User:ADimitrovski/sandbox/Financial crime prevention

The EU adopted a package of AML/CFT legislation in 2024, including Regulation (EU) 2024/1624 on preventing the use of the financial system for money laundering and terrorist financing and Regulation (EU) 2024/1620 establishing the EU anti-money laundering authority (AMLA).^[8][9]

In the United States, the Bank Secrecy Act (BSA) provides authority for reporting and recordkeeping requirements intended to help detect and prevent money laundering. The Financial Crimes Enforcement Network (FinCEN) administers the BSA and receives filings such as suspicious activity reports (SARs) and currency transaction reports (CTRs).^[10][11]

The United Kingdom’s AML framework includes the Money Laundering Regulations 2017 and related supervisory guidance. The Financial Conduct Authority (FCA) publishes guidance on financial crime systems and controls for regulated firms.^[12][13]

AML compliance commonly includes risk-based customer due diligence, sanctions and watchlist screening, transaction monitoring, investigation workflows and suspicious activity reporting, depending on jurisdiction and risk exposure.^[4][13]

Under the risk-based approach, customer and relationship risk assessment is used to determine the level of due diligence and the intensity of ongoing monitoring.^[4] Screening commonly includes checks against sanctions lists and may include politically exposed person (PEP) and other lists, depending on local requirements and firm policy.^[14]

Transaction monitoring is used to identify unusual or suspicious patterns that may warrant review or investigation; supervisory guidance has addressed governance expectations for transaction monitoring systems, including ongoing oversight and testing.^[15]

Fraud prevention includes controls intended to reduce unauthorized or deceptive activity affecting accounts and payments. The Basel Committee on Banking Supervision has assessed digital fraud as a supervisory and financial stability issue, including governance and monitoring considerations for banks.^[16]

Identity-related and account-opening abuse has been described in FinCEN analyses of identity-related suspicious activity, including activity affecting account opening, account access and transactions.^[17] Fraud affecting payments may involve transaction monitoring, risk scoring and investigation processes; the European Central Bank has referenced fraud monitoring and risk scoring as examples of controls in payment contexts.^[18]

Account takeover involves unauthorized access to an existing account, often via compromised credentials or social engineering. UK Finance defines account takeover fraud (in card ID theft reporting) as the takeover of another person’s genuine account and reports related fraud categories in annual reporting.^[19]

Financial crime controls are used in efforts to identify and disrupt illicit financial flows linked to environmental crimes. FATF has published work on money laundering from environmental crime, describing laundering methods associated with illegal logging, illegal land clearance, illegal mining and waste trafficking, and the use of AML tools in addressing these flows.^[24]

The World Bank has described “de-risking” as a practice in which financial institutions restrict or terminate relationships with clients or categories of clients, with potential implications for remittance companies and access to the global financial system in some regions.^[25] FATF has published work on unintended consequences of AML/CFT standards and their implementation, including de-risking and financial exclusion.^[26][27]