AML for Fintechs: a Detailed Guide

Eglė Kontautaitė
Eglė Kontautaitė
April 11, 2024
AML for Fintechs

Advances in technology bring numerous benefits to end-users of financial services, including enhanced efficiency in service delivery (resulting in faster, better, and more convenient experiences), reduced fees, and, in many instances, improved access to financial services. At the same time, the rapid growth of the fintech sector increases the importance of AML for Fintechs.

It appears that throughout the years, the drivers for financial technology innovations remain very similar: higher consumer expectations (better speed, convenience, user experience, lower fees) advances in technologies (internet, big data, mobile technology, etc.) and changing financial regulations (incentives to foster competition, growing supervisory expectations). Recent years have demonstrated that unforeseen external forces, such as COVID-19, can serve as catalysts for the adoption of financial innovations as well.

A better user experience is attractive to both legitimate users of financial services and criminals alike. The ease of accessing the financial system, rapid fund transfers, and user-friendly interfaces – a cherry on a criminal pie. No wonder that regulators adopt a stringent stance on measures for mitigating money laundering and terrorist financing risks, showing little flexibility even within financial technology innovations. 

To adhere to regulatory requirements while maintaining the appeal of financial services innovations, such as easy access and lower fees, financial institutions seek out innovative regulatory technologies, known as RegTech. FinTech and RegTech are two sides of the same coin, each essential for maintaining the necessary balance between user experience and regulatory compliance.

AMLYZE being a Regtech solution helps financial institutions to strike a balance between innovation and compliance.

Understanding FinTech

Great innovations require bold risks. In the pursuit of discovery, we must embrace uncertainty, for it is through daring leaps that we unlock the secrets of progress.

Albert Einstein

The Financial Stability Board (FSB) defines FinTech as “technology-enabled innovation in financial services that could result in new business models, applications, processes, or products with an associated material effect on the provision of financial services.” This definition includes new FinTech providers as well as existing financial institutions utilizing new innovative digital financial services. Although FinTech definition emerged as recently as 2017, the origins of financial technologies trace back much further, with milestones such as the invention of the telegraph by Samuel Morse and Alfred Vail in the 19th century. This innovation revolutionized long-distance communication, paving the way for the development of modern banking systems and stock exchanges by facilitating faster transmission of financial information across vast distances.

The timeline below highlights just a few milestones in the development of financial technologies throughout the decades. These innovations were introduced to the financial market by both banking and non-banking financial institutions as well as incentives driven by non-financial markets.

The evolution of financial technologies over decades
The evolution of financial technologies over decades

Since the invention of the telephone by Alexander Graham Bell in 1876, banks began offering telephone banking services. The first credit card introduced by Diners Club in 1950, followed by the launch of American Express in 1958 and Visa in 1958 (originally known as BankAmericard) revolutionized consumer spending by offering a convenient alternative to cash. A decade later (1967) automated teller machines (ATMs) introduced by Barclays Bank in London enabled customers to perform basic banking transactions outside of traditional banking hours. The 1990s is a decade of online banking development, allowing customers to access their accounts and conduct transactions over the internet. With a new millenia (2000s) the introduction of mobile devices and smartphones led to the development of mobile banking apps, enabling customers to manage their finances on-the-go.

Peer-to-peer lending, or P2P lending, emerged in the early 2000s. One of the earliest and most notable examples of P2P lending platforms is Zopa, which was founded in the United Kingdom in 2005. Zopa facilitated loans directly between individual borrowers and lenders, bypassing traditional banks. This marked the beginning of the P2P lending industry, which has since grown significantly worldwide. 

Creation of bitcoin

Emergence of crypto assets revolutionized the understanding of the payment system. In 2008 Satoshi Nakamoto introduced Bitcoin, the first decentralized cryptocurrency. Blockchain technology, the underlying technology behind Bitcoin, has since been applied to various financial applications, including cross-border payments and smart contracts.

In 2010 regulatory initiatives such as the European Union’s Payment Services Directive 2 (PSD2) emerged that promoted open banking, allowing third-party providers to access consumer financial data through secure APIs. This has facilitated the development of innovative financial products and services.

While when talking about fintech, most attention is often given to the technology that fintech brings and the value it creates for the end user, but AML/CFT issues are just as important to the success of the fintech business model.

Myths of FinTech sector

The only thing predictable about life is its unpredictability.

Remy, Disney cartoon “Ratatouille”

Myth 1. FinTechs are the creations of this millenia.

To quote Albert Einstein one more time: “Once an innovation is accepted, it ceases to be innovation.” The FinTech sector is inherently volatile and unpredictable. Technologies that were once considered revolutionary, such as ATMs, credit cards, and online banking, are now commonplace. Similarly, concepts like open banking, peer-to-peer lending, and cryptocurrencies have also become integrated into the mainstream financial landscape and are no longer seen as innovative. 

