used to obscure terrorist financing.

What are the five key elements of an AML program?

The five pillars of an AML program are:

  1. Development of internal policies, procedures, and related controls 

  2. Designation of an AML compliance officer

  3. Ongoing and relevant employee training 

  4. Independent testing and review for compliance

  5. Customer Due Diligence (CDD)

Policies, procedures, and related controls. Financial institutions must develop written AML policies and procedures that govern their actions. These policies must be appropriate for the risk profile of the financial institution. Firms can visit the FinCEN website for templates for CDD and other BSA forms. Broker-dealers and small financial firms can visit FINRA to find templates for setting up their AML programs. The templates include text examples, instructions, relevant rules, and websites and other resources. 

AML compliance officer. Financial institutions must designate an AML compliance officer with the ongoing responsibility to ensure that the institution is in compliance with the BSA. The officer should have the budget, authority, and requisite knowledge and training to manage the program.

Employee training. Employees must be provided with current, tailored, relevant, and ongoing training. Training should be documented, and the amount and frequency of training should be appropriate to the employee’s role and the institution’s risk profile.

Independent review. Independent testing of the compliance program must be conducted by someone with knowledge of the BSA. This testing can be done by a third party. It cannot be done by the institution’s AML compliance officer or anyone with direct responsibility for compliance.

Customer Due Diligence (CDD). Financial institutions are required to conduct ongoing CDD and monitoring. This helps maintain and update customer information and risk profiles.

See file name above

Learn how embedded finance can help you unlock new market opportunities

By submitting this form, I confirm that I have read and understood Plaid's Privacy Statement.

What are red flags in AML?

AML red flags are indicators of suspicious transactions. Potential red flags could include:

  • A significant amount of private funding from an individual running a cash-intensive business

  • The involvement of a third party private funder without an apparent connection to the business

In a 2013 report, the FATF highlighted numerous red flags indicators. In 2019, FINRA (the Financial Industry Regulatory Authority) issued Regulatory Notice 19-18 and provided 97 examples of money laundering red flags. FinCEN also regularly issues advisories with updated red flags.

It’s important to note that lists of red flags are not exhaustive and do not guarantee compliance with AML programs. These red flags aren’t always indicative of suspicious activity, and may not apply to every financial institution, customer relationship, or business activity. Financial institutions must follow a risk-based approach to AML, and take the appropriate mitigation measures in accordance with the level of risk.

What should the AML checklist include?

AML checks help financial institutions manage their AML infrastructure. The checklist features:

  • Risk-based AML measures: The program is proportional to the financial crime risks that the organization faces

  • Identity verification: The customer’s personal information and risk are established

A compliance checklist can support and inform a financial institution’s AML program. The policy should be recorded and accessible to the organization’s senior management, board, staff, and regulations. A trained individual must be appointed to ensure that the program is followed. The financial institution’s employees should also be trained in the jurisdiction’s AML legal requirements. 

Why is AML compliance important for financial institutions?

AML compliance is critical for financial institutions to maintain their financial security. It’s also important because:

  • AML regulations and obligations are becoming increasingly important to regulators 

  • Financial crime continues to evolve

  • Financial institutions’ reputations for trustworthiness are at stake

Maintaining an AML program requires serious manual effort, which leads to higher costs. In 2018, it’s estimated that US financial services spent $25.3 billion to prevent money laundering risk.

However, failure to comply can also result in steep fines. According to the Wall Street Journal, regulators have imposed about $32 billion in AML-related fines globally since 2009. In 2012, HSBC was fined a record $2 billion for allegedly abetting criminal activity by failing to prevent money laundering.

Any AML crisis can negatively impact a financial institution’s brand reputation. Customers value security from fraud with their institution. Organizations that have been investigated or fined for AML non-compliance may seem untrustworthy to customers. As a result, financial institutions may lose customers and market value in an AML crisis. 

What can financial institutions do to have an appropriate AML program?

Financial institutions can implement an appropriate AML program by:

  • Using technology to conduct ongoing monitoring

  • Regularly meeting with state and local law enforcement

  • Using data analytics to identify patterns

  • Standardizing AML systems

Besides implementing and conducting strong AML compliance programs, financial institutions can use technology, such as AI, for ongoing monitoring. This can help institutions expand their monitoring capacity while allowing their compliance teams to address the accounts that need attention.

Financial institutions can also meet with law enforcement regularly to share updates, flag and verify suspicious activity, and identify potential criminal networks. Improving the public-private partnership results in a more united front against money laundering.

Improved and real-time analytics can help AML officials quickly assess a customer’s level of risk. Analytics can help identify questionable patterns, develop client models, build levels of risk, and flag negative news alerts that bear on the client’s account.

Finally, standardizing systems is a critical need for financial institutions dealing with a network of legacy computer systems. By moving into a fully digital environment, institutions can more easily standardize AML practices across the organization.

Conclusion

AML procedures exist to ensure that financial institutions and banks fight money laundering and terrorism financing. AML regulations continue to change globally, and the onus is on financial institutions to keep up with and update their AML programs. By stopping criminals from obscuring the origins and locations of their illegal transactions, banks can help promote the broader safety and economic security for the world.

Plaid Sales Team ready to help

Find out how Plaid can help your business grow

By submitting this form, I confirm that I have read and understood Plaid's Privacy Statement, and I authorize Plaid to send me sales and marketing communications at the email address provided