In the fast-changing world of financial regulation, understanding anti-money laundering (AML) acronyms and terms is essential, from fintech newcomers to seasoned compliance officers.

This glossary offers clear, concise definitions of key AML and Counter-Financing of Terrorism (CFT) terms to help you navigate regulatory demands, detect risks, and uphold institutional integrity.

Organized alphabetically, it's your go-to reference, whether you're clarifying a term or deepening your knowledge. We update it regularly, so bookmark this page and stay informed in this high-stakes industry.

AML acronyms and terms glossary

A

Adverse Media Screening

A due diligence process that involves identifying negative or unfavourable news about individuals or entities. Financial institutions use this to detect reputational and compliance risks, often by scanning public databases, news outlets, and watchlists to flag customers linked to criminal or suspicious activities.

AML Audit

A formal, independent review of a financial institution's AML compliance programme. It assesses the design and effectiveness of controls, procedures, risk assessments, training, recordkeeping, and reporting mechanisms to ensure compliance with applicable regulations.

AML Compliance

The active adherence to anti-money laundering laws and regulations through internal policies, procedures, and control systems. It includes customer due diligence (CDD), transaction monitoring, suspicious activity reporting, and staff training.

AML Comfort Letter

A formal document issued by financial institutions, law firms, insurance companies, or third-party consultants to provide assurance regarding an entity’s adherence to AML regulations.

You might be interested in: AML Comfort Letter Free Template

AML Fine

A financial penalty imposed by regulatory authorities on entities that fail to comply with AML laws. Fines may result from inadequate customer identification, failure to file suspicious activity reports, or ineffective internal controls.

AML Investigation

The process of examining transactions, behaviour, or client profiles that raise red flags. Investigations are conducted internally or in collaboration with authorities to determine the legitimacy of activities and may result in SAR filings or account closures.

AML Officer / Money Laundering Reporting Officer (MLRO)

A designated compliance professional responsible for implementing and overseeing an organisation’s AML framework. The officer ensures adherence to legal obligations, files reports, and acts as a liaison with regulators.

AML Program

A structured compliance programme required by law that sets out policies, procedures, and internal controls to detect and prevent money laundering. Components include risk assessments, staff training, reporting systems, and independent reviews.

AML Risk Assessment

A risk-based methodology used by institutions to evaluate the likelihood of exposure to money laundering and terrorist financing. It informs the design of controls and customer risk ratings based on geography, products, services, and transaction patterns.

AML Risk Scoring

A quantification process that assigns a risk level to customers, accounts, or transactions using defined criteria. Risk scores inform decisions on enhanced due diligence (EDD) and ongoing monitoring.

AML Software / AML Technology

Specialised digital tools that assist in transaction monitoring, screening, risk scoring, and regulatory reporting. Common functionalities include rules-based and AI-driven analytics, case management, and integration with KYC databases.

AML Trainings

Regular educational programmes aimed at ensuring that employees understand AML laws, their responsibilities, red flags, and how to handle suspicious activity. Mandatory for front-office and compliance staff in regulated sectors.

AML Vendor

A company that provides compliance solutions and services, including AML software, consulting, data screening tools, and training programmes. These vendors support regulated entities in meeting their AML obligations.

API (Application Programming Interface)

In an AML context, APIs are used to integrate compliance tools such as transaction monitoring or sanctions screening into existing financial systems. APIs enhance automation, interoperability, and real-time compliance processes.

Asset Freeze

A legal measure that prohibits the transfer, conversion, or movement of funds or economic resources linked to designated persons or entities, usually under sanctions or judicial proceedings.

Audit Trail

A chronological record of system activities or financial transactions that supports the reconstruction, review, and examination of data. In AML compliance, it is essential to demonstrate transparency and traceability.

Automated Transaction Monitoring

A technology-driven process that reviews financial transactions in real time or retrospectively against defined rules to identify suspicious activity. It supports the early detection and investigation of potentially illicit behaviour.

B

Bank Secrecy

Legal or regulatory provisions that restrict financial institutions from disclosing customer information without consent. While protecting privacy, bank secrecy laws must not obstruct AML investigations.

Basel AML Index

A global ranking developed by the Basel Institute on Governance that assesses countries' risk of money laundering and terrorist financing based on publicly available data.

Bearer Instrument

A financial instrument (such as bonds, cheques, or stock certificates) that is not registered in any individual's name and is payable to whoever holds it. Bearer instruments pose a higher AML risk due to their anonymity and transferability.

Beneficial Owner

The natural person(s) who ultimately own or control a customer or the person on whose behalf a transaction is conducted. Identification of beneficial owners is a key requirement in CDD processes.

Beneficial Ownership Register

A centralised database maintained by regulatory authorities that records the ultimate beneficial owners of legal entities. These registers aim to enhance transparency and prevent the misuse of corporate vehicles for money laundering.

Beneficiary

The individual or entity intended to receive funds or benefits from a financial transaction. Institutions must verify the beneficiary's identity and ensure no sanctions or red flags apply.

Bitcoin Mixer / Tumbler

A service that anonymises cryptocurrency transactions by pooling and redistributing funds to obscure origins. While offering privacy, mixers are often used to launder illicit crypto funds.

Blacklist

A list of individuals, organisations, or jurisdictions subject to sanctions, regulatory bans, or high-risk designations. Screening against blacklists is a core component of AML and sanctions compliance.

Black Market Peso Exchange (BMPE)

A money laundering system predominantly used in Latin America, where illicit funds are exchanged through an underground financial network, often involving trade-based laundering and shell companies.

Blockchain Analysis

A forensic process of tracing transactions on a blockchain to identify counterparties and detect illicit behaviour. Blockchain analytics help regulators and firms monitor crypto activity.

Blockchain Forensics

The specialised practice of analysing blockchain data to trace cryptocurrency movements, identify illicit activity, and support investigations. Forensics providers often work with law enforcement and regulated institutions.

Book Transfer

A method of transferring funds internally within the same financial institution without any physical movement of cash. Monitoring such transfers is necessary to prevent layering in the money laundering process.

Bulk Cash Smuggling

The physical transportation of large amounts of currency across borders with the intent to evade reporting requirements. It is often used as a placement method in money laundering schemes.

Business Email Compromise (BEC)

A cybercrime tactic in which attackers spoof email accounts of executives or vendors to trick employees into transferring funds or sensitive data. Financial institutions monitor BEC as part of fraud and AML detection.

Business Relationship

A formal relationship established between a financial institution and a client, typically for the provision of services. AML regulations require institutions to conduct ongoing due diligence on all business relations

C

Cash-Intensive Business

A business that primarily deals in large volumes of cash transactions, such as restaurants, casinos, convenience stores, and car washes. These businesses pose a higher risk for money laundering and require enhanced due diligence measures.

Cash Smuggling

The illicit act of physically transporting large sums of cash across borders to avoid reporting requirements. Common in the placement stages of money laundering schemes and typically prosecuted under anti-money laundering laws.

Cash Transaction Report (CTR)

A report filed by financial institutions to regulatory bodies when a cash transaction exceeds a predefined threshold. CTRs help monitor large cash flows and prevent money laundering and terrorist financing.

CFT (Countering the Financing of Terrorism)

A set of legal, regulatory, and institutional measures to prevent and detect the funding of terrorist organisations or acts. Often intertwined with AML frameworks, CFT policies aim to block access to financial services by terrorists.

CDD (Customer Due Diligence)

The process of verifying a customer's identity and assessing their risk profile. CDD includes understanding the nature of the business, ownership structure, and ongoing monitoring. Enhanced Due Diligence (EDD) applies to higher-risk clients.

Client Risk Rating

A classification based on a customer’s AML/CFT risk profile, determined by factors such as geography, product type, customer type, and transaction behaviour. Ratings guide the intensity of due diligence and monitoring.

Compliance

Adherence to laws, regulations, and internal policies designed to detect, prevent, and report money laundering and terrorist financing. It includes the establishment of internal controls, staff training, and regulatory reporting.

Compliance Culture

An organisational ethos where adherence to laws and ethical conduct is promoted at all levels. A strong compliance culture is a key factor in effective AML/CFT implementation and reduces reputational risk.

Compliance Officer

A designated individual responsible for ensuring that the organisation complies with regulatory requirements, including AML laws. The officer leads risk assessments, policy development, audits, and communication with regulators.

