What is Anti-Money Laundering?

What is Anti-Money Laundering?

Anti-Money Laundering -- usually just AML -- is the catch-all term for the laws, rules and procedures that exist to stop criminals dressing up dirty money as legitimate income. The idea behind it is simple. If someone earns money through crime -- drug trafficking, fraud, tax evasion, corruption, take your pick -- they need to make it look clean before they can spend it openly. That cleaning process is money laundering, and AML is what's meant to catch and prevent it.

The scale is staggering. Estimates put the amount laundered globally at two to five percent of world GDP every year -- somewhere between 800 billion and 2 trillion US dollars. Nowhere is immune, and payments sit right in the firing line, because moving money around is exactly what a launderer has to do.

How money laundering works

It usually runs through three stages, though in the real world they blur together and vary in complexity.

Placement

Getting the cash into the financial system. That might mean depositing it in small chunks to stay under the radar (called "smurfing" or "structuring"), running it through cash-heavy businesses like restaurants or car washes to mix it with real takings, or buying high-value things -- jewellery, property -- outright with cash.

Layering

Now the money's in the system, the launderer piles on transactions to put distance between it and the crime: moving funds between accounts in different countries, switching currencies, buying financial instruments, routing payments through shell companies. The point is to make the trail so tangled that nobody can follow it back to the source.

Integration

The clean money comes back into the legitimate economy -- invested in property, ploughed into a business, or simply spent. By now it looks like it came from somewhere respectable, and proving otherwise is extremely hard.

The legal framework in the UK

In the UK, AML regulation rests on several pieces of legislation and is enforced by more than one body:

• The Proceeds of Crime Act 2002 (POCA) -- makes money laundering a criminal offence and lets law enforcement seize criminal assets
• The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (MLR 2017) -- sets out what businesses must do to prevent it
• The Terrorism Act 2000 -- covers terrorist financing, which is closely tied to laundering
• The Sanctions and Anti-Money Laundering Act 2018 -- gives the government powers to impose sanctions and update the rules

The Financial Conduct Authority (FCA) supervises AML for financial services firms, while HMRC covers other regulated sectors like estate agents and accountants. Fall short and you're looking at criminal prosecution, regulatory fines, and potentially losing your licence to trade.

What businesses actually have to do

If you're in a regulated sector -- and payment services very much are -- you've got specific AML duties. They're not optional, and "I didn't know" won't get you off the hook. The core ones:

Customer Due Diligence (CDD)

You have to verify who your customers are before you start doing business or run a significant transaction. It's closely tied to Know Your Customer (KYC) -- checking ID, confirming addresses, understanding what the customer actually does. For higher-risk customers you go further with enhanced due diligence (EDD): deeper checks and ongoing monitoring.

Ongoing monitoring

This isn't a tick-box you do once. You have to keep an eye on customer relationships and transactions for anything suspicious -- large payments that don't fit the customer's profile, frequent transfers to high-risk countries, sudden shifts in behaviour.

Suspicious Activity Reports (SARs)

If you spot or suspect laundering, you're legally required to file a Suspicious Activity Report with the National Crime Agency (NCA) -- and it's a criminal offence to tip the customer off that you've done so. That's an awkward spot to be in: report the suspicion promptly while carrying on with the customer as if nothing's changed.

Record keeping

Keep your due-diligence and transaction records for at least five years after the relationship ends, and have them ready for law enforcement and regulators on request.

Staff training

Everyone relevant needs regular AML training so they can spot the signs and know their reporting duties -- especially front-line staff who deal with customers directly.

Why it matters if you take payments

Every payment your business handles is money on the move, and that makes your payment systems a target. Even if your business is squeaky clean, criminals can use your channels to shift or clean their funds -- which is why AML duties reach merchants and payment providers, not just banks.

Getting it wrong is expensive in every sense. FCA fines run into the millions. Directors can be personally on the hook, criminally. And being linked to money laundering, even by accident, does the kind of reputational damage that's hard to come back from.

What this means for phone payments

Phone payments carry their own AML wrinkles. When someone pays over the phone, it's a "customer not present" transaction, which usually carries more risk than a face-to-face one -- you can't eyeball the customer or check a physical document at the till.

That doesn't make phone payments a problem in themselves; millions go through safely every day. It just means you need sensible controls: verifying identity another way before high-value payments, watching phone-payment patterns for anything odd, and making sure any call recordings you keep meet both data-protection and AML record-keeping rules.

Done right, secure phone-payment technology can actually help. When the customer keys their card in rather than reading it aloud, you get a clean split between the transaction record and the sensitive card data -- which makes the kind of audit trail AML expects easier to keep.

A few practical steps

• Appoint a nominated officer (a Money Laundering Reporting Officer, or MLRO) to receive and assess internal suspicious-activity reports
• Run a business-wide risk assessment to find where your payment processes are most exposed
• Make your customer due diligence proportionate to the risk of each customer and transaction
• Train everyone who handles payments -- call-centre agents included -- to recognise the warning signs
• Set clear internal steps for escalating and reporting suspicions
• Keep your verification and transaction records for at least five years
• Review your AML policies regularly so they keep up with FCA and NCA guidance

AML compliance isn't glamorous and it isn't cheap, but it's a basic obligation for anyone in payments. Get it right and you protect your business, your customers and the financial system. Get it wrong and it can cost you everything.