Source of Funds: meaning, documents & AML requirements
- azakaw
- 13 hours ago
- 13 min read
When a customer makes a large, unusual or higher-risk transaction, financial institutions need to understand where the money came from.
That is the role of Source of Funds verification: an AML control that helps regulated businesses confirm whether the money behind a specific transaction is legitimate or not.
According to the FATF, the global financial system loses roughly 2 to 5% of global GDP to money laundering each year, and SoF checks are designed to stop that flow at the point of entry.
This guide explains what a source of funds actually is in AML compliance, why regulators in the UAE, Saudi Arabia, Oman, and South Africa require it, which documents serve as evidence, how institutions carry out the verification, and what happens if a customer cannot provide sufficient proof.
Source of Funds - Key Takeaways |
|
|
|
|
|
|
|
What is the source of funds in AML compliance?
Source of funds (SoF) refers to the origin of the specific money used in a particular transaction or business relationship. It verifies how the money for that specific deal was generated, ensuring it comes from lawful, legitimate activities.
It's a very specific transactional question, not concerning your total assets but rather exactly where that particular payment originated from.
The regulatory definition: FATF and global standards
FATF doesn't outline SoF on its own; it forms part of the broader Customer Due Diligence (CDD) requirements under FATF Recommendation 10.
Entities subject to regulation must understand the essence of their clients' enterprises, and, where there is some level of risk, the origin of the funds used in the actual transaction.
This requirement is automatically included in the national legislation: the UAE Central Bank's AML regulations, Saudi Arabia's SAMA framework, Oman's CMA requirements and South Africa's FSCA-monitored AML guidelines all include SoF verification as both a CDD and an EDD requirement.
Stay Compliant During the AML Journey
Centralise, simplify, and scale your compliance efforts across jurisdictions and regulators. Use regulator-specific templates or create your own rules and workflows.
What is the difference between the source of funds and the source of wealth?
Source of funds (SoF) is really very specific to the transaction itself, answering "where did this money come from?"
Source of wealth (SoW) deals with the bigger picture, giving an overview of "how an individual was able to build their entire net worth over time."
A client could have a fairly legitimate source of wealth (such as a successful 20-year medical career as a surgeon), yet still need to verify the source of funds for a single transaction separately. Why?
Because the money for that one particular wire transfer may have come from a different account, a loan, or even from a third party, which also requires its own detailed explanation.
In reality, SoW queries occur more often during the initial sign-up process and Enhanced Due Diligence (EDD) assessments.
SoF questions appear around specific transactions themselves, especially when dealing with major wire transfers, the purchase of properties or deposits that don't seem to match the usual patterns of activity exhibited by the customer.
Why do regulators require a source of funds verification?
Regulators require source of funds verification to disrupt money laundering attempts and to make sure every organisation is AML compliant.
The role of SoF in customer due diligence (CDD)
Before starting a business relationship, every regulated institution has to carry out CDD (Customer Due Diligence).
SoF fits right into this framework as the mechanism linking the customer's reported profile to the actual money flowing through their accounts.
When a retail customer with a moderate income suddenly receives a $500,000 wire transfer, CDD requires the institution to determine the source of that money before processing it.
When enhanced due diligence (EDD) triggers a deeper SoF check
EDD sets a higher standard. Under FATF Recommendation 19, it applies to high-risk customers, including Politically Exposed Persons (PEPs), individuals from high-risk countries, and individuals involved in very large or complex transactions.
Under EDD, SoF verification moves from simply being a declared fact to being independently supported by evidence itself.
For instance, if a PEP were to make a big property purchase, they'd have to provide fully documented proof of the funds' origin, not merely make a written declaration.
Source of Funds obligations across jurisdictions
Each of these four jurisdictions has its own way of implementing SoF requirements through FATF-aligned national frameworks, although the supervising bodies vary:
UAE: The UAE Central Bank requires regulated companies to verify SoF as part of CDD and EDD, with STR filing duties to the Financial Intelligence Unit when there are any discrepancies.
Saudi Arabia: SAMA's AML rules require financial institutions to get and confirm SoF documentation, especially for high-value transactions and also for high-risk customer groups.
Oman: The Capital Market Authority (CMA) and Central Bank of Oman enforce SoF verification requirements that line up with FATF recommendations, focusing particularly on international transfers across borders. Read more: AML compliance in Oman
South Africa: The Financial Sector Conduct Authority (FSCA), along with the Prudential Authority, enforces SoF verification under the Financial Intelligence Centre Act (FICA), paying extra attention to repatriating funds from overseas because of South Africa's experience with currency control regulations.
