AML & compliance glossary

A

Adverse media

Negative news mentioning a person or entity in connection with money laundering, fraud, terror finance, sanctions, corruption or other financial-crime predicate offences. Used as a risk signal alongside PEP and sanctions data.

AMLD (4, 5, 6)

The European Union's successive Anti-Money Laundering Directives. AMLD5 (2018) extended the regime to virtual-asset service providers and tightened beneficial-ownership rules. AMLD6 (2018, transposed by 2020) harmonised criminal-offence definitions and introduced corporate liability for AML failures.

AML

Anti-Money Laundering — the body of laws, regulations and procedures designed to prevent criminals from disguising illicit funds as legitimate income.

Asset freeze

A sanctions measure that prohibits dealing with funds and economic resources owned, held or controlled by a designated person.

B

Beneficial owner

The natural person who ultimately owns or controls a customer, typically defined as ≥ 25% direct or indirect ownership of a legal entity (lower in some jurisdictions). See UBO.

BSA

The US Bank Secrecy Act of 1970 — the foundational US AML statute. Administered by FinCEN.

C

CDD (Customer Due Diligence)

The baseline level of identity verification and risk assessment performed on every customer at onboarding and at regular intervals.

CFT

Counter-Financing of Terrorism. Often used together with AML as the umbrella term "AML/CFT".

Confidence score

A 0.00 → 1.00 value produced by a screening engine to quantify how likely a candidate match is the same person/entity as the input.

D

Designated person

An individual or entity formally placed on a sanctions list by a competent authority. Dealings with a designated person are restricted by law.

DPA

Data Processing Agreement — a contract between data controller and processor under GDPR Art. 28.

E

EDD (Enhanced Due Diligence)

A heightened level of verification, source-of-wealth review and senior-management approval applied to higher-risk customers — including PEPs, customers in high-risk jurisdictions and complex ownership structures.

EMI

Electronic Money Institution — an entity authorised under PSD2 (in the EU) or the Electronic Money Regulations (in the UK) to issue electronic money and provide payment services.

F

FATF

Financial Action Task Force — the inter-governmental body that issues the global AML/CFT standards (the "FATF Recommendations"). Its mutual-evaluation process drives most national AML legislation.

FinCEN

Financial Crimes Enforcement Network — the US Treasury bureau that collects suspicious-activity reports and administers the BSA.

False positive

A screening match that triggers analyst review but is, on inspection, not the same person as the candidate. The dominant operational cost in any screening programme.

K

KYC

Know Your Customer — the identity-verification component of CDD. Often used loosely to mean the entire onboarding workflow.

KYB

Know Your Business — the equivalent process for legal-entity customers, including UBO discovery and registry verification.

M

Money laundering

The process of disguising the origin of criminally-derived funds so they appear legitimate. Classically modelled in three stages: placement, layering, integration.

O

OFAC

Office of Foreign Assets Control — the US Treasury body that administers and enforces US economic sanctions. Maintains the SDN list.

OFSI

Office of Financial Sanctions Implementation — the UK Treasury body that maintains the UK consolidated sanctions list and enforces UK financial sanctions.

Ongoing monitoring

Continuous re-screening of existing customers against new list versions, so newly-designated persons are caught between scheduled reviews.

P

PEP

Politically Exposed Person — see the full PEP screening guide.

PSD2

The EU Payment Services Directive (revised) — the legal framework governing payment institutions, EMIs and open banking.

R

RCA

Relatives and Close Associates of a PEP — spouses, partners, parents, children and their spouses, plus business partners and known close associates. Inherits the PEP's EDD requirements.

Risk-based approach

FATF principle that AML controls should be calibrated to actual risk: more for high-risk customers, less for low-risk.

S

Sanctions

Restrictive measures imposed by states or supranational bodies to alter the behaviour of foreign actors. See the full sanctions screening explainer.

SDN

Specially Designated Nationals — the OFAC list of blocked persons and entities. The most widely-screened sanctions list globally.

SAR / STR

Suspicious Activity / Transaction Report — a regulatory filing made when an obliged entity suspects a transaction may relate to a financial-crime predicate offence.

T

Travel Rule

FATF Recommendation 16 — the requirement that originator and beneficiary information accompany cross-border wire transfers (and, since 2019, virtual-asset transfers).

Transliteration

Mapping a name from one script to another (e.g. Cyrillic → Latin, Arabic → Latin). Crucial for matching against sanctions lists, where the same person can appear under multiple romanisations.

U

UBO

Ultimate Beneficial Owner — the natural person at the end of an ownership chain. AMLD requires obliged entities to identify UBOs of legal-entity customers.

V

VASP

Virtual Asset Service Provider — exchanges, wallet providers and other crypto businesses, brought into the FATF perimeter in 2019.