What is Anti-Money Laundering?

What Is Anti-Money Laundering?

Anti-Money Laundering -- usually shortened to AML -- is the collective term for the laws, regulations, and procedures that exist to stop criminals from disguising the origins of illegally obtained money. The basic idea is simple: if someone makes money through crime (drug trafficking, fraud, tax evasion, corruption, or any number of other offences), they need to find a way to make that money look legitimate before they can spend it freely. That process of cleaning dirty money is called money laundering, and AML rules are designed to detect and prevent it.

The scale of the problem is enormous. Global estimates suggest that between two and five percent of global GDP is laundered each year -- that is somewhere between 800 billion and 2 trillion US dollars. No country is immune, and the payments industry sits right at the centre of the challenge because moving money is, by definition, what money launderers need to do.

How Money Laundering Works

Money laundering typically follows three stages, though in practice these can overlap and vary in complexity:

Placement

This is the first step -- getting the cash into the financial system. It might involve depositing large amounts of cash in small increments to avoid detection (known as "smurfing" or "structuring"), using cash-intensive businesses like restaurants or car washes to mingle illegal funds with legitimate revenue, or purchasing high-value goods like jewellery or property with cash.

Layering

Once the money is in the financial system, the launderer creates layers of transactions to distance it from its criminal origin. This could involve transferring funds between multiple accounts in different countries, converting money into different currencies, investing in financial instruments, or routing payments through shell companies. The goal is to create such a complex trail that investigators cannot trace the money back to its source.

Integration

The final stage is reintroducing the now-clean money into the legitimate economy. The launderer might invest in property, start a business, or simply spend the money. At this point, the funds appear to have a legitimate source, and detecting the original crime becomes extremely difficult.

The Legal Framework in the UK

In the UK, AML regulation is governed by several pieces of legislation and enforced by multiple bodies:

• The Proceeds of Crime Act 2002 (POCA) -- makes money laundering a criminal offence and gives law enforcement powers to seize criminal assets
• The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (MLR 2017) -- sets out the obligations that businesses must follow to prevent money laundering
• The Terrorism Act 2000 -- covers the financing of terrorism, which is closely linked to money laundering
• The Sanctions and Anti-Money Laundering Act 2018 -- gives the UK government powers to impose sanctions and update AML regulations

The Financial Conduct Authority (FCA) supervises AML compliance for financial services firms, while HM Revenue and Customs (HMRC) oversees compliance for other regulated sectors like estate agents and accountants. Businesses that fail to comply can face criminal prosecution, regulatory fines, and the loss of their licence to operate.

AML Obligations for Businesses

If your business is in a regulated sector -- and payment services are firmly in that category -- you have specific AML obligations. These are not optional, and ignorance is not a defence. The core requirements include:

Customer Due Diligence (CDD)

You must verify the identity of your customers before establishing a business relationship or carrying out a significant transaction. This is closely related to Know Your Customer (KYC) and typically involves checking identity documents, verifying addresses, and understanding the nature of the customer's business. For higher-risk customers, enhanced due diligence (EDD) is required, which means more thorough checks and ongoing monitoring.

Ongoing Monitoring

AML compliance is not a one-off exercise. You must continuously monitor your customer relationships and transactions for suspicious activity. This means watching for unusual patterns -- large transactions that do not fit the customer's profile, frequent transfers to high-risk jurisdictions, or sudden changes in transaction behaviour.

Suspicious Activity Reports (SARs)

If you identify or suspect money laundering, you are legally required to file a Suspicious Activity Report with the National Crime Agency (NCA). It is a criminal offence to tip off the customer that a report has been filed. This puts businesses in a difficult position -- they must report suspicions promptly while continuing to interact with the customer as normal.

Record Keeping

Businesses must keep records of all customer due diligence and transaction data for at least five years after the business relationship ends. These records must be available to law enforcement and regulators on request.

Staff Training

All relevant staff must receive regular AML training so they can recognise the signs of money laundering and understand their reporting obligations. This is particularly important for front-line staff who interact directly with customers.

Why AML Matters for Businesses That Take Payments

Every time your business processes a payment, it is facilitating the movement of money. That makes your payment systems a potential target for money launderers. Even if your business has nothing to do with crime, criminals can exploit your payment channels to move or clean their funds. This is why AML obligations extend to merchants and payment service providers, not just banks.

The consequences of getting AML wrong are severe. Fines from the FCA can run into millions of pounds. Directors can face personal criminal liability. And the reputational damage from being associated with money laundering -- even inadvertently -- can be devastating for a business.

Relevance to Telephone and Phone Payments

Phone payments present specific AML considerations that businesses should be aware of. When a customer pays over the phone, the transaction is classified as "customer not present," which generally carries a higher risk profile than face-to-face transactions. The business cannot visually verify the customer's identity or check physical documents at the point of sale.

This does not mean phone payments are inherently problematic -- millions of legitimate phone payments are processed safely every day. But it does mean that businesses taking phone payments should have appropriate controls in place. These might include verifying customer identity through other means before processing high-value transactions, monitoring phone payment patterns for anomalies, and ensuring that call recordings (if retained) are handled in compliance with both data protection and AML record-keeping requirements.

Secure phone payment technology can actually support AML compliance by creating a clear, auditable record of each transaction without exposing sensitive card data. When card details are entered via the customer's keypad rather than spoken aloud, there is a clean separation between the transaction record and the sensitive payment data -- which makes it easier to maintain the kind of audit trail that AML regulations require.

Practical Considerations

• Appoint a nominated officer (also called a Money Laundering Reporting Officer or MLRO) who is responsible for receiving and assessing internal suspicious activity reports
• Conduct a business-wide risk assessment to identify where your payment processes are most vulnerable to money laundering
• Implement customer due diligence procedures that are proportionate to the risk level of each customer and transaction type
• Train all staff who handle payments -- including call centre agents -- to recognise the warning signs of money laundering
• Establish clear internal procedures for escalating and reporting suspicious activity
• Keep thorough records of all customer verification and transaction data for at least five years
• Review your AML policies regularly to ensure they reflect current regulations and guidance from the FCA and NCA

AML compliance is not glamorous, and it is not cheap. But it is a fundamental obligation for any business involved in payments. Getting it right protects your business, your customers, and the integrity of the wider financial system. Getting it wrong can cost you everything.