The fintech sector continues to gain momentum, with the number of participants in this promising market increasing annually. However, it is associated not only with incredible opportunities and advantages but also with certain risks. The greatest problem for governments of various countries is financial fraud and terrorism financing, which has prompted the creation and implementation of effective anti-money laundering programs (AML policies). Such measures ensure that illicit funds do not enter the legal financial system. Compliance with AML requirements is a fundamental requirement for regulated companies engaged in financial activities (banks, exchanges, payment systems, etc.). The comprehensive use of effective AML policies and procedures, coupled with training and special technologies, helps enterprises conduct business lawfully.

 

Anti-fraud legislation operates at the international level. It obliges every participant in the fintech market to comply with legislative norms and standards. Documentation must have a strictly individual character, i.e., correspond to the activities of a specific fintech project. Thus, the development of AML policy plays one of the main roles in legitimizing business activities, including internationally. In the Lawrange Attorneys Association, you will not only be consulted on compliance and implementation of AML policy but also provided with comprehensive assistance in planning and drafting this important document.

 

Concept of AML Compliance

Successful compliance with AML legislation is not only protection against fines but also the prevention of laundered money from entering the company’s financial system. In fact, AML compliance is a more meaningful and significant tool, used not only to meet minimum requirements. Primarily, it is a system of measures and rules developed and implemented to detect, prevent, and respond to cases of financial crime. One of the essential functions of such a comprehensive tool is to prevent criminals from using the financial system to launder illegally obtained income.

 

However, any fintech enterprise can benefit much more from the application of AML Compliance than just compliance with requirements. For example, the implementation of sustainable, efficient, and cost-effective systems that offer a multitude of opportunities to enhance current compliance processes. The development and implementation of specific policies within the company create a certain order, preventing the risk of money laundering. The development of AML documents should be carried out exclusively by specialists who are not only well-versed in the field of law but also deeply familiar with all the nuances of this issue in practice.

 

Basic Principles of AML Policy

Regulating financial activities through AML complicates criminals’ ability to avoid punishment for income obtained dishonestly. Since most crimes are financially motivated, preventing income from illegal activities is considered one of the most powerful methods of:

 

  • Restraining corruption.
  • Preventing tax evasion.
  • Preventing theft, fraud, and many other crimes.

 

Thus, the main principle of AML is combating money laundering as a vital component of a fair society. Compliance with anti-money laundering requirements should not be seen as something unpleasant that restricts business rights. Above all, compliance is a fundamental requirement that helps maintain a healthy business environment.

 

Regardless of the country where you intend to open a company, several common AML principles can bring the most benefit to your business.

 

Important! Reporting is one of the main conditions for compliance with AML requirements. According to FATF recommendations, if a financial institution has reason to believe that certain funds have been accumulated illegally or are associated with fraud and terrorism, it must report this immediately.

 

Documented Policy

Developing and complying with AML policy is a task that does not tolerate improvisation. It is crucial to carefully consider the policy, clearly articulate thoughts, and provide the resulting document for everyone’s review (management, employees, and regulatory authorities). Among other things, it will define:

 

  • Customer identification policy.
  • Reporting options.
  • Rules for recordkeeping in the company.
  • Other rules and methods of compliance.
  • Procedures for communicating with customers, etc.

 

Responsible for Compliance

Clear execution of AML policy is possible with a person responsible for overseeing the program. One person (AML agent) is appointed to possess all system data and monitor the correctness, effectiveness, and timely updating of compliance processes. The AML agent monitors report submission, conducts proper training of staff and company management—in short, ensures the smooth operation of the system. Thus, the effectiveness of such a person’s work largely determines the reputation and financial position of the fintech enterprise.

 

Training

Every employee who deals with clients or transactions in any way should understand your company’s AML policy and procedures. Staff should know not only the legislative requirements but also money laundering methods and checks to identify suspicious activity.

 

Understanding all this is only possible through systematic training. Therefore, the owner of a fintech business should pay attention to regular training programs to enable employees to remain vigilant and informed. In this case, your AML policy will continue to remain relevant.

 

Risk Assessment

Every type of financial activity is associated with characteristic risks. These risks must be taken into account and assessed when developing AML policy. It is important to understand that the diversity of risks is associated with various factors, including the geographic region where services are planned to be provided.

 

Development of Control Procedures

Within the framework of AML policy, detailed procedures for client identification, transaction monitoring, and detection of suspicious activities are developed and implemented. A crucial role in AML Compliance is played by the Know Your Customer (KYC) procedure, within which important information about clients is gathered:

 

  • Name.
  • Address.
  • Identification numbers.
  • Sources of financing, etc.