Confiscation

The legal seizure of assets derived from or used in criminal activity, including money laundering. Confiscation can occur after conviction or via civil forfeiture processes, depending on jurisdiction.

Conflict of Interest

A situation in which a person or institution's private interests may interfere with their professional duties. In AML, conflicts of interest can undermine the objectivity of investigations or compliance decisions.

Correspondent Banking

An arrangement in which one bank (the correspondent) provides services on behalf of another (the respondent), often across borders. Due to layered transactions and third-party risks, this service poses a high AML risk.

Counterparty

The other party involved in a financial transaction. Identifying and assessing counterparty risks are essential in AML compliance, especially in trade finance, correspondent banking, and securities.

Counterfeit Currency

Fake or fraudulent currency notes that imitate genuine banknotes. Launderers may introduce counterfeit money into the financial system to convert it into legitimate funds.

Counterparty Risk Assessment

Evaluating the risks posed by counterparties in financial transactions, particularly in cross-border arrangements. It considers jurisdiction, transaction patterns, and regulatory history.

Counter-Terrorism Financing Sanctions

Sanctions specifically targeting individuals and organisations suspected of financing terrorism. They typically involve asset freezes, travel bans, and transaction prohibitions.

Cuckoo Smurfing

A money laundering technique where illicit funds are inserted into the legitimate remittance flow without the knowledge of the account holder. Often exploited in international remittance networks.

Customer Identification Program (CIP)

A legal requirement for financial institutions to collect specific identifying information about customers. It typically includes name, address, date of birth, and identification number at the time of account opening.

Customer Onboarding

The process of acquiring new clients, verifying their identities, and assessing their risk profile. Effective onboarding includes CDD, risk rating, and sanctions screening.

Customer Profile

A documented overview of a customer’s identity, risk level, and expected transaction behaviour. Used to detect deviations and anomalies during transaction monitoring.

Customer Risk Assessment

A structured process to assess the likelihood that a customer may be involved in money laundering or terrorist financing. Based on the customer’s profile, products, services, and geographic risk.

Customer Screening

The act of checking individuals or entities against sanctions lists, politically exposed persons (PEP) lists, adverse media, and other databases to ensure they are not involved in illicit activities.

Custodian / Custodial Institution

A financial entity that holds assets on behalf of clients. Custodians have AML obligations to ensure that assets under management are not proceeds of crime.

D

Data Privacy

The principle of safeguarding individuals' personal information collected during AML processes. Financial institutions must balance regulatory obligations such as CDD and transaction monitoring with data protection laws like GDPR or UAE's Data Protection Law.

De-risking

A controversial practice in which financial institutions terminate or restrict business relationships with clients deemed high-risk for money laundering or terrorist financing, rather than managing the risk. Often criticised for excluding entire sectors such as remittance providers or NGOs from formal financial systems.

Designated Categories of Offences

A list of predicate offences for money laundering, typically defined by law or FATF recommendations. These include crimes like drug trafficking, fraud, corruption, and human trafficking, which can generate illicit proceeds subject to laundering.

Designated Non-Financial Businesses and Professions (DNFBPs)

A FATF-defined group of entities that, while not financial institutions, are subject to AML regulations due to their risk exposure. DNFBPs include real estate agents, law firms, auditors, jewellers, and corporate service providers. Regulators increasingly require DNFBPs to implement AML programmes, report suspicious activity, and undergo inspections.

Designated Persons List

A register of individuals and entities subject to financial sanctions, asset freezes, or travel bans due to their involvement in terrorism, proliferation, or serious crime. Institutions must screen customers against such lists (e.g. OFAC, UN, EU, or UAE national lists) as part of their AML controls.

Digital Identity

An electronic representation of an individual’s identity used to verify and authenticate customers during onboarding or CDD processes. Secure digital ID systems, often leveraging biometrics or blockchain, are increasingly used to improve accuracy and reduce fraud.

Digital KYC (eKYC)

The process of performing Know Your Customer obligations electronically. This includes document verification, facial recognition, and live liveness checks. Digital KYC enables faster, scalable onboarding while maintaining AML compliance standards.

Discrepancy Reporting

The requirement to report inconsistencies between customer-provided information and publicly available data sources (such as beneficial ownership registers). This helps identify and address potential misrepresentations or fraudulent filings.

Document Verification

A core component of the KYC process where identity documents are reviewed — manually or via technology — for authenticity and validity. Includes checking security features, expiry dates, and cross-referencing with databases.

Dormant Account

An account that has shown no activity over a specified period (typically 12 months or more). Dormant accounts may be misused for layering or integration in money laundering and should be periodically reviewed and risk assessed.

Dual-Use Goods

Items that can be used for both civilian and military applications. In AML and sanctions compliance, the trade of dual-use goods is monitored due to proliferation financing concerns and export control restrictions.

Due Diligence

The process of collecting and analysing information about a customer or transaction to assess risk and ensure compliance. There are levels of due diligence: Standard, Enhanced (EDD) for high-risk, and Simplified (SDD) for low-risk clients.

Dynamic Risk Scoring

An approach to risk assessment that continuously updates a customer’s risk profile based on behaviour, transaction patterns, and new data. Unlike static scoring, it adapts in real-time and supports proactive compliance monitoring.

Detection Scenario

A pre-defined rule or pattern used by AML systems to flag potentially suspicious transactions. Examples include rapid movement of funds, structuring just below reporting thresholds, or unusual activity for a client’s profile.

Disguised Beneficial Ownership

A situation in which the true ownership of an entity or asset is hidden using complex structures, nominees, or offshore arrangements. Identifying disguised beneficial ownership is a critical element of effective AML practices.

Document Retention Policy

A formal policy outlining how long customer and transaction-related records must be kept to comply with AML regulations. Retention periods vary by jurisdiction but typically range from five to ten years post-relationship.

E

ECDD (Enhanced Customer Due Diligence)

A heightened form of due diligence required for customers or transactions that pose a higher risk of money laundering or terrorist financing. ECDD includes gathering additional identification documents, verifying sources of wealth and funds, and applying more frequent or detailed monitoring throughout the relationship.

Egmont Group

An international network of Financial Intelligence Units (FIUs) that facilitates cooperation, information exchange, and coordination in AML and counter-terrorist financing (CTF) efforts. The group plays a key role in global intelligence-sharing between authorities.

Electronic Funds Transfer (EFT)

A digital transfer of funds between banks or financial institutions. In AML compliance, EFTs are monitored for patterns such as structuring, unusual remittance destinations, and links to sanctioned entities. Swift reporting on EFTs is mandatory in many jurisdictions for large or suspicious transactions.

eKYC (Electronic Know Your Customer)

The digital process of verifying customer identity through online platforms, biometrics, and automated document validation. eKYC improves efficiency, lowers onboarding costs, and supports compliance with KYC and AML requirements, particularly in fintech and mobile banking.

Entity Resolution

The process of identifying and consolidating data about the same individual or organisation across different sources or records. In AML systems, effective entity resolution helps reduce false positives and improves the accuracy of customer screening and monitoring.

Escalation Procedure

A formal process by which AML alerts, suspicious transactions, or risk concerns are elevated to compliance officers or senior management. Clear escalation channels are a regulatory expectation for timely action and appropriate SAR/STR filings.

EU Fourth AML Directive

A legislative act passed by the European Union in 2015 to strengthen AML/CFT regulations across Member States. It introduced stricter rules around beneficial ownership, risk assessments, and EDD for PEPs and third countries.

EU Fifth AML Directive (5AMLD)

A 2020 update to European AML rules that expanded the regulatory scope to include virtual asset service providers (VASPs), prepaid cards, and enhanced due diligence for high-risk third countries. It also mandated centralised beneficial ownership registers and increased transparency.

EU Sixth AML Directive (6AMLD)

A further enhancement of EU AML rules that clarified criminal liability for AML breaches, defined a minimum list of predicate offences, and increased penalties. It emphasised cooperation across borders and accountability of legal persons.

Exclusion List

A list of individuals, entities, or jurisdictions that an institution has internally flagged as prohibited or restricted from onboarding or transacting, based on prior risk assessments, regulatory orders, or past suspicious activity.

Extraterritorial Jurisdiction

The application of a country’s AML laws beyond its borders. For example, the U.S. may prosecute money laundering activities involving its currency or financial system, even when committed abroad. Institutions operating across jurisdictions must navigate overlapping regulations and reporting requirements.

