Strong KYC and AML strategies put into place are one of the most important things for businesses of any size. Whether a start-up or a well-established developed global corporation, the same rules apply to everyone in some industries. Depending on the industry and the regulations that apply, the criteria and requirements to be met might slightly vary but the purpose is always the same. It is highly important to ensure the safety of those who use the services, as well as those who provide them by preventing fraud attempts and other criminal activity.

KYC and AML – what is it and what’s the difference?

AML (Anti-Money Laundering) refers to the laws, regulations, and procedures intended to prevent money laundering activities, while KYC (Know Your Customer) refers to a set of guidelines that professionals are required to carry out a process to verify the identity of their customers, sustainability and risk level involved in maintaining a business relationship. Those procedures fit the broader scope of the AML policy. 

Due to the development of technology and the global digitalization spreading across different areas of our lives, the vast majority of services we use daily were transformed to be available online. Not only already-established businesses had to transform the way they functioned, but several new business models were created to fit people’s needs and preferences. Online banking, e-wallets, instant money-transfer apps – the popularity of those increased rapidly in the past decade.

But it is important to note that not only the financial and sector was impacted by the digital changes in the world. The travel, healthcare, and entertainment industries to name a few, had transformed rapidly, developing new ways to offer their services for online customers. 

Moreover, industries such as crypto trading evolved, attracting millions of users worldwide. With increasing popularity of such services, the regulatory expectations regarding KYC for crypto platforms has also grown

To reflect the shift in people’s preferences, it became a necessity to slowly introduce new rules regarding customer onboarding and AML policies, that would go hand in hand with already established laws and regulations. New rules were established, allowing more ways to perform customer due diligence and identity verification.

Discover the KYC platform for global customer onboarding

Streamline your onboarding processes. Experience unparalleled automation 

Monitoring: what are the statistics saying? 

The regulators around the world keep a close eye on any signs of neglectful practices regarding KYC and AML policies, among both online and offline businesses. Between 2015 and 2020 alone, global AML failures occurred consistently, including:

  • 115 cases of failed customer due diligence
  • 109 cases of poor AML management
  • 82 cases of failed suspicious transaction monitoring
  • 62 cases of poor compliance monitoring and oversight

Those failures don’t come without serious consequences, which can be severe. From long investigations, losing customers’ trust and established reputation, to legal consequences which result in serious penalties and fines. 

In the 2021 Global Enforcement Review, it was found that AML-related fines in the initial six months of 2020 alone have reached over $706 million, which compared with the previous year’s total sum of $444 million was a 59% increase.

Below you’ll find some of the numerous, most serious cases of KYC and AML compliance failures that were uncovered in the past few years.  

Skandinaviska Enskilda Banken (SEB) 

In 2020, Swedish Financial Supervisory Authority (FSA) fined the second largest Swedish bank, Skandinaviska Enskilda Banken (SEB) $107.3 million (1 billion Swedish crowns) following a review of the bank’s efforts to comply with AML policies. The regulator was investigating SEB’s AML governance and controls in Latvia, Lithuania, and Estonia. 

The investigation led by the Swedish regulator exposed a series of compliance issues. According to the regulator, a large number of SEB’s Baltic operations came from non-resident customers, including customers that were classified as high risk by subsidiary banks themselves. 

The FSA has also given the bank a year to improve its transaction-monitoring system to better identify customers classified as high risk. 

Deutsche Bank AG

In 2017, Deutsche Bank AG was fined 163 million pounds by the FCA and $425 million by the New York State Department of Financial Services for failing to maintain appropriate AML control policies between 2012 and 2015. The investigation revealed that the Deutsche Bank failed to properly identify their customers, which led to over $10 billion of unknown origin being transferred from Russia to offshore bank accounts. This behavior was described by the FCA as highly suspicious and suggesting financial crime, which was overlooked. Moreover, the regulator stated that the Bank failed to control the actions of the department responsible for KYC Verification.

The FCA also stated that it was apparent that the Bank didn’t implement automated AML systems for detecting suspicious transactions and did not introduce AML policies and procedures.

During the same year, Deutsche Bank was also fined $425 million by the US regulator, the Department of Financial Services, for the negligence of following the AML policies concerning the previously mentioned Russian money-laundering scheme. 

Moreover, in 2020, the same Bank was hit with a fine of $150 million for failing to properly monitor the relationship with their client, Jeffrey Epstein, who was previously convicted in 2008. 

