Compliance

AML Compliance Guide: How to Detect and Prevent Financial Crime

AML compliance is one of the most demanding and most consequential regulatory obligations facing Nigerian financial institutions and designated non-financial businesses. This guide covers the mechanics of money laundering, the FATF framework, CBN requirements, and the practical controls every organization must have in place to detect and prevent financial crime.

"Money laundering does not just finance crime — it corrupts financial systems, distorts markets, and erodes the institutions that legitimate economies depend on."
Anti-Money Laundering (AML) compliance is the organizational framework of policies, procedures, controls, and monitoring systems designed to prevent, detect, and report the use of financial systems to conceal the proceeds of crime. In Nigeria, AML compliance is governed by the Money Laundering (Prevention and Prohibition) Act 2022, the Terrorism (Prevention and Prohibition) Act 2022, and comprehensive CBN AML/CFT Regulations — all aligned to the FATF 40 Recommendations.

The Three Stages of Money Laundering

Understanding how money laundering works is the foundation of effective AML compliance. The process occurs in three sequential stages:

StageWhat HappensIndicators
PlacementIllegal cash enters the financial system for the first time — the most vulnerable stage for detectionLarge cash deposits; structuring (multiple deposits just below reporting thresholds); purchase of monetary instruments
LayeringMultiple transactions and movements obscure the audit trail between the funds and their criminal originComplex chains of transfers; international wire transfers to and from high-risk jurisdictions; rapid movement through multiple accounts
IntegrationFunds re-enter the legitimate economy appearing to have a lawful originReal estate purchases; luxury goods; investment in legitimate businesses; loans repaid with laundered funds

The FATF 40 Recommendations — The Global Standard

The Financial Action Task Force (FATF) 40 Recommendations form the international standard for AML/CFT (Combating the Financing of Terrorism). Nigeria adopted these recommendations and the CBN's AML/CFT Regulations implement them in the banking sector. Key requirements include:

  • Risk-based approach: Apply enhanced controls proportionate to the ML/TF risk posed by each customer, product, and geography
  • Customer Due Diligence (CDD): Identify and verify every customer, understand the nature of the business relationship, and conduct ongoing monitoring
  • Enhanced Due Diligence (EDD): Apply additional scrutiny to high-risk customers — Politically Exposed Persons (PEPs), customers from high-risk jurisdictions, complex structures
  • Suspicious Transaction Reporting (STR): Report transactions suspected of being connected to money laundering or terrorism financing to the Nigerian Financial Intelligence Unit (NFIU)
  • Record keeping: Maintain CDD records and transaction records for at least 5 years
  • Tipping off prohibition: Organizations must not disclose to a customer that an STR has been filed or that they are under investigation

KYC — Know Your Customer

KYC is the process of identifying and verifying customers and understanding the nature of their business relationship. Effective KYC is dynamic — not a one-time onboarding exercise.

  • Customer Identification Programme (CIP): Government-issued ID, proof of address, corporate registration documents, and ownership structure for legal entities
  • Beneficial Ownership: Under CAMA 2020 and FATF requirements, organizations must identify and verify the ultimate beneficial owner(s) of any legal entity — the natural person who ultimately owns or controls the customer
  • Risk-based CDD: Simplified CDD for low-risk customers; standard CDD for medium-risk; EDD for high-risk including PEPs
  • Ongoing monitoring: Transaction monitoring, periodic KYC refresh, and event-triggered review when customer circumstances change

PEP Screening and Sanctions Compliance

  • Politically Exposed Persons (PEPs): Senior government officials, their family members, and close associates who present elevated corruption and money laundering risk
  • Sanctions screening: All customers and transactions must be screened against applicable sanctions lists — OFAC (US), UN Security Council, EU, and NFIU designation lists
  • Automated screening: Manual screening is insufficient for high transaction volumes — automated screening with regular list updates is the standard

Suspicious Transaction Reporting (STR)

The obligation to file an STR with the NFIU is triggered by suspicion — not proof. An organization that waits until it can prove money laundering before filing has failed its AML obligation. Indicators that should trigger STR consideration include:

⚑ STR Trigger Indicators
Transactions inconsistent with the customer's stated business or income
Multiple cash transactions just below reporting thresholds (structuring)
Rapid movement of funds through an account with no apparent business purpose
Customer reluctance to provide KYC documentation or explain transaction purpose
Transactions to or from high-risk jurisdictions without credible explanation
Significant change in customer transaction pattern without explanation

Key Takeaway

AML compliance in Nigeria's post-grey-listing environment demands genuine organizational commitment — not regulatory minimum compliance. Organizations that build risk-based KYC programmes, invest in transaction monitoring technology, train their staff on STR obligations, and file reports promptly build the compliance culture that regulators expect and that protects the integrity of the Nigerian financial system.

Read: Corporate Governance →