Although the definition of FinTech has been widely adopted in this millenia, financial technology innovations have been constructed for centuries. So when FinTech ceases to be FinTech in the sense of innovation? In our view, the point at which financial innovation ceases to be truly innovative is marked by the regulation of financial technology.  This signifies the widespread adoption of innovation, reaching a level where even regulators cannot overlook its impact and importance.

Myth 2. FinTechs are non-banking institutions.

There is a common misconception that FinTechs are being introduced solely by non-banking financial institutions. Banks also leverage technology to enhance their services and remain competitive in the rapidly evolving landscape of financial services. However traditional banking systems, characterized by extensive red tape, vast hierarchical structures, complex legacy IT infrastructures and the “too-big-to-fail” mentality, might freeze innovation attempts.  

Myth 3. Only financial institutions might be called FinTechs.

Although financial services are provided by the licensed financial institutions (this is without prejudice to the regulatory exceptions), the technologies underpinning these services are often provided by technology firms. The synergy between financial institutions and technology service providers frequently results in the development of truly innovative financial technologies. 

Myth 4. FinTech is the core of financial institution startups.

While it’s true that many financial startups strive to leverage technological innovations to attract market share among financial service users, not all startups effectively utilize FinTech. While there are certainly notable once-startup superstars in the FinTech arena (such as PayPal, Revolut, Alipay, Stripe, TransferWise, etc.), our experience suggests that a large portion of startups build their business models on traditional financial infrastructure rather than fully embracing financial technology innovations.

Role of AML for FinTechs

The biggest risk is not taking any risk. In a world that is changing quickly, the only strategy that is guaranteed to fail is not taking risks.

Mark Zuckerberg

Money laundering and financing of terrorism threats may increase when technology enables anonymity, instant global reach and ease-up the client onboarding. Taking into account the potential risks that FinTechs might bring, Financial Action Task Force (FATF) requires financial institutions to “identify and assess the money laundering or terrorist financing risks that may arise in relation to (a) the development of new products and new business practices, including new delivery mechanisms, and (b) the use of new or developing technologies for both new and pre-existing products”. Financial institutions are required to implement appropriate measures to manage and mitigate these risks effectively.

Due to the pressure exerted by FinTechs to prioritize speed, enhance financial inclusion, and improve user experience, there’s a pressing need for innovative solutions that ensure AML/CFT compliance with the same efficiency, convenience (for compliance teams), seamless payment execution for clients without any suspicion of money laundering, terrorism financing, or sanction evasion at the same time ensuring accuracy for the better detection of suspicions. This is precisely where AML/CFT RegTech solutions come in, bridging the gap effectively.

To quote a UK financial sector watchdog (Financial Conduct Authority) “RegTech is a subset of FinTech that focuses on technologies that may facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities”. In other words, these are innovations to ensure regulatory compliance while serving the same tasks as FinTechs – speed, better user experience, better financial inclusion. 

AML/CFT requirements should uphold the principle of the “presumption of innocence,” meaning individuals are considered innocent until proven guilty. Moreover, it’s generally assumed that the vast majority of financial service users are conducting legitimate activities, with only a small minority engaging in wrongdoing, unless the business model itself caters to wrongdoers. Therefore, the benefits of FinTech solutions should be available to the majority of clients without interruptions, with only a fraction undergoing AML/CFT scrutiny. To navigate this balance while meeting compliance standards and avoiding regulatory sanctions, RegTech solutions play a crucial role in implementing a more effective risk-based approach and promoting financial inclusion. 

Here’s few RegTech technologies that AMLYZE also supports.


As per FATF “Artificial Intelligence (AI) is the science of mimicking human thinking abilities to perform tasks that typically require human intelligence, such as recognizing patterns, making predictions recommendations, or decisions”.  Various types of AI exist in the market, each having the common ground – using computational methods operating with varying degrees of autonomy to extract insights from diverse forms of data, ranging from structured to unstructured.

The latest trends in the AML/CFT area is to enable privacy enhanced tools (or PET) for data sharing and enabling distributed ledger technologies (DLT) to  improve traceability of transactions and speed up AML/CFT functions. The latter deserves a separate article, but for now, let’s focus on reviewing the RegTech tools supported by AMLYZE.

Behavioral analytics 

There are various AI subsets, behavioral analytics might be called one of those subsets. As per FATF report on Opportunities and Challenges of New Technologies for AML/CFT certain AML processes (like customer due diligence, client risk scoring, transaction monitoring) are “too rule-based rather than behavioral or contextual leading to the financial exclusion of unprivileged individuals or groups, who struggle to comply with the requirements”.

Behavioral analytics can give a more robust basis for customer risk profiling, better understanding of customer risks and improve the effectiveness of enhanced due diligence. 

Instead of relying solely on traditional rule-based systems, behavioral analytics leverages algorithms and machine learning to analyze vast amounts of data and identify suspicious behavior. The necessary aspects for behavioral analytics are the quantification of a client’s abnormal behavior with respect to peer groups and with respect to its own historical behavior. Advanced behavioral analytics might be a basis for dynamic risk scoring or enhanced transaction monitoring techniques. 