Best Multiple-Jurisdiction AML Tool
Centralise, simplify, and scale your compliance efforts across jurisdictions and regulators. Use regulator-specific templates or create your own rules and workflows.
Which entities need to request the Source of Funds?
Source of Funds should be requested by any regulated entities subject to anti-money laundering and counter-terrorist financing obligations when a customer, beneficial owner, transaction, deposit, transfer or business relationship presents a financial crime risk.
This usually includes banks, financial institutions, fintechs, crypto businesses, real estate professionals, casinos, law firms, accountants, trust and company service providers, asset managers and other businesses that handle money, assets, investments or high-value transactions.
Entity type | When the source of Funds may be required |
Banks and financial institutions | Large deposits, unusual transfers, new account openings, high-risk customers or activity that does not match the customer’s profile |
Fintechs and payment service providers | High-value payments, cross-border transfers, unusual transaction patterns or higher-risk customer segments |
Crypto businesses and exchanges | Crypto-to-fiat deposits, fiat-to-crypto purchases, and wallet activity linked to higher-risk exposure or unclear origin of funds |
Brokers, asset managers and fund managers | New investments, large subscriptions, redemptions, high-net-worth clients or investors from higher-risk jurisdictions |
Real estate professionals | Property purchases, large deposits, third-party payments or buyers using complex ownership structures |
Casinos and gaming operators | High-value gambling activity, large cash transactions, unusual deposits or withdrawals |
Law firms and accountants | Client money handling, property transactions, company formation, trust structures or high-value advisory work |
Trust and company service providers | Company formation, nominee arrangements, trust administration, beneficial ownership concerns or complex corporate structures |
What are the acceptable sources of funds documents?
The acceptable source of funds documents include employment income, business income, property sales, inheritance, gifts and investments.
The document that your customer will have to provide depends completely on where the money originally came from.
Source of funds | Common documents accepted |
Employment income | Recent payslips, employer letter, tax returns or tax certificates, bank statements showing salary credits |
Business income | Audited financial statements, shareholder registers, dividend declarations, business bank statements |
Property and sale | Sale and purchase agreement, property deed, completion statement, solicitor or notary confirmation, bank statement showing sale proceeds |
Inheritance | Probate documents, Grant of Letters of Administration, will, estate distribution records, and bank statements showing receipt of funds |
Gift | Signed gift letter, donor identification, evidence of the donor’s lawful source of funds, and bank transfer records |
Investment gains | Brokerage statements, trade confirmations, portfolio statements, capital gains records, and bank statements showing proceeds |
Loan | Loan agreement, lender details, repayment terms, bank statements showing disbursement of funds |
Savings | Historical bank statements, evidence of regular income accumulation, tax records or employment/business income records |
Employment income: payslips, employer letters, tax returns
In the case of salaried customers, standard SoF evidence will typically be:
recent payslips (usually over the past three months)
a letter from the employer on their official company letterhead, either tax returns or tax certificates showing an actual declared income.
Then, the institutions have to compare the salary the client has reported with the transaction amount.
Even if the underlying reason seems perfectly valid, a mismatch, such as a payslip showing a monthly income of $5,000 but a $200,000 deposit, will raise more questions, regardless of how genuine the source is.
Business income: audited accounts, shareholder registers
For business owners, SoF evidence will include:
audited financial statements
shareholder registers demonstrating their ownership percentage
dividend declarations
bank statements for their business account that show the flow of funds to them
In the Riyadh property sale case, the business owner would require the sale agreement, proof of property ownership before the sale, and a bank statement showing the SAR 8 million proceeds being credited to his business account before the transfer.
Property sales, inheritances, gifts and investments
Property sale proceeds require a sale and purchase contract, proof of prior ownership (property deed) and a completion certificate provided by a solicitor or notary. Inheritances need probate documents or a Grant of Letters of Administration.
Gifts need a signed gift letter from the donor, along with evidence of their lawful source of money.
The investment revenues must be accompanied by trade stationery reflecting the transaction details from buying to selling.
Secure Compliance Software
Manage property transactions, legal documents, and stakeholder verifications from a single, intuitive platform that leverages the most recent technology available in the market.
What to do when documentation is unavailable
If relevant documentation cannot be produced, commonly the case for old transactions, cash-based countries or those with inadequate financial systems, financial institutions will request additional information.
This can be bank statements indicating a regular pattern of credits over time, confirmations from third parties and affidavits backed by any available documentary evidence.
The guiding principle here is that of corroborative evidence; several weak pieces of evidence leading to the same conclusion can collectively satisfy AML/CFT requirements even if none of them individually provide sufficient evidence.
