Implementing AML in your client onboarding process

02 March, 2021

If you’re starting a new business or rethinking processes in an existing one, dealing with AML compliance can seem daunting. Compliance officers, audits, customer due diligence, copies of passports and risk assessments – they can be a lot to get your head around.

Most of the requirements focus on customer due diligence and risk assessment, so that’s a good place to start. By building AML into your customer onboarding procedures, you make it easier to meet requirements without a lot of additional work. Rather than thinking of compliance as an added burden on you and your customers, it becomes a standard part of the process.

Here’s how to make AML requirements a key part of onboarding in your business.

Understanding AML

When new AML/CTF requirements were introduced early in 2019, the compliance burden on financial service organisations seemed daunting.

The amended law is designed to prevent criminal activity – money laundering and funding of terrorist groups – through complex financial transactions. It requires businesses that deal with large sums of money – like accounting firms, banks and other lenders, law firms, and real estate agents – to put systems in place that detect and deter money laundering. This includes verifying identification and other details, looking at the origins of clients’ finances and reporting if there are any red flags of illegal activity.

Among other things, businesses need to have a compliance officer to handle AML/CTF requirements, manage customer onboarding and record-keeping, and provide details for auditors regularly.

Customer onboarding and AML

Know Your Customer (KYC) is a key aspect of AML compliance. The law requires businesses to collect and verify information and make risk assessments on every new customer, so KYC needs to be part of your onboarding process.

Before the amendments, taking on new customers meant getting their names, addresses and little else. Now, businesses must take each new client through an extensive verification and risk assessment process before they can start work.

The law doesn’t specify how to manage AML requirements, so your business can choose to use paper forms and manual processes, or a digital AML/KYC solution like First AML. Although paper-based processes work for many businesses, it can be simpler and less frustrating to manage data collection and storage with an online system.

AML onboarding requirements

The AML process needs to be completed not only for customers but for any beneficiaries of the business or trust involved and anyone acting on behalf of your customer.

These requirements include:

  • Collecting and verifying ID
  • Recording and verifying the customer’s address
  • Collecting business details including address and registration number
  • Viewing documentation that proves the origin of the customer’s finances
  • Assessing the AML risk for each customer
  • Completing an in-depth AML process if the risk is determined to be high
  • Collecting a declaration showing that the details provided are accurate

It all sounds very complicated, but once you implement AML processes into your onboarding procedures, they become second nature.

Implementing AML in four simple steps

AML requirements are manageable when broken down into basic steps. Each step can have its challenges depending on the customer, but understanding the broad outline of the requirements is a good place to start.

Step 1: ID collection and verification

Whether you’re using an in-person process or an online system, the first step is collecting basic details about your new customer. Full name, date of birth, address and company ID or registration number are key if you’re dealing with a business client. This step needs to be completed for any new customer, beneficial owner of the business or anyone acting on behalf of the customer.

The details need to be backed up with documentation – like a passport or other valid photo ID, proof of address and business registration details. If you’re collecting details in person, you can take photocopies of the relevant documents, then sign and date them for your records. If you’re onboarding remotely, your customers may need to get a Justice of the Peace (JP) or other trustee to certify copies of their documents before they’re uploaded.

Step 2: Risk assessment

This step involves assessing the level of risk presented by new customers and using that information to determine the next steps. This means asking customers – in person or via a form – why they’re seeking to work with your business, and establishing the origin of their finances. Some businesses are happy to simply ask customers about their financial background, while others require documentation including bank statements or wills.

Depending on the overall risk profile of your business, you may also include other elements at this stage: police checks, credit checks and PEP checks, for example.

Once the risk assessment is complete, you can continue with a simplified, standard or enhanced due diligence process.

Step 3: Declaration of details

Along with customer details, documentation and any other background checks, you need customers to sign a declaration that their information is correct and truthful. This must be signed in person, certified by a JP or completed via a recognised online verification system like First AML.

Step 4: Record and track

Once the onboarding process is complete, you need to keep records of customer details including signed and dated copies of ID and other documentation. This can mean keeping physical copies or using a CRM system to save scans to the cloud.

However you manage your record-keeping, it needs to be secure so sensitive customer details can’t be accessed by outsiders – using a secure database or cloud storage facility. It’s also important that they’re accessible to people within your business, so you can share documentation with auditors if necessary.

Develop a KYC process for your business

Key elements of the KYC process differ for various types of business, so before you start, it’s essential to look at the guidelines for your sector.

There are several ways to manage onboarding but the important thing is having a process in place, so you and your staff don’t miss crucial compliance details or signs of illegal activity.


About First AML

First AML simplifies the entire anti-money laundering onboarding and compliance process. Its SaaS platform, Source, stands out as a leading solution for organisations with complex or international onboarding needs. It provides streamlined collaboration and ensures uniformity in all AML practices.

First AML transforms an otherwise complex and manual process into one that is simple, cost-effective, and compliant for businesses. By delivering efficiency and time savings, it protects reputations and enables companies to stay on the right side of history in the face of global threats.

Keen to find out more? Book a demo today! No time for a long demo? No problem. See what Source by First AML can do for your business in 2 minutes – watch the short demo here.