Anti-Money Laundering (AML)

Banks file suspicious activity reports by the hundred thousand, but what proportion lead to an actual investigation? When over 95 per cent of anti-money laundering (AML) alerts are false positives, the system designed to catch criminals spends most of its energy proving that legitimate customers are legitimate.

What is anti-money laundering?

Anti-money laundering is the set of regulations, procedures, and technologies that financial institutions use to detect and prevent the laundering of proceeds from criminal activity. In practical terms, this means transaction monitoring, sanctions screening, customer due diligence, and the filing of suspicious activity reports (SARs) when patterns suggest potential money laundering or terrorist financing. Effective AML depends on sound data governance to ensure the underlying transaction and customer data is accurate and complete.

The operational burden is enormous. A mid-sized bank generates tens of thousands of alerts per month from its transaction monitoring system. Each alert requires an analyst to review the customer's history, assess the context, and decide whether to escalate, dismiss, or file a SAR. The vast majority are dismissed. The cost per alert ranges from 15 to 50 pounds depending on complexity, which means a bank can spend millions annually investigating activity that turns out to be normal.

The regulatory penalty for getting it wrong is severe. Fines for AML failures regularly exceed 100 million pounds, and the reputational damage can be worse. This asymmetry creates a culture of over-reporting: when in doubt, file the SAR. The result is a system that generates volume but not necessarily intelligence.

The landscape

The EU's AMLA represents the largest structural change to European AML supervision in a generation. A single rulebook, direct supervisory authority over high-risk institutions, and harmonised rules on beneficial ownership disclosure will reshape how banks operating across Europe manage their AML obligations. The transition period runs through 2027, but institutions are planning now.

In the UK, the Economic Crime and Corporate Transparency Act 2023 expanded the failure-to-prevent framework and strengthened Companies House verification powers. The FCA's appetite for enforcement has not diminished post-Brexit; if anything, the UK is positioning itself as a jurisdiction that takes financial crime seriously as a competitive advantage.

The shift from rules-based to risk-based transaction monitoring is well underway but unevenly implemented. Traditional systems fire alerts based on static thresholds: any transaction above a certain amount, any transfer to a high-risk jurisdiction, any pattern matching a predefined scenario. These rules generate volume. Risk-based systems assess the anomaly relative to the customer's expected behaviour, which is conceptually superior but requires significantly better customer data.

Cross-institutional data sharing is the next frontier. Initiatives like the UK's Economic Crime Data Sharing framework and the Dutch Transaction Monitoring Netherlands (TMNL) experiment are testing whether banks can share intelligence without breaching data protection or competition law. The privacy and legal barriers are real but not insurmountable.

How AI changes this

The immediate value is false positive reduction. Machine learning models trained on historical alert dispositions can score incoming alerts by likelihood of genuine suspicion, allowing analysts to prioritise their queue. Institutions that have deployed this report 40 to 60 per cent reductions in false positives without increasing the rate of missed genuine cases. This is production-ready and the most common entry point.

Graph-based network analysis is the capability that transforms AML from a transaction-level exercise to a relationship-level one. Money laundering is a network crime: it involves multiple actors, multiple accounts, and multiple jurisdictions working in coordination. Traditional transaction monitoring examines each customer in isolation. Graph analytics maps the connections between accounts, identifying patterns like rapid fund cycling through apparently unrelated entities. Several Tier 1 banks have deployed this for mule account detection with measurable results.

Natural language processing automates the SAR narrative writing process. Analysts spend a significant portion of their time documenting their investigation in prose. LLMs can draft the narrative from structured investigation data, reducing the time per SAR from hours to minutes while maintaining consistency and completeness. The analyst reviews and approves rather than writing from scratch.

The connection to KYC is operational, not theoretical. An AML system that can access the KYC risk profile, ongoing monitoring signals, and beneficial ownership data makes better decisions than one operating on transaction data alone. The institutions seeing the best results from AI in AML are those that have integrated their financial crime systems rather than optimising each function independently.

What to know before you start

Your transaction monitoring vendor will offer AI as an upgrade. Before accepting, understand what they mean by it. Adding a machine learning scoring layer on top of rules-based alerting is valuable but modest. Replacing the rules engine entirely with an AI-native system is transformative but requires a fundamentally different validation approach with the regulator. Know which one you are buying.

Model validation for AML models is not optional and it is not simple. The PRA's expectations on model risk management (SS1/23, building on SR 11-7) apply to AML models. You need to demonstrate that the model performs across customer segments, that it does not introduce discriminatory bias, and that it degrades gracefully when the underlying data distribution shifts. Budget for ongoing model monitoring, not just initial validation.

Regulators are supportive but cautious. The FCA has publicly stated that it welcomes AI in AML, provided firms can explain their models and demonstrate governance. Engage your supervisor early. A pre-briefing on your approach, before deployment, avoids the conversation happening during an examination when the dynamic is adversarial.

Start with alert prioritisation, not alert replacement. Scoring existing alerts by risk is lower regulatory risk than changing the alert generation logic. It delivers immediate analyst productivity gains and builds the data foundation for more ambitious deployments. From there, you can layer in network analysis for specific crime typologies, building the regulator's confidence incrementally.

Integration with regulatory reporting and fraud detection systems is not a phase-two problem. If you build AML AI in isolation, you will rebuild it when the organisation inevitably moves toward a unified financial crime platform. Design for integration from the start, even if you deploy incrementally. Our enterprise AI guide covers the architecture and governance decisions that apply across all financial crime AI programmes.