How institutions verify the source of funds
Institutions verify the source of funds using documentary and non-documentary methods, and sometimes a risk-based approach.
Documentary vs non-documentary verification methods
The conduct documentary verification checks on relevant documents such as pay slips, bank statements, and property sale deeds. Then, it determines whether they appear genuine and consistent with details related to financial transactions carried out by the person concerned.
Non-documentary verification entails checking databases, verifying public information, cross-checking employer information through independent sources, and obtaining details about certain entities/individuals from External Data Providers to verify claims.
All Financial Institutions follow a combination of both approaches, i. e., all necessary documentation provides the primary piece of information required for identifying the source of funds, whereas non-documentary evidence serves as a means to detect false ones created for fraudulently misleading Authorities.
Efficient Reviews. Consistent Outcomes.
azakaw combines documentary evidence, external intelligence, and automated workflows to help compliance teams review Source of Funds faster, improve decision consistency, and reduce operational burden.
The risk-based approach: matching SoF scrutiny to customer risk
Given FATF’s recommended risk-based framework for combating money laundering, the extent of scrutiny into the source of Funds changes with the risks involved.
Low-risk retail consumers who regularly receive salaries requiring fewer details about their source of income/wealth need minimal verification about the source of funds, as transactions seem normal given the existing details available about this account holder.
High-risk clients or big-ticket transactions that deviate from those of customers who appear suspicious based on their profiles require a strict procedure involving cross-verifications, the CEO's approval, and possible monitoring post-deposit.
What are the red flags that trigger SoF's further investigation?
Certain patterns consistently trigger deeper SoF scrutiny, regardless of jurisdiction:
The transaction amount does not match the declared earning capacity or any detailed description of their entrepreneurial activities
Remittances originating from countries unrelated to the customer's declared place of stay or doing business. For example, a South African investor bringing in money earned abroad through jurisdictions with poor governance, providing no clarity regarding the genuine source of wealth.
Refusal to reveal the source of money upon being requested to provide details about it!
Transactions involving round numbers below reporting thresholds
Several related parties are conducting identical transactions within a short time frame
In the context of South African fund repatriation, FSCA-authorised institutions are required to trace funds through the relevant offshore structures to determine their true source.
Merely identifying the originating account is insufficient, as it does not reveal the underlying origin of the funds.
Read also: AML Red flags and signs
Challenges businesses face when verifying the source of funds
Verifying the source of funds can be difficult for regulated businesses because the process depends on reliable evidence, customer cooperation and consistent internal review.
Common challenges include:
Incomplete or unclear documents: customers may submit outdated, missing or insufficient evidence that does not clearly prove where the money came from.
Complex fund origins: property sales, inheritances, business income, investment gains, offshore accounts and third-party transfers often require several documents to verify properly.
Customer friction: repeated document requests can slow down onboarding, delay transactions and create a poor customer experience.
Inconsistent internal reviews: without clear workflows, different compliance analysts may apply different standards to similar cases.
Mismatch with customer profile: the documents may appear valid, but the transaction can still be suspicious if it does not match the customer’s income, occupation, business activity or expected behaviour.
High-risk customers and jurisdictions: PEPs, cross-border payments, complex corporate structures and funds from higher-risk countries often require enhanced due diligence.
Weak audit trails: if decisions, documents and reviewer actions are not recorded properly, the business may struggle to justify its SoF process during a regulatory inspection.
Simplify Source of Funds Verification
azakaw helps compliance teams standardise Source of Funds reviews through structured workflows, risk-based assessments, document management, and complete audit trails, reducing friction while strengthening regulatory compliance.
What are the consequences of failing to verify the source of funds?
The consequences of failing to have your source of funds verified include regulatory penalties, enforcement actions, and reputational and operational risk.
Globally, such breaches are among the reasons for the highest number of charges brought by Anti-Money Laundering (AML) enforcement bodies.
Regulatory penalties and enforcement actions
Cases involving insufficient Source of Funds (SoF) measures have resulted in huge financial losses worldwide.
In 2022, the Financial Conduct Authority (FCA) imposed a fine of £107.7 million on Santander UK, highlighting, amongst other shortcomings, a lack of adequate means to check the source of funds for business banking customers over five years.
South Africa's FSCA and the Prudential Authority have taken action against Banks that lack effective Client Due Diligence (CDD) and source of funds measures under the Financial Intelligence Centre Act (FICA).
There is a continuing trend here: regulators consider all cases of SoF breaches as part of general Client Due Diligence (CDD) gaps rather than isolated instances.