 

Identification of Suspicious Transactions

Money laundering is an attempt to legitimize illegal funds, so there are patterns indicating that money may have been obtained unlawfully. Suspicious transactions include:

 

  • Operations involving many transactions—indicative of layering (dividing receipts into account amounts below reporting thresholds).
  • Spikes in activity or incoming amounts.
  • Operations related to businesses requiring the use of large amounts of cash, such as gambling.
  • Transactions involving jurisdictions related to money laundering.
  • Transactions involving individuals or legal entities identified as potential money launderers, etc.

 

These signs are noticeable at the initial stage of comprehensive verification or during ongoing monitoring procedures. During the adaptation of AML policy, it becomes possible to establish classifications based on account type, source of funds, expected transactions, or any other criteria.

 

Collaboration with Regulators

Another critical aspect of protecting against various risks is reporting. Companies should not only identify suspicious transactions and scrutinize the client but also maintain documentation on the performance of AML procedures. If suspicious activities are detected, relevant reports must be promptly submitted to the regulator. In this case, having clear processes for handling such events is essential.

 

Difference between AML and KYC

From a comprehensive perspective, AML is a complex set of measures that are used to combat illegal financial activities. This complex consists of two procedures: KYC (identity verification) and AML (transaction verification). In other words, the main difference between these procedures lies in the subject of verification. While KYC procedures aim to determine all nuances related to the client’s identity, the AML system uses methods to prevent money laundering, protect against financial crimes, detect them, and report them.

 

At the same time, KYC is one of the principles that must be followed to comply with general AML rules. Refusing to undergo KYC is not an option; otherwise, criminal prosecution will be initiated, with the organization becoming a suspect, even if it operates legally and honestly.

 

Important! AML and KYC complement each other. These terms are used only in countries where financial regulation is provided at the legislative level. Offshore jurisdictions do not impose requirements for the development and implementation of AML.

 

AML Legislative Framework

The Financial Action Task Force (FATF) is a global supervisory body monitoring cases of money laundering and terrorism financing. This intergovernmental organization sets international standards to prevent illegal activities and the harm of financial fraud. FATF works to create the necessary political will for national legislative and regulatory reforms in this area. AML legislation is based on common principles regardless of the country. However, this issue is regulated differently in each jurisdiction.

 

AML Rules in the EU

The European Union has established a solid foundation for combating money laundering and terrorism financing. EU legislation in the field of AML consists of a series of directives that provide a legal basis for compliance with requirements in EU member states.

 

The origins of EU legislation on combating money laundering date back to 1990 when the First Money Laundering Directive was adopted. The aim was to prevent the unlawful use of the financial system for money laundering. Banks were required to comprehensively verify clients, monitor transactions, and report suspicious activities when entering into business relationships. This laid the groundwork for coordinated efforts to ensure a consistent approach to combating money laundering throughout the EU.

 

Order a consultation

An essential part of the EU’s anti-money laundering system today is the Fifth EU Directive (5AMLD). Implemented in January 2020, this law significantly expands the scope of action to prevent the unlawful use of the financial system for money laundering and terrorism financing. 5AMLD covers a wide range of activities and affects various entities. The directive also expands requirements for comprehensive due diligence, including for politically exposed persons. The broadening scope of 5AMLD indicates the evolving nature of EU AML policy.

 

AML Rules in the USA

The main legislative acts followed by American financial institutions in the USA are:

 

  • The Bank Secrecy Act (BSA) of 1970 requires financial companies to assist US government agencies in detecting and preventing crimes related to money laundering.
  • The Anti-Money Laundering Act (AMLA) requires financial organizations to establish and comply with AML compliance programs considering clearly defined risks.
  • The USA PATRIOT Act mandates all Fintech companies to monitor transactions to prevent financing terrorism.
  • The Electronic Fund Transfer Act (EFTA) defines the rights and responsibilities of consumers when transferring funds electronically, including controlling the use of ATMs and debit cards, as well as automatic withdrawals from bank accounts.

 

AML Rules in Canada (CAD)

In Canada, there are two main laws regulating the fight against money laundering and terrorism financing:

 

  • The Criminal Code, which provides for criminal liability for the intentional handling of property or provision of financial services for terrorist activities.
  • The Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTA) applies to “entities,” i.e., banks, credit unions, life insurance companies, credit enterprises, securities dealers, currency dealers, money services businesses, casinos, and real estate brokers.

