One of the world’s largest digital banks grew its customer base by 62% in 2021. Four business focused digital banks raised more than $1 billion in early 2022. As the popularity of digital banks grows, so does the attention regulators pay to them. The United Kingdom AML regulator warned that digital banks have weak defences against financial crime. Compliance with AML/CTF regulations is essential in preventing criminal activity and helps protect the bank, its customers and the financial system. AML/CTF can be complex and involves implementing different processes to help mitigate risk.  

Read on to learn more about AML/CTF regulations for digital banks and how to remain compliant.   

Regulation for Digital Banks 

Digital banks are often described as challenger banks or neobanks. Challenger banks conduct most of their business online, while neobanks do business exclusively online. Many jurisdictions, including the US and some European countries, apply traditional banking licence requirements to digital banks. Jurisdictions including Saudi Arabia, Singapore, and South Korea have created digital-specific banking licences.  

The AML/CTF regulations that apply to conventional banks also apply to digital banks. However, digital banks have specific regulations to need to be considered.  

What Is AML/CTF? 

Anti-Money Laundering and Counter Terrorism Financing (AML/CTF) are regulations that enable the detection and prevention of money laundering and terrorism financing activities. It offers tax and law enforcement agencies intelligence on illicit activities. These regulations aim to stop financing criminal activities and promote integrity and stability within financial systems.  

FATF’s Guidance for AML/CTF 

More than 200 jurisdictions follow guidance from The Financial Action Task Force (FATF). FATF is the international body that develops and promotes AML/CTF policies. This intergovernmental organisation establishes worldwide norms to prohibit these illicit behaviours and their negative impact on the financial system. Individual countries apply and enforce their own AML/CTF regulations based on legislation provided by FATF.  

The FATF recommendations are the global AML/CTF standards and are revised constantly.  

Applying a Risk-Based Approach 

The FATF’s guidance is to follow a risk-based approach for different industries. Countries should recognise, calculate, and understand their money laundering and terrorism financing risks and, based on these elements, enact legislation to address industries such as banking.  

Coordinating National Policies 

FATF recommends that countries establish authorities to coordinate AML/CTF policies. AML/CTF regulations need to be compatible with other countries legislation. As an example, compatibility with data protection and privacy rules is critical.  

Criminalising Money Laundering and Terrorist Financing 

FATF’s guidance states that countries should criminalise money laundering and terrorism financing activities. National legislation can follow international conventions and resolutions.  

Taking Preventive Measures 

The FATF Recommendations include a series of preventive measures for AML/CTF. These measures include: 

  • Know Your Customer (KYC) 
  • Customer due diligence (CDD) 
  • Record-keeping 

Specific customers and types of banking activities may need further measures. 

Reporting Suspicious Transactions 

Traditional and Digital banks are required to report suspicious financial behaviour as quickly as possible. This implies upon becoming aware of the action, not after investigating. They should make this report to their national financial intelligence unit. FinCEN (Financial Crimes Enforcement Network) (US) and AUSTRAC (Australia) are two examples of such financial intelligence units. 

Maintaining Transparency in the Ownership of Companies 

Criminals can use companies for money laundering or terrorist financing. As a result, FATF recommends that banks keep information on the companies and organisations about their: 

  • Ownership 
  • Control 
  • Beneficiaries 

The information should be accurate and up to date. 

Ensuring Oversight for Financial Institutions 

Regulation and enforcement are critical for compliance with the FATF Recommendations. A national system of licencing and registration for financial institutions is essential. 

Cooperating Internationally on AML/CTF 

FATF’s guidance emphasises the importance of international cooperation. The international community is aware of the problems posed by the complexity of illegal financial flows and the need to recover and return stolen assets. Banks should thus be able to fulfil lawful requests for information about AML/CTF to be able to comply with the regulations. 

AML/CTF Preventive Measures and Reporting for Digital Banks 

Digital banks need to put in place the appropriate AML/CTF preventive measures based on FATF’s guidance. They also need to have procedures in place for reporting suspicious financial activity. National laws may provide more specific criteria for compliance. 

Know Your Customer 

Know Your Customer is part of the customer onboarding processes as well as part of the customer due diligence process. KYC verifies a client’s identity when they open an account. Identity verification should ideally take place periodically over time. The KYC process can include: 

  • ID document verification 
  • Face or other biometric verification 
  • Proof of address using documents like utility bills 

KYC should be an automated process for neobanks. Having an automated process can encourage financial institutions to perform Know Your Customer (KYC) checks more often, which makes it easier to spot risks. Digital banks need proper controls to ensure the integrity of the process. 

Customer Due Diligence 

Customer due diligence (CDD) evaluates a customer’s risk for money laundering or terrorism financing. Digital banks check customer information against sources such as: 

  • Government records 
  • Watchlists 
  • Sanctions lists 

Adverse media checks are another source of information for CDD. This service looks for reports of a customer’s role in money laundering or terrorism financing or any negative news associated with that individual. Customers with a higher level of risk may require more enhanced CDD procedures. A politically exposed person (PEP) is a type of client with a higher level of risk, PEPs hold or have held a prominent public position. They could abuse their position for money laundering or other financial crime activities. 

Transaction Monitoring 

Ongoing transaction monitoring is an integral part of CDD. Neo banks should monitor transactions to ensure that transactions are consistent with: 

  • The bank’s knowledge of the customer 
  • The customer’s business and risk profile red flags in transaction monitoring are raised because of:  Transactions with a value higher than the legal limit 
  • Unusual transaction patterns 
  • Transactions involving PEPs and sanctioned individuals 
  • Transactions involving a high-risk country 

Ongoing monitoring is critical for identifying suspicious activity. It helps digital banks find potential problems as quickly as possible. 


Thorough record-keeping is vital for AML/CTF compliance. Digital banks should keep documentation for all types of transactions. They must keep all records obtained through CDD as well. Banks must hold this data for at least five years. Data storage must be secure, and data must also be easily accessible to fulfil lawful information requests. 

Reporting Suspicious Transactions 

Digital banks must establish procedures for identifying and reporting suspicious activity. They must report suspicions that relate to money laundering and/or terrorism financing. The report should go to the appropriate financial authorities. Reporting should happen as soon as possible after suspicious activities occurs. 

Simplify AML/CTF Compliance for Digital Banks 

AML/CTF regulations are complex and digital banks face increased scrutiny because of widespread failures in compliance. NameScan helps digital banks adhere to their KYC requirements. NameScan provides an integrated platform for Risk and compliance Management including PEP, Sanctions and Adverse Media screening. NameScan’s AML (Anti Money Laundering) Risk  Assessment Consulting can also be of benefit to digital banks. Register for a free account today to see how our solution can enable your organisation to remain compliant with AML/CTF regulations.