The New York State Department of Financial Services stated that Deutsche Bank “failed to properly monitor account activity” despite having access to public information regarding Epstein’s earlier misconduct. The regulator also revealed that because of the oversight failure, the bank possibly processed hundreds of transactions (that totaled millions of dollars) that were linked to Epstein’s criminal activity. 

Commerzbank AG

In 2020, The Financial Conduct Authority (FCA) fined Commerzbank 38 million pounds. According to the regulator, the London branch of the bank failed in “a number of areas”. This included a failure to perform frequent due diligence on its existing clients on time, which resulted in nearly 2000 overdue due diligence checks on existing clients in March 2017.

Similar to the previously mentioned Deutsche Bank’s case, the FCA has also revealed Commerzbank’s issues with their automation tool for monitoring the money laundering risk of customer’s transactions. It was revealed that nearly 40 countries classified as high-risk were not monitored by the automation tool in 2015. 

It was also revealed that the appropriate policies and procedures were not implemented during the customer due diligence checks. 


One of the biggest trading platforms in the world, BitMex, paid $100 million penalty in August this year, in order to settle civil charges with FinCEN. 

The settlement was a result of a yearlong investigation enforced by the American financial regulator. 

In October 2020, it was alleged that the three co-founders of the exchange operated the platform from the US for at least six years  illegally accepted orders and funds from the US-based investors to trade cryptocurrencies without regulator clearance.

Moreover, FinCEN has stated that the exchange “failed to maintain necessary anti-money laundering protocols and conducted at least $209 million in transactions with known darknet markets or unregistered money services businesses providing mixing services.”

Crypto trading industry has rapidly grown in the past decade, attracting millions of users worldwide. With increasing popularity of such services, the regulatory expectations regarding AML and KYC policies for crypto platforms has also grown. Countries such as Canada, the UK, or member states of the European Union, have implemented new regulations and rules regarding crypto exchanges, requiring proper identity verification and compliance from platforms. 

Other global examples of compliance failures

It is also worth mentioning the cases that resulted in some of the highest-issued fines in recent years. One of the examples is the case of Goldman Sachs, where the fine reached over 2.9 billion dollars. The given fine was a response to one of the biggest corruption-related scandals linked with money laundering and bribery. 

In 2020, an Australian bank Westpac was fined $900 million (AUD$1.3 billion) for a series of failures related to transaction monitoring and violating multiple provisions of the Anti-Money Laundering and Counter-Terrorism Financing Act, which resulted in unreported transactions worth $11 billion and overlooked transactions linked to financing a criminal network in Asia. 

Although presented cases are only a small representation of the issue, they show the importance of complying with AML and KYC policies regardless of the company’s status and established position. They also illustrate the complexity of how different the examples of failures and negligence can be.

How to ensure the highest level of compliance? 

To plan a strategy that ensures the highest level of KYC compliance, it is important to work around four core steps, as stated in the Short KYC Guide by Fully-Verified: 

  1. Identifying the customer and verifying their true identity. This step includes collecting all the necessary information about the customer, using gathered data to check if the customer is a politically exposed person (PEP) or is listed on the Sanctions List, and finally collecting an image of the document and the customer to validate the ownership of the identity document.


  2. Assessing customer risk. This step concludes by evaluating the possibility of the customer committing crimes such as money laundering or terrorist financing, estimating what risk the customer poses of possible reputational damage, and obtaining information on the reasoning and intended nature of the business relationship. 

  3. Identifying the beneficial owner and taking measures to verify that person’s identity. 

  4. Ongoing monitoring and record-keeping. It is important to remember that ongoing monitoring and investigating existing customers’ activity is just as important as the first steps taken during the customer onboarding process. 

Another incredibly important factor to consider while working on ensuring the highest compliance and safe client onboarding is choosing the right KYC and identity verification provider. Fully-Verified offers a Manual KYC Service, as well as a video identity verification solution. During the process, a highly-trained operator, on par with a designated software, can verify the ownership of the document (Face Verification), observe the document from different angles to ensure its authenticity, and assess its overall quality, as well as lead a conversation with the customer. 

Discover the KYC platform for global customer onboarding

Streamline your onboarding processes. Experience unparalleled automation 

Related Post


Leave a Comment

Fully-Verified was created as answer to its founders collectively losing over $150 000 to various types of fraud in their eCommerce businesses.