Avoid AML Penalties & Fines
Streamline compliance from identity and business verification to corporate compliance and AML transaction monitoring, reducing costs and complexity so you can scale with confidence.
Reputational and operational risk for financial institutions
Apart from monetary penalties, Institutions that fail to maintain a robust source of funds (SoF) systems may face difficulties maintaining good relationships with correspondent banks, as other banks may hesitate to deal with them due to poor AML track records.
Such conditions pose risks for financial institutions, including poor credit history, a decline in new clients, especially high-net-worth individuals, and delays in receiving timely global payments.
How AML compliance software helps financial institutions verify the source of funds
Source of funds verification is often slow because compliance teams need to collect documents, review transaction context, compare evidence against the customer profile, identify red flags and keep a record of every decision.
AML compliance software helps financial institutions manage this process in a more structured and risk-based way.
Instead of relying on manual emails, spreadsheets and disconnected checks, teams can request the right documents, validate information, escalate suspicious cases and maintain an audit-ready record of the full review.
For example, when a customer receives a high-value transfer, the system can trigger a source of funds request based on the customer’s risk profile, transaction size, jurisdiction, account behaviour or PEP status.
The institution can then collect supporting evidence such as payslips, bank statements, property sale contracts, business accounts, inheritance documents or investment records.
The software can also help compliance teams compare the declared source of funds with the customer’s expected activity. If the transaction amount does not match the customer’s income, business profile or historical behaviour, the case can be flagged for enhanced due diligence.
A strong AML compliance platform can support source of funds verification by helping institutions:
collect and store supporting documents securely;
apply risk-based workflows for CDD and EDD;
identify inconsistencies between documents, customer data and transaction activity;
screen customers against sanctions, PEP and adverse media lists;
escalate complex or suspicious cases to senior reviewers;
maintain a clear audit trail for regulatory inspections;
support STR/SAR decisions when the source of funds cannot be verified.
This reduces manual work for compliance teams and gives regulators clearer evidence that the institution followed a consistent, risk-based process.
Ready to Scale With Confidence?
Streamline source of funds verification through automated onboarding, risk-based due diligence, document collection, transaction monitoring, case management and audit-ready compliance records.
Frequently Asked Questions
What documents can I use to prove the source of funds?
The type of document needed depends on the origin of the funds: salaries through payslips and tax returns; company financial statements and shareholder registers for businesses; sales contracts and ownership documents for properties; inheritances require probate documents; investments require brokerages’ records.
Why is my bank asking for the source of funds?
Financial institutions are required by law to obtain adequate information regarding a customer's source of funds in line with Anti-Money Laundering (AML) laws issued by countries, including the UAE Central Bank, SAMA, CMA Oman, FSCA and similar authorities globally.
Any big, suspicious or transactions that form part of a series of transactions prompting concerns will lead to a request to clarify the source of funds.
Is the source of funds identification required in the United Arab Emirates (UAE)?
Yes. The UAE Central Bank demands that all financially regulated entities carry out source of funds verification as part of Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) obligations under the UAE’s Anti Money Laundering Law, complemented by Financial Action Task Force (FATF) Recommendations.
What would happen if I were unable to supply any evidence of the source of funds?
Insufficient source of funds details could result in denying certain transactions, restricting access to existing accounts, flagging suspect activity to law enforcement by submitting a "Suspicious Transaction Report" when appropriate, or, in some cases, ending our relationship completely.
Do the source of funds rules apply to Cryptocurrencies?
Yes. Transactions involving cryptocurrencies from Crypto to Fiat Currencies follow identical rules on identifying 'Source of Funds' like conventional methods.
TIP: Read more about Crypto AML Compliance
How long does it take to verify the source of funds?
Generally speaking, this process can take some hours or a day.
Cases that involve complex legal arrangements, such as overseas arrangements, multiple international inheritances or receipts generated by business sale deals, may take anywhere from one week to a couple of months to complete, especially given the need to translate documents and obtain corroborative evidence from independent sources.
Conclusion
Source of funds verification is a critical AML control. It helps financial institutions confirm that the funds behind a transaction are legitimate, consistent with the customer’s profile, and supported by reliable evidence.
Without a structured process, SoF checks can become slow, inconsistent and difficult to defend during regulatory reviews. This increases the risk of delayed onboarding, missed red flags, weak audit trails and potential enforcement action.
azakaw is the AML Compliance Solution
Comply with EDD regulations and onboarding procedures, including conducting risk-based documentation requests, automating verification tasks and creating reliable audit trails ready to satisfy any future regulatory inquiries.
Source of Funds Video Summary
Related articles