Exposed Person

A broader interpretation of politically exposed persons (PEPs), this term refers to individuals who, due to their position or connections, may pose a higher risk of involvement in bribery, corruption, or money laundering. Monitoring exposed persons is part of advanced risk frameworks.

E-wallet

A digital wallet used to store and transfer funds electronically, often linked to mobile apps or cryptocurrencies. AML concerns arise when e-wallets allow anonymity, cross-border transfers, or unregulated transactions.

Employee Screening

The process of vetting staff, especially those in sensitive or compliance-related roles, to ensure they are not involved in criminal activity or conflicts of interest. Background checks are a fundamental internal control in regulated institutions.

Evasion Typology

A categorised method by which criminals attempt to bypass AML controls, such as smurfing, trade-based money laundering, or the use of intermediaries. Typologies are shared by FIUs, FATF, and compliance networks to train staff and improve detection.

F

FATF (Financial Action Task Force)

An intergovernmental organisation that sets global standards for combating money laundering, terrorist financing, and proliferation financing. FATF issues recommendations, mutual evaluation reports, and typology guidance that influence AML laws and regulations worldwide. Countries are assessed for compliance through FATF's peer-review process.

FATF Grey List

A list of countries under increased monitoring by the FATF due to strategic AML/CFT deficiencies. While not subject to sanctions, these jurisdictions commit to resolving issues within agreed timeframes. Financial institutions dealing with grey-listed countries often apply enhanced due diligence.

FATF Blacklist

A list of countries deemed to have “high-risk and non-cooperative jurisdictions” with serious AML/CFT deficiencies. Engagement with these countries is heavily discouraged, and transactions may require senior management approval and enhanced scrutiny.

False Positive

In AML screening, a result that incorrectly flags a legitimate transaction or customer as suspicious. High false positive rates can overwhelm compliance teams and reduce operational efficiency. Advanced screening technologies help reduce false positives through better matching algorithms.

False Negative

The failure of a detection system to flag genuinely suspicious or illicit activity. False negatives pose serious compliance risks and may lead to regulatory penalties if criminal behaviour goes undetected due to ineffective controls.

Filing Threshold

The minimum transaction amount that triggers mandatory reporting to authorities, such as Currency Transaction Reports (CTRs) in the U.S. or large cash transaction filings in other jurisdictions. Thresholds vary by country and type of transaction.

Financial Crime Risk Management

A broad framework encompassing controls, systems, policies, and procedures to detect and prevent financial crimes, including money laundering, fraud, bribery, tax evasion, and terrorism financing. AML is a key component of financial crime risk management.

Financial Intelligence Unit (FIU)

A national agency that receives, analyses, and disseminates suspicious transaction reports (STRs) and other financial intelligence. FIUs coordinate with law enforcement and international agencies. Examples include FinCEN (U.S.), the UKFIU, and the UAE FIU.

FinCEN (Financial Crimes Enforcement Network)

The United States’ FIU and a bureau of the U.S. Department of the Treasury. FinCEN administers the Bank Secrecy Act (BSA) and maintains databases of SARs and other financial reports. Its guidance is highly influential in global AML practices.

Financial Inclusion

The effort to provide access to financial services to underserved or unbanked populations. While critical to economic development, financial inclusion efforts must also balance AML risks, particularly in areas like mobile money and informal lending.

Fintech

Short for “financial technology,” fintech refers to innovative technology-driven solutions in financial services, such as mobile payments, lending platforms, and regtech tools. AML compliance for fintechs often involves digital KYC, transaction monitoring, and regulatory technology integration.

Follow-the-Money Approach

An investigative technique used in AML and law enforcement to trace the origin, flow, and ultimate destination of illicit funds. This approach is key in uncovering money laundering networks and financial links to criminal organisations.

Forensic Accounting

A specialised field of accounting used to investigate financial fraud, money laundering, and white-collar crime. Forensic accountants analyse records, trace assets, and support litigation or criminal proceedings.

Front Company

A legitimate-seeming business used to disguise illegal financial activity or launder proceeds of crime. These entities often co-mingle illicit funds with legitimate revenue streams, making detection difficult.

Funds Transfer Pricing (FTP)

A method used in banking to evaluate profitability across business units by assigning costs to the use of internal funds. While not specific to AML, FTP can intersect with AML when assessing customer profitability or risk-weighted returns.

Fund Flow Analysis

A technique used in AML investigations to track the movement of funds through multiple accounts, entities, or jurisdictions. This analysis helps identify layering schemes and uncover attempts to disguise the source or destination of money.

Funnel Account

A bank account into which cash is deposited in multiple locations and withdrawn elsewhere — often used in structuring or smurfing schemes. Funnel accounts are red flags in transaction monitoring systems.

G

Gatekeeper

A professional who acts as an intermediary in financial or legal transactions, potentially facilitating money laundering either knowingly or unknowingly. Gatekeepers include lawyers, notaries, accountants, and trust or company service providers (TCSPs), all of whom are subject to AML obligations in many jurisdictions due to their access to clients' financial and corporate affairs.

General Data Protection Regulation (GDPR)

A European Union regulation that governs the handling of personal data. While not specific to AML, GDPR impacts how financial institutions process, store, and share customer data during KYC, CDD, and transaction monitoring. AML programmes must strike a balance between data privacy and compliance obligations.

Geographical Risk

An element of AML risk assessments based on the location of a customer, transaction, or counterpart. Jurisdictions with weak AML controls, high corruption, or under FATF monitoring (grey/blacklisted) are considered higher risk and may trigger enhanced due diligence.

Global Sanctions List

A consolidated list of individuals, entities, and countries subject to financial or trade restrictions imposed by international bodies or governments. Institutions must screen customers and transactions against such lists (e.g. OFAC, UN, EU, UK HMT) to comply with AML and sanctions regulations.

Golden Visa

A residency or citizenship by investment programme that offers legal status in exchange for significant financial contributions. These programmes have been criticised for weak due diligence controls and their potential misuse for money laundering, tax evasion, and concealment of assets.

Good Faith Reporting

The legal protection afforded to individuals or institutions who report suspicious activity or transactions in compliance with AML laws. Most jurisdictions shield such reporters from liability provided the report was made honestly and without malicious intent.

Government Watchlist

A database maintained by a government or regulatory authority containing the names of individuals or entities suspected of criminal or illicit activity. AML systems screen customer names against such watchlists to identify sanctioned, politically exposed, or high-risk individuals.

GRC (Governance, Risk and Compliance)

A strategic framework that aligns corporate governance, risk management, and compliance activities. In the context of AML, GRC platforms help financial institutions manage regulatory obligations, track controls, assess risks, and document compliance procedures.

Group-wide AML Policy

A harmonised anti-money laundering policy adopted by a financial institution across all its branches and subsidiaries, especially in multinational groups. This ensures consistency in customer risk assessments, reporting standards, and regulatory compliance across jurisdictions.

Gambling Risk in AML

Refers to the elevated risk posed by gaming and betting sectors in facilitating money laundering. Criminals may exploit casinos, online betting platforms, or lottery systems to place and withdraw funds under the guise of winnings. These activities are closely regulated in most jurisdictions.

H

Hawala

An informal value transfer system based on trust, often operating outside regulated banking channels. Common in South Asia and the Middle East, hawala facilitates cross-border remittances without physically moving money. While legitimate in many cultural contexts, hawala is vulnerable to misuse for money laundering and terrorist financing due to limited documentation and oversight.

High-Risk Country

A jurisdiction identified by regulators, international bodies (e.g. FATF), or financial institutions as having weak AML/CFT frameworks, significant corruption, or links to terrorist financing. Customers, transactions, or counterparties associated with high-risk countries typically trigger enhanced due diligence (EDD).

High-Risk Customer

An individual or entity assessed as having a heightened potential for money laundering or terrorist financing, based on risk indicators such as business type, geographic connections, or transaction behaviour. These customers are subject to stricter onboarding checks and ongoing monitoring.

High-Value Dealer (HVD)

A business that trades in goods such as luxury vehicles, precious metals, jewellery, or art, and accepts large cash payments. HVDs are often designated as DNFBPs (Designated Non-Financial Businesses and Professions) and are required to implement AML programmes, especially when dealing in transactions above regulatory thresholds.

