Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT), are terms mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent, detect, and report money laundering and terrorist financing activities.  

Every regulated entity should have appropriate AML as well as CFT checks and controls in line with the regulatory framework of the jurisdiction where the entity operates from.    

To make it easier for Start-Ups, please find below the diagram of the AML/CFT Ecosystem:

The ecosystem shown above shows the five core responsibilities of Money Transfer Start-Ups:

1. Onboard a Money Laundering Reporting Officer (MLRO) 

First and foremost, all start-ups must have a dedicated Money Laundering Reporting Officer (MLRO) who is responsible for managing all compliance activities within the organisation. Depending upon the type and size of the business, there could be one or more members within the compliance team.  

Aside from the MLRO, it is important that other stakeholders such as Directors, Senior Managers and even Shareholders familiarise themselves with the Payment Services and AML regulations within the jurisdiction where the business is registered.

2. Customer Due Diligence (CDD) 

Each entity is responsible to identify the customers that they deal with. This step is known as the Know Your Customer (KYC). The MLRO has to identify the checks and controls that need to be in place to capture all the information needed from the customers as part of the KYC process. 

Apart from KYC, the entity must also maintain the Customer Due Diligence which is mainly to do with checking the customers registering against the watch lists and the transaction patterns of the customers. 

3. Suspicious Activity Reporting (SAR)

The entity is required to conduct appropriate investigations whenever an event such as a transaction monitoring alert or a sanctions match occurs. The MLRO has to validate such investigations further and need to report to the local regulatory bodies in the form of Suspicious Activity Reporting (SAR) or Suspicious Transaction Reporting (STR).

4. Record Keeping

The entity is responsible to maintain records of all their customers and transactions for a minimum period of 5 years or as per the guidelines of the local regulatory bodies. The MLRO has to ensure that the data captured from customers for identification and transaction purposes are stored securely and accessible to the authorized individuals of the entity whenever needed. Apart from customers and transactions data, the entity should also maintain the records of all the SARs/STRs. 

5. Registering and Reporting to Regulators

The entity is responsible to have the registration done with the relevant regulatory bodies in the jurisdiction where the entity operates from. The entity should also be aware of all the reporting obligations in order to submit reports related to the customers or transactions data to the relevant regulatory bodies in the jurisdiction.  

Whether you are a start-up or an established Money Service Business, it is very important that the AML policies and procedures are clearly incorporated within your business model. For more information, advice and support, please contact us.

RemitONE provides proven compliance products for Money Service Businesses and Central Banks and would be delighted to help your business. Contact marketing@remitone.com or call +44 (0) 208 099 5795.