 

AML Rules in Asia

  • The Prevention of Financing of Terrorism and Proliferation of Weapons of Mass Destruction Act (PFOPIA) in South Korea criminalizes terrorism financing, and financial institutions are prohibited from conducting financial transactions with individuals and legal entities without the permission of the Financial Services Commission.
  • The Corruption, Drug Trafficking, and Other Serious Crimes (CDSA) Act in Singapore provides for punishment for corruption and confiscation of proceeds obtained through corruption.
  • The Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO) in Hong Kong establishes requirements for comprehensive customer due diligence (CDD) and record-keeping for financial institutions and some non-financial businesses, as well as for trust and corporate service providers (TCSP).

 

Features of Developing AML Policies for Crypto Activities

Cryptocurrencies are a new type of currency characterized by decentralization and increased anonymity. For this reason, electronic coins are often used for money laundering, terrorism financing, and other financial crimes. This fact has forced governments of different countries and financial regulators to take protective measures by implementing AML policies in the crypto space.

 

Anti-money laundering policy in the context of cryptocurrency consists of a set of rules, procedures, and guidelines imposed on cryptocurrency exchanges, financial institutions, and other organizations operating in the crypto industry. The main goal of AML policy is to prevent and detect activities related to money laundering or any other financial crimes in the crypto space.

 

Important! Currently, crypto companies strive to fully comply with all applicable rules, although adhering to AML policy requirements somewhat complicates the registration process and overall business operations.

 

When developing AML policies, mainly descriptions of procedures and measures that the company plans to use to prevent illegal activities are used. The procedures contained in the AML policy of a specific crypto organization often depend on the expected risk level of the jurisdiction in which the business is conducted. The FATF international organization determines the risk level. Main requirements for developing AML policies can be outlined as follows:

 

  • Customer Due Diligence (CDD): A detailed description of the procedure for comprehensively verifying customers’ identities using various means, such as confirming the residential address and obtaining biometric information.
  • Transaction monitoring: You must inform the Regulator how you plan to identify and report suspicious activities. For example, triggers for initiating an investigation may include large transactions or conducting operations in jurisdictions with high-risk levels.
  • Risk assessment: Description of how the company assesses and classifies risks associated with different customers, transactions, and counterparties.
  • Record-keeping: Information about customers, transactions, and risk assessment results should be stored for compliance and audit purposes.
  • Reporting suspicious activities to regulatory authorities: If organizations detect unusual or suspicious transactions, they must provide the appropriate report to the Regulator.
  • Sanctions screening: Description of measures for checking transactions against sanction lists. This helps prevent crypto companies from cooperating with organizations under international sanctions.
  • Technological solutions: Technologies, including blockchain analytics tools and transaction monitoring, contribute to the effectiveness of AML policy. Special tools can automate the process of identifying suspicious activities.
  • Compliance with regulatory standards: AML policy in the crypto industry must comply with national and international regulatory standards. Many jurisdictions require cryptocurrency exchanges and other crypto companies to register with regulatory authorities and comply with specific AML rules.
  • Periodic review and updates: The crypto landscape is dynamic, and AML policy should be regularly reviewed and updated to comply with changing regulatory requirements.

 

Implementation of AML policy enables crypto entities to successfully fulfill regulatory obligations and contributes to building trusted relationships in the crypto community.

 

Why Choose Lawrange

Developing AML documents is essential in establishing any fintech project’s legal business activities. Incorrect drafting or the absence of such documents can result in companies being denied a license or facing legal liability altogether. When drafting such documents, all requirements imposed by international legislative acts combating financial fraud and terrorism should be taken into account.

 

Experienced specialists at Lawrange are familiar with all the intricacies of developing and implementing AML policies. With our assistance, you will be able to successfully navigate this important stage, ensuring the legal operation of your business. We will explain how to conduct activities in accordance with current international legal norms and help accurately and correctly reflect all necessary internal and external AML procedures in the documentation.

 

FAQ

How much does it cost to develop an AML policy?

The cost of this service depends on the type of company’s activities and the jurisdiction in which the business is registered. An individual consultation can provide more detailed information on this issue.

 

How often should the AML policy be updated due to changes in legislation and the risk environment in the crypto sphere?

Cryptocurrency is considered a high-risk type of asset, so activities in this area are regulated by constantly changing legislation. By regularly updating and supplementing the AML policy, the company will be able to fully comply with the Regulator’s requirements.

 

What is the risk of using template AML policies?

Quite often, fintech companies underestimate the role of this document and, therefore, develop it based on a template from the Internet. However, such an approach leads to non-compliance with legislative requirements in practice, resulting in legal issues.

 

ORDER A DEVELOPMENT OF AML POLICY