Hold Mail Instruction

A service offered by financial institutions where customer correspondence (e.g. bank statements) is retained rather than sent to a physical address. While legal, this feature may be used to obscure customer identity or the existence of accounts and is treated as a red flag in AML programmes.

Honeypot Account

A controlled account set up by law enforcement or compliance teams to attract potential money launderers or fraudsters. These accounts are used in covert investigations to trace illicit activity, though they are rare and regulated due to legal and ethical considerations.

Harmonisation (AML Context)

The process of aligning AML laws, reporting standards, and supervisory practices across jurisdictions or institutions. Harmonisation reduces regulatory arbitrage and promotes consistency in global compliance, especially within economic blocs like the EU or GCC.

Human Trafficking (AML Red Flag)

Human trafficking is considered a predicate offence to money laundering. Funds derived from exploitation, such as forced labour, sexual exploitation, or organ trafficking, may be laundered through complex transaction layers. AML systems often include typologies and red flags to detect suspicious patterns linked to trafficking.

Hybrid Money Laundering

A laundering scheme that combines both traditional and digital methods, such as using crypto wallets alongside offshore bank accounts. Hybrid models are increasingly used to exploit gaps in AML oversight between regulated and unregulated channels.

I

IBAN (International Bank Account Number)

A globally standardised system of identifying bank accounts across borders. Used in cross-border transactions, the IBAN helps prevent errors and provides transparency, assisting AML teams in verifying account details during payments and fund transfers.

Identity Verification

A critical step in customer due diligence (CDD), identity verification confirms a customer’s legal identity using government-issued documents, biometrics, or digital ID systems. Strong identity verification is essential for onboarding, ongoing monitoring, and fraud prevention.

Identified Risk

A specific money laundering or terrorist financing risk flagged during the customer risk assessment process. Identified risks influence onboarding decisions, trigger enhanced due diligence, or shape transaction monitoring parameters.

IFC (International Financial Centre)

A jurisdiction offering a regulatory environment favourable for cross-border finance and investment. While they attract legitimate global business, IFCs may be scrutinised for their AML controls, especially if considered secrecy jurisdictions or low-tax regimes.

IMF (International Monetary Fund)

Though not a regulator, the IMF plays a significant role in AML/CFT by evaluating member countries’ compliance frameworks, supporting FATF recommendations, and integrating AML principles into financial system stability assessments.

Implementation Date (AML Context)

The date by which a financial institution or regulated entity must comply with a new or amended AML regulation or directive. This is used as a milestone for audit and inspection purposes.

Impacted Entity

An institution or party that is directly affected by AML regulations or enforcement actions. For example, a bank named in a regulatory action due to compliance failures is considered an impacted entity.

Impersonation Fraud

A type of financial crime where individuals pose as legitimate clients, law enforcement, or senior executives to access funds or confidential data. AML and fraud teams are increasingly using behavioural analytics to detect such tactics.

Inactivity Monitoring

A compliance control that flags dormant or inactive accounts, especially those that suddenly receive high-value deposits or exhibit unexpected activity. Such changes may signal money laundering, account takeover, or mule activity.

Independent Audit (AML Programme)

A required component of an effective AML programme, typically conducted annually. This audit reviews the adequacy and effectiveness of a firm’s AML policies, procedures, systems, and controls — and ensures that deficiencies are identified and remediated.

Indicator (Money Laundering Indicator)

A specific behaviour, transaction type, or pattern that suggests potential money laundering. Examples include structured deposits, use of shell companies, or inconsistent source of funds. Indicators form the basis of risk models and suspicious activity reports.

Industry Typology

A documented pattern or method of money laundering used within a specific industry or product type. Typologies are shared by regulators, FIUs, or industry bodies to improve detection and prevention efforts.

Information Sharing (AML Context)

The exchange of intelligence between financial institutions, regulators, and law enforcement under frameworks such as the USA PATRIOT Act’s Section 314 or public-private partnerships (e.g. JMLIT in the UK). It improves the efficiency and accuracy of AML detection and investigations.

Inherent Risk

The level of AML/CFT risk posed by a client, geography, product, or delivery channel before the application of mitigating controls. Assessing inherent risk helps shape the overall residual risk calculation and determines due diligence requirements.

Insider Threat

A risk that arises when an employee or internal party abuses their access to enable money laundering or fraud. AML controls often include surveillance, audit logs, and dual-approval processes to detect and mitigate insider threats.

Integration (Stage of Money Laundering)

The third and final stage of the money laundering cycle, where illicit funds are fully assimilated into the legal economy through complex layering and investment. Integration techniques include buying real estate, luxury goods, or establishing legitimate businesses.

Intelligence-Led Compliance

A modern AML strategy that uses data analytics, typology research, and behavioural intelligence to guide monitoring, investigation, and decision-making processes. It represents a shift from purely rules-based systems to risk-informed frameworks.

Interbank Transfer

A transaction that moves funds between two different financial institutions. These are monitored closely by AML systems, especially when involving offshore or high-risk jurisdictions, or where the sender or recipient is obscured.

Internal Controls (AML)

The policies, procedures, and systems put in place to manage AML risk within a firm. Effective internal controls support regulatory compliance, reduce the chance of financial crime, and ensure timely reporting and monitoring.

International Sanctions

Restrictions imposed by governments or international bodies (e.g. UN, EU) that prohibit dealings with designated individuals, countries, or entities. Breaching sanctions — even inadvertently — carries severe AML and reputational risks.

Introductory Account

A financial account opened through a third-party introducer, typically a professional intermediary such as a lawyer or accountant. These accounts carry a higher AML risk and are subject to enhanced scrutiny, especially in jurisdictions with weak oversight.

J

JMLIT (Joint Money Laundering Intelligence Taskforce)

A UK-based public-private partnership that facilitates information sharing between law enforcement agencies and the financial sector. JMLIT aims to enhance the detection and prevention of money laundering and other financial crimes by fostering collaboration and intelligence exchange.

JMLSG (Joint Money Laundering Steering Group)

An industry body in the UK that guides the prevention of money laundering and terrorist financing. The JMLSG's guidance is recognized by the UK's Financial Conduct Authority (FCA) and helps firms comply with their legal obligations under the Money Laundering Regulations.

Jurisdictional Risk

The risk associated with conducting business in or with entities from certain countries or regions. Factors influencing jurisdictional risk include the effectiveness of a country's AML/CFT regime, prevalence of corruption, and the presence of sanctions or embargoes.

Judicial Review (AML Context)

A legal process wherein a court reviews the lawfulness of a decision or action taken by a public body, such as a financial regulator. In the AML context, judicial reviews may be sought by entities challenging enforcement actions or penalties imposed for alleged non-compliance.

Joint Account Monitoring

The process of overseeing accounts held by multiple individuals to detect unusual or suspicious activity. Joint accounts can pose unique AML challenges, as illicit actors may use them to obscure the origin or destination of funds.

Jurisdictional Arbitrage

The practice of exploiting differences in regulatory regimes between jurisdictions to circumvent stricter AML/CFT controls. Entities may relocate operations or structure transactions to benefit from more lenient oversight, posing challenges for global AML enforcement.

K

Key Risk Indicators (KRIs)

Quantitative or qualitative metrics used by organisations to signal potential AML/CFT risks. KRIs are part of a risk-based approach and can include the number of STRs filed, high-risk customer count, or unusual transaction volume. Monitoring KRIs supports proactive risk management and regulatory compliance.

Know Your Business (KYB)

The process of identifying and verifying the identity of corporate clients. KYB includes assessing the business structure, beneficial ownership, source of funds, and geographic risk. It ensures institutions understand the nature and legitimacy of their business clients and is often integrated into broader customer due diligence procedures.

Know Your Customer (KYC)

A foundational AML requirement that involves verifying a customer's identity, understanding their financial behaviour, and assessing associated risks. KYC includes initial identification, ongoing monitoring, and, when needed, enhanced due diligence. It is a regulatory obligation across financial institutions, payment providers, and many regulated entities.

KYC Remediation

The process of updating and validating customer information to meet current regulatory standards. This often occurs in response to changes in regulation, risk scoring, or internal audits. KYC remediation is essential to ensure the accuracy of records and to avoid regulatory penalties.

