The High Cost of AML Failings

Avatar for John Leahy
By John Leahy Senior Product Manager
January 11th 2022 | 4 minute read

Anti-money laundering (AML) failures come at a heavy price.

Just ask the UK’s NatWest Bank, which in December was hit with a criminal conviction and £265m (€318m) fine for breaching AML regulations. In the same month, the Financial Conduct Authority slapped HSBC with a £64m (€77m) fine for failings in its AML processes. Earlier in the year ABN AMRO’s anti-money laundering shortcomings in the Netherlands cost it €480m.

Such cases reflect authorities’ growing determination to crack down on dirty money flows. This is a global trend, and it’s not just banks in their crosshairs.

In the US, the introduction last January of the Anti-Money Laundering Act 2020 represented the most substantial reform of the country’s AML and counter-terrorism financing (CFT) laws since the USA Patriot Act of 2001.

Among its provisions, the new Act requires corporations and limited liability companies to disclose their beneficial owners to the Treasury Department’s Financial Crimes Enforcement Network (FinCEN). The Act also gives US regulators expanded authority to obtain documents from foreign financial institutions and levy higher penalties for AML violations. Meanwhile, new proposed bipartisan legislation seeks to make non-financial businesses and professions subject to the same AML responsibilities as financial institutions.

The laws are tightening in Europe too. Last year the European Commission put forward an extensive package of legislative proposals aimed at strengthening the EU’s AML and CFT rules by improving activity detection and closing loopholes used by criminals.

The proposals include a new regulation, plus an update to the Anti-Money Laundering Directive, which will see “aiding and abetting” by money laundering “enablers” become a criminal offence. Extending the criminal liability will mean companies can be prosecuted for any involvement in money laundering or terrorist financing, including where they fail to prevent an individual in their organisation from breaching AML rules and regulations.

Bottom line: AML violations – intentional or otherwise – will not be tolerated. So firms had better ensure their controls and processes are up to the job.

AML pain points

But while getting your AML controls wrong is expensive, getting them right can be tough. The rules are often complex, with different jurisdictions adding their own spin.

The new EU legislative proposals, for example, will make customer due diligence measures more granular. Politically exposed persons in particular will be subject to enhanced due diligence on a risk-based approach.

Beneficial ownership laws will also be tightened, with new requirements around nominees and foreign entities, and more detailed rules to identify beneficial owners of corporates and other legal entities. This echoes the US Anti-Money Laundering Act 2020, under which corporations and limited liability companies must now disclose their beneficial owners.

But identifying and tracking underlying beneficial owners (UBOs) demands levels of transparency and ongoing monitoring that many institutions struggle to meet. Digging into the details of every UBO behind complex structures is often a manually-intensive exercise that takes up significant time and resources.

Detecting unusual or suspicious transaction activity and customer data changes, and issuing Suspicious Activity Reports (SARs) to the relevant regulatory bodies is another challenge. Definitions of suspicious activity change over time and across jurisdictions, and monitoring capabilities need to keep pace. At many firms, suspicious activity monitoring depends on manual reviews and is conducted in retrospect. SARs must also be filed within 30 days of detecting any suspicious activity, so the speed of reporting can be critical.

Identifying fraud involves many steps and is prone to manual error too. The risk of false-positive alerts is high. Without an efficient way to identify and discount those false positives, firms will be hit by unnecessary delays and costs.

Get your AML in shape

With so much at stake, robust AML capabilities that span the entire client lifecycle, from onboarding to ongoing monitoring and offboarding, have become a must – not just for banks, but financial institutions of all stripes.

In our next blog, we’ll examine what that capability looks like in practice.

At Deep Pool, we are dedicated to helping clients maximise their success. Deep Pool provides the industry-leading compliance software and deep consulting expertise financial institutions need to automate their end-to-end AML/KYC and FATCA/CRS reporting processes. Our team combines compliance experts, business analysts and software engineers to create a unique blend of industry know-how and experience, producing efficiencies, scalability and client servicing benefits that transform users’ businesses.

KURE, our flexible AML/KYC and FATCA/CRS reporting solution suite, supports all types of regulated financial firms, including banks, asset managers and service providers. Deep Pool is a global organisation with offices in Dublin, Ireland, the United States, the Cayman Islands and Slovakia. For more information, visit:


John Leahy
John has been with the Deep Pool Group since 2012. He drives product development, vision, strategy, and execution across a cross-functional team, serving 3 Fintech/Regtech products. John holds a Postgraduate Diploma in Product Management from Technological University Dublin.