An AML overview for digital companies

An overview of money laundering, AML regulations, and ways that businesses can increase security, reduce fraud, and stay compliant

In 2020, fines resulting from breaches in AML compliance totaled $10.38 billion worldwide, almost double the figure for 2019 ($5.72 billion). The use of sharing economy apps like Uber and AirBnB for money laundering demonstrates that the threat of money laundering is not an issue that only financial institutions and money services businesses should be concerned with. From user onboarding to transaction monitoring, customer due diligence (CDD) is essential for fraud prevention and Anti-Money Laundering (AML) compliance.

The EU’s 5th and 6th Anti-Money Laundering Directives (AMLDs) have expanded the scope of AML regulations to include many businesses that conduct online transactions by requiring businesses to report on the ultimate beneficiary of funds and hold individuals accountable for aiding and abetting, inciting and attempting to money launder as offenses. Conducting customer due diligence to comply with AML regulations not only reduces the potential risk of regulatory fines for your organization, but is also a strategic course of action for protecting your company against fraud.

Before addressing how CDD helps to prevent money laundering, let’s first take a look at what money laundering and AML are.

What is money laundering?

Money laundering refers to the process of obscuring the origins of money obtained through criminal means in order to legitimize its use within a regulated financial system. While money laundering has traditionally been associated with front businesses that have a physical location, the digital landscape has created new avenues for money laundering.

The money laundering process is comprised of three stages:

  • Placement: Where and how funds are introduced into the legitimate financial system.
  • Layering: Money is used for additional transactions within the legitimate financial system to cement legitimacy, making it difficult to track the originating transaction.
  • Integration: Money is transferred through multiple accounts in unusual patterns to create confusion.

The potential for the products or services provided by your company to be utilized during any of these stages could financially compromise your company. In light of this, it’s important to develop procedures aimed at curtailing money laundering and fraud. Such procedures are considered Anti-Money Laundering and promote the safety of companies and customers alike.

What is AML regulation?

In order to ensure the integrity of the financial system, regulation has been created at both the state and global levels. While the Financial Action Task Force (FATF) has created a set of international standards to combat money laundering and the financing of terrorism, each country has its own individual legislation that needs to be adhered to. For companies operating in the United States and the European Union, two of the largest jurisdictions in terms of GDP, it’s important to know the following organizations:

  • Financial Crimes Enforcement Network (FinCEN): FinCEN is a bureau of the US Department of the Treasury that enforces the law as it relates to money laundering and national security. The Bank Secrecy Act, Title III of the Patriot Act, and the FY2021 National Defense Authorization Act are central to U.S. AML legislation.
  • European Commission (EC): The EC is the EU’s executive body that has created the Anti-Money Laundering Directives (AMLDs), which apply to EU and EEA member states. By June 3, 2021, obliged entities, such as EU banks, financial institutions, money service businesses, and gaming companies will have to enact 6AMLD compliance procedures.

The legislation within the US and the EU has served as a model for other countries across the world and can therefore be helpful in gaining a general understanding of AML legislation globally.

You can find further details in our free Guide to AML.

Download a quick guide to AML for product managers by Passbase

Creating a CDD program that meets AML requirements

Implementing a CDD program that meets AML regulatory requirements helps companies, irrespective of industry, to better protect against fraud, build trust amongst their user base and ensure that they are able to provide regulatory bodies with data that they may request.

Three categories are central to a robust CDD program:

  • Identifying and verifying the identity of your customers (KYC) and entities (KYB)
  • Monitoring financial transactions over time
  • Reporting suspicious activities and transactions

How Passbase can help you meet your CDD requirements for AML

While technology has increased the opportunities for money laundering and fraud, it has also created new possibilities for fraud and money laundering prevention. Making identity verification a prerequisite for user onboarding is an example of how teams can protect their business from fraud while safeguarding the digital identity of their end users. Passbase uses the following features to create an identity verification process that is both quick and user-friendly:

  • ID document verification: The authenticity of government-issued IDs is determined by examining features such as security markings and watermarks and then cross-checking them with databases.
  • Liveness detection: In order to curb spoofing attempts, users are asked to submit a video selfie which requires them to respond to a set of instructions in real-time. This confirms that there is a real person performing the onboarding or transaction.
  • Biometric authentication: The use of video selfies also simultaneously allows for facial matching with the scanned ID document to ensure that the person is who they claim to be.

To find out more information about AML compliance and how Passbase can help you meet your CDD requirements, read this quick guide to AML for product managers!

Download a quick guide to AML for product managers by Passbase

Get the latest news from Passbase

Passbase © 2023


Passbase is an identity verification solution that makes facial recognition, liveness detection, ID verification and KYC and AML compliance accessible through a suite of flexible developer tools. A zero-knowledge architecture ensures that companies using Passbase can securely verify users from over 190 countries without having to store their data. Built for developers, it can be integrated with just a few lines of code on iOS, Android, and Web.