Natural language processing and fuzzy matching tools

Natural language processing (NLP) and fuzzy matching tools represent another subset of AI that facilitate the understanding and interpretation of human language. Fuzzy logic, a form of reasoning and decision-making, operates in scenarios where the truth values of variables are vague or imprecise, rather than strictly true or false. Fuzzy Logic systems excel in generating useful output when confronted with incomplete, distorted, or inaccurate (fuzzy) input.

NLP and fuzzy matching play a crucial role in enhancing the accuracy of screening processes for politically exposed persons (PEPs) and sanctions. They enable a more efficient reduction of false positives and negatives, thereby improving the overall effectiveness of screening procedures.


The development of technology-based solutions for “white-labeling” or “white-listing” non-risky clients and transactions, such as salary deposits, utility payments, government support payouts, etc., can expand access to basic financial services for more customers without introducing additional compliance risks for financial institutions.

While it may not be immediately recognized as an innovative RegTech tool, our experience highlights the critical role of technological advancements in making the management of “white-lists” more compliance-friendly or leveraging computing technology to incorporate past human decisions, such as suppression mechanisms, enhancing overall efficiency and effectiveness of AML/CFT processes in Fintechs.

Data pooling and PET

As old as the concept of Anti-Money Laundering/Countering the Financing of Terrorism is, the issue of data sharing remains a challenge in combating criminal activities. Criminal networks often operate across borders and institutions, leveraging data privacy protection regulations to impede private-private or private-public data sharing initiatives.

Financial institutions could enhance the quality of financial intelligence by collaborating within their groups and with other institutions to exchange information on suspicious clients or suspicious transactions.However, financial institutions should be cautious about potential liability for breaching data privacy protection requirements. Data sharing should only occur within the explicit parameters set by legislation in the jurisdiction of operation.

Pooling data on suspicious clients and transactions and utilizing computing technologies to extract intelligence from this data could be a breakthrough in combating criminal activities. In order to respect data privacy regulations, the new technologies – privacy enhanced tools (or PET) – are introduced in the RegTech market as an innovative solution for data sharing, possible pooling and later extraction of intelligence.

Privacy enhanced technologies are special “cryptographic capabilities, which allow computations to take place on underlying data, without the data owner necessarily divulging that underlying data. The same technology can ensure that the data owner does not have visibility over the search query, with the query and the results remaining encrypted (or not disclosed) and only visible to the requester.” To be short in words this is the technology that use encryption and would be useful primarily in allowing the protection of privacy as data is used.

AMLYZE, with its AML/CFT software tools for Fintechs and other financial sector players, is one of the pioneers in the field of data pooling and PET solutions.

Concluding AML for Fintechs topic

Each financial innovation pushes boundaries into the “unknown”, introducing new opportunities alongside emerging challenges that require vigilant risk management strategy. Innovations are changes, changes introduce uncertainty, and where there is uncertainty, there is potential for risk. Wherever there is potential risk, regulators intervene to mitigate those risks. It is a matter of policy within each jurisdiction to either foster financial innovations and accept associated risks or mitigate risks, acknowledging the potential for slower development of innovations. Striking a balance between encouraging innovative financial technologies and mitigating risks poses a significant challenge for regulation. When regulators adopt a conservative approach, expect supervisory fines to serve as a “whip” without the promise of any “gingerbreads” in return.

For institutions, applying financial technologies innovations in their business practices, introducing RegTech alongside FinTech is a matter of necessity rather than luxury (in terms of financial investments into new tools). The cost of reputational damage and hefty regulatory fines presents a risk that cannot be treated with nonchalance. When regulators adopt a zero-tolerance stance, the consequences of inaction are dire—it’s like playing with fire, inviting one’s own downfall.

Find out more about how different AMLYZE modules (transaction monitoring, risk assessment, investigations, screening) can ensure smooth compliance processes in Fintechs.

About the author

Eglė Kontautaitė
Eglė Kontautaitė
Eglė is Head of Customer Solutions at AMLYZE and has more than 13 years of experience in the supervision of financial market participants, most recently as Head of AML Department at the Central Bank. Also former country representative at MONEYVAL.


AML fines

AML Fines: Recent Most Famous Cases

Review of the world's largest recent AML/CFT fines and penalties. Valuable lessons learned from recent AML violations.
by Mažvydas Miliauskas
10 min read

Empower your compliance

Let us know how we can help

    Fill in the form bellow to contact us

    Why request a demo?

    It doesn’t matter whether you are interested in a complete end-to-end AML/CFT solution or just a single module from our range. We can help.

    Experience up to a 62% reduction in false positives

    Benefit from a library of over 100 risk rules

    Complete investigations in 3x less time than manually

    Save up to 3 hours per STRs/SARs filing

    Access a library of over 200 pre-defined scenarios