KYC Utilities

Shared platforms that allow multiple financial institutions to access and update KYC information. These utilities aim to reduce duplication of effort, enhance data consistency, and streamline customer onboarding across banks, particularly in large correspondent networks.

Kleptocracy

A form of government where officials use their power to steal national resources or funds for personal gain. In AML, kleptocrats often use complex laundering networks, shell companies, and foreign assets to disguise the proceeds of corruption, making them a key focus of global financial crime enforcement efforts.

Kickback Scheme

A fraudulent arrangement in which a person receives a portion of illicit profits or benefits in return for facilitating a transaction or favouring a particular party. Kickbacks are often hidden through false invoicing or layered transactions and can be red flags for money laundering.

L

Layering

The second stage in the money laundering cycle, where illicit funds are moved through a complex series of financial transactions to obscure their origin. Techniques include wire transfers, currency exchanges, purchasing high-value assets, or using shell companies. The goal is to create confusion and reduce the audit trail.

Legal Person

An entity, such as a corporation or organisation, that is recognised by law as having rights and responsibilities. In AML, identifying and verifying legal persons is crucial, particularly to uncover the beneficial owners behind corporate structures that may be used to conceal illicit activities.

Legal Arrangement

Structures like trusts, foundations, or partnerships that may not be tied to a specific individual. These arrangements can be misused for money laundering or terrorist financing, which is why many jurisdictions require disclosure of settlors, trustees, and beneficiaries.

Letterbox Company (Shell Company)

A legal entity that exists primarily on paper, with little or no physical presence or operational purpose. Often used in layering, these companies may facilitate money laundering by obscuring the true owner or origin of funds.

Licence Revocation

A regulatory action where a financial institution's or DNFBP’s operating licence is suspended or terminated due to non-compliance with AML or CFT regulations. This is often the result of repeated violations, poor controls, or failure to respond to supervisory directives.

Linked Transactions

Multiple transactions that, when viewed individually, may appear unrelated or innocuous, but collectively indicate suspicious behaviour. For example, multiple small deposits just below the reporting threshold. Identifying linked transactions is a critical feature of automated transaction monitoring systems.

Liquidation (Forced Liquidation in AML Context)

The process of winding up a company’s financial affairs. In AML, liquidation may be ordered if a business is found to be involved in illegal activity, or it may be used to obscure funds if the company is a front for money laundering.

Loan-Back Arrangement

A laundering technique where illicit funds are placed into a financial institution and then "borrowed" back by the criminal, often through a complicit shell company. This creates the illusion of a legitimate loan and helps integrate illegal funds into the formal economy.

Low-Risk Customer

A client categorised through the risk-based approach as having minimal exposure to money laundering or terrorist financing threats. These customers typically require standard due diligence rather than enhanced procedures. Examples may include publicly listed companies in low-risk jurisdictions.

Law Enforcement Agency (LEA)

A government body authorised to investigate and prosecute crimes, including money laundering. AML regulations often mandate that financial institutions cooperate with LEAs by filing Suspicious Transaction Reports (STRs) and providing relevant records upon request.

Local Politically Exposed Person (PEP)

A domestic individual holding a prominent public function who may present a higher risk of corruption or abuse of power. While foreign PEPs are often subject to enhanced scrutiny, local PEPs are increasingly considered under risk-based AML programmes, particularly in the Middle East and North Africa (MENA) region.

Look-Back Review

A retrospective analysis conducted by financial institutions to assess whether previously overlooked suspicious activities occurred. Typically mandated by regulators or internal audits, especially after systemic failures or enforcement actions.

M

Market Manipulation

Illicit practices aimed at distorting financial markets to create artificial prices or trading volumes, often used to facilitate money laundering or securities fraud. Techniques include pump-and-dump schemes, wash trading, and spoofing.

Money Laundering

The process of disguising the origins of illegally obtained money to make it appear legitimate. The classic cycle involves three stages: placement, layering, and integration. AML frameworks aim to detect, prevent, and report such activities across financial systems.

Money Laundering Reporting Officer (MLRO)

A senior compliance official within a regulated entity responsible for overseeing AML policies, ensuring regulatory compliance, and filing Suspicious Activity Reports (SARs). The MLRO serves as the key liaison with regulators and financial intelligence units (FIUs).

Monetary Threshold

A predefined financial limit that triggers specific AML obligations such as reporting, customer verification, or transaction monitoring. For example, many jurisdictions require reporting of cash transactions above a set amount (e.g., USD 10,000 or AED 55,000).

Micro-Structuring

A tactic within structuring (smurfing) where large sums of illicit funds are broken into extremely small deposits to avoid detection and reporting thresholds. Micro-structuring is often used in retail banking or digital payment platforms.

Money Mule

An individual who transfers or moves illegally acquired money on behalf of others, often unknowingly. Criminals may recruit money mules through job scams or online relationships, exploiting them as intermediaries to obscure the origin and destination of funds.

Mutual Evaluation Report (MER)

A formal assessment of a jurisdiction’s compliance with the Financial Action Task Force (FATF) Recommendations. Conducted by FATF or its regional bodies (e.g., MENAFATF), the MER evaluates technical compliance and effectiveness in combatting money laundering and terrorist financing.

Monetary Authority

A government or quasi-governmental entity (such as a central bank or financial regulator) that oversees financial institutions and enforces AML/CFT compliance. Examples include the CBUAE, DFSA, and the Saudi Arabian Monetary Authority (SAMA).

Monitoring

An ongoing process in AML compliance that includes reviewing customer transactions and behaviours to identify unusual or suspicious patterns. Monitoring may be real-time, batch-based, or event-triggered, depending on the risk profile of the customer.

Merchant Category Code (MCC)

A four-digit code used to classify businesses by the type of goods or services provided. In AML, MCCs help flag potentially high-risk business activities such as online gambling or cryptocurrency exchanges.

Money Service Business (MSB)

A financial institution that provides services such as money transfers, currency exchange, or cheque cashing. MSBs are regulated under AML frameworks due to their higher exposure to cash transactions and cross-border flows.

Masked Transactions

Financial activities that are deliberately structured or obfuscated to conceal the true identity of the parties involved. These may include the use of intermediaries, shell companies, or nested accounts to hide illicit origins.

Mutual Legal Assistance Treaty (MLAT)

A formal agreement between countries to facilitate the exchange of information and evidence for investigations into criminal activities, including money laundering. MLATs support cross-border cooperation in AML enforcement.

Monetary Instruments

Includes cash, cheques, traveller’s cheques, bearer bonds, and money orders. Many AML laws require declaration or reporting of cross-border transport or suspicious use of such instruments, which are commonly exploited for laundering.

Money Laundering Typology

A model or classification of common money laundering schemes. Examples include trade-based laundering, real estate laundering, and misuse of non-profit organisations. Typologies help institutions anticipate and detect risks.

N

Name Screening

The process of comparing an individual or entity's name against various watchlists, sanctions lists, politically exposed persons (PEP) databases, and internal blacklists. Name screening is a core component of customer due diligence (CDD) and ongoing monitoring, used to identify potential AML/CFT risks.

National Risk Assessment (NRA)

A comprehensive government-led evaluation of money laundering and terrorist financing risks within a country. The NRA helps policymakers, regulators, and private sector entities allocate resources and develop AML strategies proportionate to the assessed risks. Conducted in accordance with FATF guidelines.

Nested Accounts

An arrangement in which a foreign financial institution gains indirect access to the domestic financial system through a correspondent account held by another foreign bank. Nested accounts can obscure the identity of underlying clients and are high-risk from an AML perspective due to potential lack of transparency and control.

Nominee Account

An account held in the name of one party (the nominee) on behalf of another (the beneficiary). While legal in many jurisdictions, nominee arrangements can be used to conceal beneficial ownership, posing a significant risk for money laundering and tax evasion.

Non-Cooperative Jurisdiction

A country or territory identified by FATF or similar international bodies as lacking sufficient AML/CFT frameworks or failing to cooperate in global financial crime prevention efforts. These jurisdictions are often subject to enhanced due diligence (EDD) and increased regulatory scrutiny.

Non-Financial Businesses and Professions (DNFBPs)

A FATF category that includes casinos, real estate agents, dealers in precious metals and stones, lawyers, notaries, accountants, and trust and company service providers. DNFBPs are often exposed to AML/CFT risks and are increasingly subject to regulatory obligations and inspections.

