Best Practices for AML Compliance Department Setup in 2025

Best Practices for AML Compliance Department Setup in 2025

Anti-Money Laundering (AML) Compliance is a team effort, and having the right set of minds on the team can make a big difference in regulatory compliance.

This article explores the best practices that a regulated entity can adopt when setting up an AML compliance department.

AML Compliance Department Composition

An AML compliance team is typically composed of:
  • KYC Analyst
  • Screening Analyst
  • Risk Analyst
  • Compliance Analyst
  • Subject Matter Experts
  • AML/CFT Compliance Officer

Why Having an AML Compliance Department Is a Necessity

Regulated entities in Singapore are required to fulfil all the Anti-Money Laundering/Countering Financing of Terrorism (AML/CFT) stipulated in the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992. An AML compliance department takes care of a range of compliance functions:
  • Enterprise-Wide ML/TF Risk Assessment
  • Developing Internal Policies, Procedures, and Controls (IPPC)
  • Know Your Customer, Business, and Transactions (KYC, KYB, and KYT)
  • Name Screening
  • Customer Risk Assessment
  • Risk-Based Due Diligence
  • Ongoing Monitoring of Transactions and Business Relationships
  • Regulatory Reporting
  • AML Training for Other Employees and Staff Members
  • Engagement with Industry Bodies and Regulatory Authorities

Best Practices for Setting Up AML Compliance Department

1. Assessing the Entity's Compliance Requirements

As the first and foremost step, consider the regulatory expectations for AML compliance for your sector, common industry practices, the regulated entity’s specific compliance objectives, and the gap that the entity seeks to cover.

A background check on the entity’s compliance requirements can give the entity a better idea of its personnel requirements.

2. Recruiting Individuals with the Right Skillset

Professionals who are engaged in financial crime compliance should be equipped with the following set of skills, among others:
  • Knowledge about AML regulations
  • Problem-solving mindset
  • Analytical skills
  • attention to detail
So, entities that want to set up an AML compliance department should look for these qualities when hiring for their team.

3. Leveraging New Technologies for AML Compliance

There are many technological solutions available in the market that can overcome the challenges of human intervention in compliance, like delays and human errors.
AML software can ease many AML compliance processes while complementing the work of compliance team members by automating the following aspects:
  • Filing KYC
  • Name Screening against sanctions list, PEP database and adverse media information
  • Customer Risk Assessment and Risk Profiling
  • Ongoing Monitoring of Transactions and Business Relationships
  • Regulatory Reporting like Suspicious Transaction Report (STR), Cash Transaction Report (CTR), etc
  • Case Management
Therefore, when developing an AML compliance team, regulated entities can also look into software solutions that can aid the functions performed by the team.

4. Allocating Budget to Fulfill the Team's Resource Requirements

When hiring talent or purchasing new technologies, it is important for regulated entities to ensure that they set aside an adequate budget that is sufficient for the compliance team’s sustenance, like salary and other incentives and day-to-day operations.

Setting a proper budget ensures that the entity’s compliance goals are aligned with the entity’s financial goals.

5. Keeping the Team Independent but Unified

Although, the AML compliance team should work in close collaboration with other teams, like front line staff, to have an effective compliance culture. Their independence is also equally important to ensure that their findings and opinions are honest and unbiased.

The relationship between an AML team and other teams of a regulated entity can be equated with the relationship between different organs of government. While there is separation of powers and responsibilities, there still needs to be a system of checks and balances.

6. Ensuring a Smooth flow of Communication

The best way to ensure cross-team collaboration is to open up channels for communication. A well-defined organisational structure can be a great starting point.

Since every team in an organisation has its own set of goals to achieve, constant and consistent communication can be helpful in ensuring that any conflicts of interest are resolved amicably.

7. Providing Access to All Relevant Data and Information

Since AML compliance is a very dynamic field, the AML department must be given access to all relevant, accurate and updated information regarding the customer and their transactions to ensure that the department can fulfil the regulated entity’s reporting and other AML compliance obligations and guard off the risks of money laundering.

8. Reporting Arrangement with the Senior Management

An AML compliance department is headed by an AML/CFT compliance officer who is incharge of fulfilling all the AML regulatory obligations. The compliance officer should report directly to the senior management.

This ensures that any critical matter relating to AML compliance is resolved promptly and transparently. This position is in line with Singapore’s AML norms, which state that an AML/CFT compliance officer should have the necessary seniority and authority to perform his/her duties.

9. Conducting Regular Training and Awareness Sessions

Since money laundering activities and their related risks are changing very quickly, all employees, but especially those working in the compliance department, should be imparted with regular training on subjects like:
  • A general background on money laundering, terrorism financing, and proliferation financing
  • Case studies and recent examples related to Money Laundering/Terrorism Financing (ML/TF) activities
  • ML/TF Red Flags
  • The laws and regulations governing AML compliance
  • Entity’s Enterprise-Wide ML/TF Risk Assessment
  • Internal Policies, Procedures and Controls (IPPC) of the regulated entity
  • Risk management strategies
  • Technologies and systems relating to AML
Regular awareness ensures the compliance team is aware of the risks of financial crimes and the gravity of the functions they perform. Periodic training equips them with the right set of knowledge and skills to perform their functions efficiently.

10. Ensuring Senior Management's Buy-in

If a regulated entity is looking to create and maintain a culture of compliance, then it needs to set the tone from the top. A common point of conflict between management and compliance teams stems from the cost-benefit ratio. Thus, senior management’s buy-in for the compliance program can be a step in the right direction in ensuring that compliance enables the regulated entity’s business, not bar it.

11. Staying Informed with Regulatory Updates

Regulated Entities in Singapore periodically update regulatory information through electronic medium. Here’s a list of non-exhaustive resources that a regulated entity’s AML compliance department can subscribe to to stay updated with regulatory requirements in Singapore:
  • Collaborative Sharing ML/TF Information & Cases (COSMIC): It is a digital platform for collaboration between financial institutions
  • MAS Mail List Subscription: Financial institutions can subscribe to the mail list managed by the Monetary Authority of Singapore (MAS) for all AML related news, regulations, and developments for their specific business sector
  • ACRA News Alert Service: It is an email service provided by the Accounting and Corporate Regulatory Authority (ACRA) for disseminating regulatory information
  • Inter-Ministerial Committee-Terrorist Designation (IMC-TD) Updates: IMC-TD updates on the terrorist designation and requirements for countering the financing of terrorism
Apart from the above-mentioned resources, compliance department professionals can visit sector-specific regulatory authority’s websites for fresh regulatory updates or guidance.

12. Defining a Code of Conduct

A well-defined code of conduct is the skeletal on which the team’s overall organisational functions can be structured. Including the following aspects in the code of conduct assures that an employee’s behaviour meets the entity’s expectations:
  • Entity’s ethical standards
  • Compliance with the laws and regulations
  • General guidelines on communication and collaboration
  • Health, safety, and environmental norms
  • Hierarchical Code

Final Thoughts on Best Practices for Setting Up an AML Compliance Department

All regulated entities wish to implement the best AML controls. However, it is also important to focus on the on-ground personnel who implement those controls. With the best practices outlined in this article, regulated entities can set up an AML Compliance Department that is well-equipped to tackle complex money laundering challenges.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 7+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.