Non-Profit Organisation (NPO)

An entity that uses surplus revenues to achieve its goals rather than distribute profits. NPOs can be misused to finance terrorism or launder money due to their access to international funding, limited regulatory oversight, and cross-border operations. AML regulations require transparency and risk mitigation measures.

Non-Resident Account

An account opened by an individual or entity that is not domiciled in the jurisdiction of the financial institution. Such accounts are higher risk due to the potential for cross-border movement of funds and limited visibility into the customer’s activities or regulatory status.

Nexus Risk

A term used to describe the risk that arises when a customer, transaction, or counterpart has ties to high-risk jurisdictions or sectors. It informs customer risk rating and monitoring strategies.

Negative News

Adverse public information about an individual or business, often obtained through media sources. Negative news screening (or adverse media screening) is a due diligence measure to detect potential reputational, financial crime, or regulatory risk.

Non-Face-to-Face Customer

A customer who opens an account or conducts transactions without in-person contact. Non-face-to-face relationships carry increased AML risks due to challenges in verifying identity and intent, and often require enhanced due diligence measures.

O

Offboarding

The formal process of terminating a business relationship with a client, often due to elevated risk, regulatory concerns, or suspicious activity. Offboarding decisions must be documented and follow established internal procedures to mitigate legal or reputational risk.

Offshore Accounts

Bank or investment accounts held in jurisdictions different from the account holder’s country of residence. While often legal, these accounts can be used to hide assets, evade taxes, or launder money, particularly when located in secrecy jurisdictions.

Offshore Financial Centre (OFC)

A jurisdiction that provides financial services to non-residents on a scale disproportionate to the size of its domestic economy. OFCs may offer low taxes and high confidentiality, making them attractive for legitimate international business—but also a potential AML/CFT risk due to opacity.

Onboarding

The process of acquiring and verifying a new customer, including identity verification, due diligence checks, and risk scoring. In AML, onboarding is a critical compliance step where CDD and screening tools are applied to detect potential financial crime exposure before account activation.

Ongoing Monitoring

The continuous review of customer activity and transactions to detect unusual or suspicious behaviour. Ongoing monitoring supports the identification of red flags, facilitates timely filing of suspicious activity reports (SARs), and ensures customer risk profiles remain accurate over time.

Operational Risk

The risk of loss resulting from inadequate or failed internal processes, systems, or people. In AML, operational risk can result in missed suspicious activity, failed screenings, or breaches in data integrity—potentially leading to enforcement actions or fines.

Ownership Structure

The hierarchy or arrangement of legal and beneficial owners of an entity. Understanding ownership structure is a key component of due diligence, especially when identifying ultimate beneficial owners (UBOs) and tracing connections to high-risk individuals or jurisdictions.

Outsourcing Risk

Risks associated with delegating compliance or operational functions to third parties. AML regulations require firms to retain oversight, conduct due diligence on providers, and ensure outsourced services meet regulatory standards.

Over-the-Counter (OTC) Transactions

Private transactions conducted directly between parties without a central exchange. OTC trades, particularly in the crypto or FX space, can carry elevated AML risk due to limited transparency and reduced oversight compared to regulated exchanges.

Over-Compliance

A conservative approach where a financial institution exceeds the minimum regulatory requirements to reduce exposure to enforcement or reputational risk. While it may enhance safety, over-compliance can hinder business operations and customer experience if not balanced effectively.

P

Payment Service Provider (PSP)

A company that enables merchants or users to accept and process payments. PSPs are often regulated and must implement AML controls to monitor transactions, verify customer identities, and detect potential misuse of their platforms for illicit activities.

PEP (Politically Exposed Person)

An individual who holds or has held a prominent public position, as well as their immediate family members and close associates. PEPs pose higher corruption and money laundering risks due to their influence and access to public funds. Enhanced due diligence (EDD) is typically required.

Placement

The first stage of the money laundering cycle, where illicit funds are introduced into the financial system. Common methods include bank deposits, cash-intensive businesses, and the purchase of high-value goods or real estate.

Ponzi Scheme

A fraudulent investment operation where returns are paid to earlier investors from funds contributed by new investors, rather than legitimate profit. Such schemes collapse when new investments dry up and are often linked to large-scale financial crime and money laundering.

Predicate Offence

A crime that generates proceeds which may then be laundered. Predicate offences include fraud, bribery, drug trafficking, and tax evasion. Money laundering charges generally depend on the existence of a predicate offence that produced the illicit funds.

Private Banking

Banking services provided to high-net-worth individuals (HNWIs), often involving complex structures, offshore entities, and tailored financial solutions. These services carry elevated AML risk due to the potential for opaque ownership and large, cross-border transactions.

Proliferation Financing

The act of providing funds or financial services to support the development, production, or use of weapons of mass destruction (WMDs). AML regimes often incorporate proliferation financing risk assessments, especially in line with FATF Recommendation 7.

Project Financing

A method of funding infrastructure or industrial projects through a special purpose vehicle (SPV), often involving multiple stakeholders and jurisdictions. These structures can obscure ownership and fund flows, posing potential AML risks.

Proof of Address (PoA)

A document used to verify a customer’s residential address, such as a utility bill or tenancy agreement. PoA is typically required during customer onboarding as part of Know Your Customer (KYC) procedures.

Proof of Funds (PoF)

Documentation confirming the source and availability of funds for a specific transaction, commonly used in high-risk activities such as real estate purchases or large international transfers. Verifying PoF helps mitigate the risk of proceeds from criminal activity.

Proprietary Trading

When a financial firm trades stocks, bonds, currencies, or other instruments using its own capital rather than on behalf of clients. Firms engaging in proprietary trading must monitor for unusual trading patterns that could indicate layering or market manipulation.

Pseudonymisation

A data protection technique that replaces identifying fields within a dataset with artificial identifiers or pseudonyms. In AML contexts, it may be used to balance privacy and compliance obligations, especially in sensitive investigations.

Public Beneficial Ownership Register

A registry that publicly discloses the beneficial owners of companies or other legal entities. Increasingly mandated by AML directives, these registers enhance transparency and reduce the misuse of legal entities for money laundering.

Public–Private Partnership (PPP) in AML

Collaborative efforts between government agencies and private sector entities to enhance AML capabilities through data sharing, intelligence exchange, and joint investigations. Examples include FIU–bank information-sharing initiatives to improve detection and prevention.

Purchase of High-Value Goods

An AML red flag activity where individuals use illicit funds to buy luxury assets such as jewellery, vehicles, or artwork. Such purchases can facilitate money laundering by converting cash into movable value or assets that can be resold.

Push Payment Fraud

A type of fraud in which victims are tricked into authorising payments to criminal-controlled accounts. While primarily a fraud typology, push payment scams can also be used to launder stolen funds or fund mule networks.

R

RBA (Risk-Based Approach)A foundational principle in anti-money laundering whereby institutions tailor their controls, due diligence, and monitoring efforts according to the risk profile of clients, products, services, and geographies. It allows for resource prioritisation while enhancing detection of suspicious activity.

Red FlagsIndicators or warning signs that suggest potentially suspicious or illicit activity. These can be transactional (e.g., rapid movement of funds), behavioural (e.g., reluctance to provide documents), or structural (e.g., use of shell companies). Red flags trigger further investigation and possible filing of a suspicious activity report (SAR).

RegTech (Regulatory Technology)Technology solutions designed to improve regulatory compliance processes, particularly in areas like transaction monitoring, KYC/AML, and regulatory reporting. RegTech tools help institutions streamline and automate compliance tasks, improve data accuracy, and reduce risk exposure.

Reporting EntityAn institution or business legally obligated to implement AML/CFT controls and report suspicious activity. Reporting entities may include banks, insurance firms, DNFBPs (Designated Non-Financial Businesses and Professions), money service businesses, and virtual asset service providers.

Request for Information (RFI)A formal inquiry raised by regulators, law enforcement, or internal compliance teams requesting further documentation or clarification related to a client, transaction, or alert. RFIs often precede investigations or regulatory action.

Residual RiskThe level of risk that remains after controls and mitigation measures have been applied. In AML contexts, residual risk helps institutions evaluate the effectiveness of their controls and determine whether further remediation or enhanced measures are necessary.

Reputational RiskThe potential damage to an institution’s brand, client trust, or market position arising from association with illicit activity or regulatory breaches. AML failings can lead to reputational damage, especially when public enforcement actions or penalties are involved.

Risk AppetiteThe amount and type of risk an organisation is willing to accept in pursuit of its objectives. In AML, institutions define their risk appetite to determine acceptable exposure to money laundering, customer types, geographies, and transaction types.

Risk IndicatorA measurable factor or sign used to assess the likelihood or severity of a money laundering or terrorist financing risk. Examples include high-risk jurisdictions, complex ownership structures, or unusual transaction patterns.

Risk MitigationSteps taken to reduce the likelihood or impact of a compliance risk. In AML, this includes implementing enhanced due diligence, automated monitoring systems, staff training, and internal audit functions.

Risk Scoring ModelA system used to quantify the level of AML/CFT risk associated with a customer, transaction, or entity. Risk scoring models typically incorporate multiple indicators and are used to determine due diligence levels and frequency of review.

Robustness (of Controls)A qualitative assessment of how effective, comprehensive, and resilient an institution’s AML controls are under scrutiny or stress. Regulatory reviews often examine the robustness of a firm's risk framework, policies, and response mechanisms.

Roll-Up AccountA technique often used in layering, where small transfers from multiple sources are consolidated into a single account before being moved again. This can obscure the origin of funds and is a common red flag for money laundering.

S

Sanctions

Restrictive measures imposed by governments or international bodies (such as the United Nations, EU, or OFAC) against countries, entities, or individuals to achieve foreign policy and security objectives. Sanctions can include asset freezes, travel bans, and trade restrictions. In AML, sanctions screening is a critical component of customer and transaction due diligence.

Sanctions Screening

The process of checking customers, transactions, and counterparties against sanctions lists to ensure compliance with legal obligations. Institutions must maintain up-to-date screening tools and review hits to identify and block prohibited activities.

SAR (Suspicious Activity Report)

A formal report submitted to a Financial Intelligence Unit (FIU) when a transaction or behaviour raises concerns about potential money laundering or terrorist financing. Filing SARs is a legal requirement for regulated entities, and reports must be timely, detailed, and kept confidential.

SAS (Structuring Analysis Software)

Advanced software that detects attempts to evade reporting thresholds by breaking large transactions into smaller ones — a common layering technique in money laundering. These tools help identify complex structuring schemes.

Screening

A due diligence process involving checks against various databases, including sanctions, PEPs (politically exposed persons), watchlists, and adverse media. Screening is typically performed at onboarding and regularly thereafter to maintain ongoing compliance.

Read also: What is PEP screening?

SEPA (Single Euro Payments Area)

A European Union initiative that simplifies bank transfers in euros across participating countries. While SEPA enhances efficiency, it also requires careful AML oversight due to cross-border transaction flows and potential exposure to higher-risk jurisdictions.

Shell Bank

A financial institution with no physical presence in any jurisdiction and unaffiliated with a regulated financial group. Shell banks are prohibited in many jurisdictions because they pose significant money laundering risks due to limited transparency and oversight.

Shell Company

A legal entity with no significant operations or assets, often used to obscure the ownership and movement of funds. While shell companies can be legitimate, they are frequently exploited for money laundering, tax evasion, and illicit finance.

Source of Funds (SoF)

Information describing where a customer’s funds used in a transaction originate. Verifying SoF is essential in KYC and due diligence processes, particularly for large or high-risk transactions.

Source of Wealth (SoW)

A broader concept than source of funds, SoW describes how a person or entity acquired their total wealth. Understanding SoW is particularly important for high-risk customers such as PEPs, where transparency is essential to mitigate corruption risks.

Smurfing

A layering technique where illicit funds are divided into small amounts and deposited into multiple accounts or transactions to avoid detection thresholds. Smurfing is a common typology in structuring.

STR (Suspicious Transaction Report)

Similar to a SAR, an STR is filed when a specific transaction (rather than general activity) is suspected to be linked to money laundering or terrorist financing. The terminology varies by jurisdiction, but both forms serve to alert FIUs.

Supervisory Authority

A regulatory or governmental agency responsible for overseeing financial institutions’ compliance with AML regulations. Examples include the DFSA in Dubai, the FCA in the UK, and FinCEN in the US.

Suspicious Activity

Any transaction or pattern of behaviour that does not appear consistent with a customer’s profile, business, or financial history. Examples include unexplained large cash deposits, complex offshore structures, or unusual third-party payments.

SWIFT (Society for Worldwide Interbank Financial Telecommunication)

A global network that facilitates secure international financial messaging. While not a payment system itself, SWIFT messages carry transactional data and are used by AML teams to trace cross-border money flows.

Synthetic Identity Fraud

A form of fraud where fake identities are created using a combination of real and fabricated information (e.g. stolen social security numbers with fictitious names). Synthetic identities are often used to open accounts and launder funds without triggering alerts.

Systematic Risk Assessment

A formalised and recurring evaluation of an institution’s exposure to money laundering risks across its operations, products, customers, and geographies. This feeds into enterprise-wide AML strategy and controls.

Suspension of Transaction

A temporary halt of a financial transaction flagged as suspicious. Institutions may suspend transactions pending investigation or regulatory reporting, especially when there’s a risk of facilitating criminal activity.

T

Terrorist Financing

The process of collecting or providing funds with the intent or knowledge that they will be used to support terrorist activities. Unlike money laundering, the source of funds for terrorist financing can be both legitimate and illicit. Financial institutions are obligated to identify and report any transactions that may be linked to terrorism.

Third-Party Payment

A payment made on behalf of a client by a different individual or entity not named in the account. These payments raise AML red flags, as they may be used to disguise the source of funds or circumvent due diligence checks.

Threshold Transaction Reporting

A legal requirement in many jurisdictions for financial institutions to report transactions that exceed a certain monetary value. These reports help authorities detect structuring or other suspicious behaviours intended to avoid regulatory detection.

Trade-Based Money Laundering (TBML)

A method of disguising proceeds of crime and moving value through trade transactions. TBML can involve mis-invoicing, under- or over-invoicing, phantom shipments, or multiple invoicing. It is one of the most complex and globally pervasive laundering methods.

Transaction Laundering

A digital variant of money laundering where illicit merchants process transactions through the payment infrastructure of legitimate businesses. This is commonly seen in e-commerce and is difficult to detect without advanced monitoring.

Transaction Monitoring

An ongoing process used by financial institutions to detect unusual or suspicious patterns in customer transactions. Systems may be rules-based or AI-enhanced and are a key component of any AML programme.

Transparency International

A global non-governmental organisation that leads the fight against corruption. It publishes the Corruption Perceptions Index (CPI), which is often used in AML risk assessments to evaluate country-level corruption risk.

Tipping-Off

The act of informing a person that they are the subject of an investigation or that a suspicious activity report (SAR) has been filed. This is illegal in many jurisdictions and considered a serious breach of confidentiality in AML operations.

Terrorist List Screening

The process of checking individuals and entities against lists of known or suspected terrorists maintained by governments or international bodies. Screening must be performed during onboarding and periodically thereafter to ensure compliance.

Trust and Company Service Providers (TCSPs)

Firms that offer services such as forming companies, acting as directors or trustees, and managing client funds. TCSPs are considered high-risk for money laundering and are subject to strict AML regulations, especially around beneficial ownership transparency.

Terrorist Property

Assets owned or controlled by a terrorist or terrorist group, including physical property, digital assets, and financial instruments. These are subject to freezing and confiscation under counter-terrorism financing laws.

Trigger Event

An occurrence or change in customer behaviour that prompts a review or update of customer due diligence (CDD). Examples include changes in ownership, unusual transactions, or adverse media hits. Trigger events are used to initiate enhanced monitoring or reviews.

Transactional Risk

The inherent risk present in specific types of financial transactions, depending on volume, velocity, frequency, or jurisdiction. Understanding transactional risk is critical to assigning risk scores and prioritising investigations.

Typology

A model or pattern of behaviour commonly associated with money laundering or terrorist financing. Typologies include structuring, use of shell companies, and trade-based laundering. Regulatory bodies often publish typology reports to help institutions identify emerging threats.

U

Ultimate Beneficial Owner (UBO)

The individual who ultimately owns or controls a customer or the person on whose behalf a transaction is conducted. UBOs may own shares directly or through layers of ownership and are a focal point of AML due diligence to prevent the misuse of corporate structures for illicit purposes.

Unexplained Wealth Order (UWO)

A legal tool, primarily used in the UK, that compels individuals to explain the origin of assets that appear disproportionate to their known income. UWOs target politically exposed persons (PEPs) and others suspected of having acquired wealth through illicit means.

Unusual Transaction Report (UTR)

A report filed when a transaction does not meet the criteria for a Suspicious Activity Report (SAR) but is still considered abnormal based on customer behaviour or profile. UTRs may serve as internal flags prompting further review.

Unregulated Entity

A company or individual operating outside the scope of AML regulatory frameworks. Unregulated entities can present high ML/TF risks due to weak oversight, and institutions must assess the risk before engaging with them.

Use of Straw Men

A method of disguising beneficial ownership by using another person to conduct transactions or hold assets. Straw men obscure the real actor’s identity, raising significant AML concerns, especially in high-risk sectors.

Underbanked

Refers to individuals or populations with limited access to traditional banking services. While financial inclusion is a global priority, underbanked sectors can be more vulnerable to exploitation for money laundering or terrorist financing if appropriate safeguards are not in place.

Unlicensed Remittance Business

An entity that offers money transfer services without the necessary regulatory approval. These are illegal in many jurisdictions and often linked to underground banking systems, including informal value transfer systems (IVTS).

Ultimate Effective Control

A broader concept than legal ownership, referring to the person or entity with the power to make decisions or exercise control over a business, trust, or asset. Identifying ultimate control is crucial when screening for true beneficiaries in complex structures.

Unlawful Proceeds

Funds or assets derived from criminal activity. The key objective of AML regimes is to prevent unlawful proceeds from entering or being concealed within the financial system.

V

Value Transfer System (VTS)

A mechanism for transferring value or funds without using traditional financial institutions. Examples include hawala, hundi, and other informal remittance systems. While used for legitimate purposes, VTS can be exploited for money laundering due to limited regulatory oversight and anonymity.

Variable Annuities

Insurance products that allow investments in various sub-accounts, often used as long-term financial tools. These can pose AML risks if used to obscure the source of funds or launder illicit gains, particularly due to their complexity and long investment horizons.

Virtual Asset (VA)

A digital representation of value that can be used for payment or investment purposes but is not issued or guaranteed by a central bank. VAs include cryptocurrencies like Bitcoin or Ethereum and are subject to AML regulations in many jurisdictions due to their anonymity and transferability.

Virtual Asset Service Provider (VASP)

Entities that facilitate the exchange, safekeeping, or transfer of virtual assets. FATF defines VASPs as subject to AML/CFT regulations, requiring them to implement customer due diligence (CDD), transaction monitoring, and reporting obligations.

Voluntary Disclosure

A mechanism allowing individuals or organisations to report previously undeclared assets, income, or compliance violations to authorities—often with reduced penalties. In AML contexts, voluntary disclosures may precede investigations and are scrutinised for source-of-funds legitimacy.

Verification of Identity (VoI)

The process of confirming a customer’s identity using official documents, biometric data, or electronic tools. VoI is a core component of Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures.

Virtual Currency

A type of digital currency operating outside of traditional banking systems, not recognised as legal tender in most jurisdictions. Virtual currencies present high ML/TF risks, particularly when transacted peer-to-peer or through non-compliant platforms.

Vendor Due Diligence

A risk management process to assess third-party service providers or suppliers, especially in financial services. When vendors process sensitive data or financial transactions, institutions must assess their compliance with AML standards and data protection laws.

Visa Fraud

The use of false or misleading information to obtain travel or immigration documents. While primarily a criminal offence, visa fraud may overlap with AML concerns when tied to human trafficking, smuggling, or money laundering activities.

W

Walk-in Customer

An individual who conducts financial transactions without maintaining a formal relationship with the institution (i.e. no account). Walk-in customers pose heightened AML risks due to the limited information available, making it harder to verify identity or assess transaction purpose.

Watchlist Screening

The process of checking customer or transaction data against lists of sanctioned entities, PEPs (politically exposed persons), criminals, or high-risk individuals maintained by authorities like the UN, OFAC, or EU. A key component of ongoing due diligence.

Wealth Management

A service that provides personalised financial planning and investment management to high-net-worth individuals (HNWIs). Due to the complexity and volume of transactions, this sector carries increased AML risk, particularly when involving offshore structures or private investment vehicles.

Whistleblower

A person who exposes wrongdoing, such as regulatory breaches or money laundering, typically from within an organisation. Many jurisdictions provide legal protections for whistleblowers and encourage reporting through official channels, including financial intelligence units (FIUs).

Wire Fraud

A crime involving the use of telecommunications or the internet to defraud individuals or institutions of money or property. Wire fraud is frequently linked to identity theft, business email compromise (BEC), and money laundering networks.

Wire Transfer

An electronic transfer of funds between individuals or institutions. Due to its speed and cross-border reach, wire transfers are a common method for laundering funds. AML controls, such as the travel rule, are used to capture sender and receiver data for oversight.

World-Check

A proprietary database of enhanced due diligence records and watchlists, widely used in AML screening processes. Developed by Refinitiv, it helps institutions identify PEPs, sanctioned entities, and individuals involved in financial crime or terrorism financing.

Wolfsberg Group

An association of thirteen global banks that develop AML, KYC, and counter-terrorist financing guidelines. The Wolfsberg Group promotes best practices in the financial sector, especially for correspondent banking, risk management, and due diligence.

Withdrawal Structuring

A money laundering tactic where large sums are withdrawn in smaller amounts over time to avoid triggering reporting thresholds. Often combined with layering techniques to evade detection.

Whitelisting

The process of approving a list of entities or transactions considered low risk, which may be subject to reduced scrutiny. While useful for efficiency, improper whitelisting can create blind spots in AML monitoring programmes.

Y

Yen (¥)

The official currency of Japan. While not inherently an AML term, major global currencies like the Yen are relevant in cross-border transaction monitoring and foreign exchange surveillance, especially when originating from or flowing into high-risk jurisdictions.

Yield Farming

A strategy in decentralised finance (DeFi) where users lend or stake cryptocurrency assets in exchange for rewards. The rapid, pseudonymous movement of funds across DeFi platforms presents challenges for AML compliance, particularly in identifying beneficial ownership and tracing asset flow.

Youth Account Fraud

A type of financial crime involving the misuse of accounts opened in the names of minors or young adults—often with forged documentation or under social engineering schemes. These accounts can be exploited for money laundering or testing fraud controls.

YTD (Year-To-Date) Transactions

A cumulative record of all transactions processed from the beginning of the calendar or fiscal year up to the current date. In AML analysis, reviewing YTD data helps identify behavioural patterns, anomalies, or changes in customer activity.

Z

Zakat

An obligatory form of almsgiving in Islam, typically involving the donation of a portion of wealth or income to charitable causes. In AML compliance, financial institutions operating in Muslim-majority jurisdictions may be required to monitor Zakat-related transactions for misuse or abuse by terrorist financing channels under broader CFT frameworks.

Zero-Knowledge Proof (ZKP)

A cryptographic method enabling one party to prove possession of information without revealing the information itself. While ZKPs enhance privacy and security, their adoption in blockchain and decentralised finance (DeFi) environments poses AML risks by making transaction traceability and identity verification more difficult.

Zero Tolerance Policy

An internal compliance approach where any breach of AML procedures—no matter how minor—is treated with maximum scrutiny and consequence. Often used by institutions seeking to establish a strong compliance culture and signal seriousness to regulators.

Zoning Risk

The risk that arises when a business is located in a geographic area with limited regulatory oversight or increased criminal activity. In AML, zoning risk is often factored into customer risk assessments, particularly for physical establishments like money service businesses or real estate agents.

Zombie Account

An inactive or dormant financial account that may be reactivated or misused for laundering money, particularly when its ownership cannot be easily verified. Zombie accounts are often targeted in mule account networks or used to layer illicit funds.

Conclusion

This AML acronyms and terms glossary is a living document. As financial crime typologies evolve and regulatory frameworks adapt, so too must the language we use.

At azakaw, we are committed to clarity, accessibility, and excellence in compliance communication. We will continue updating this glossary with new definitions and insights.

Whether you're deciphering an audit report, drafting a compliance framework, or exploring a new domain in fintech, this resource is designed to equip you with the language of modern AML.