Domain 1
Risks and Methods
How financial crime occurs and where AML risk appears.
Domain 1 Sub-domain
Money Laundering and Financial Crime
Money laundering is the process of disguising criminal proceeds so they appear legitimate. Candidates should understand placement, layering, integration, predicate offences, typologies, and why professional judgment matters in suspicious activity analysis.
Learning Outcomes- Define money laundering and financial crime
- Explain placement, layering, and integration
- Identify predicate offences and common laundering methods
- Apply red flags to practical scenarios
Domain 1 Sub-domain
Money Laundering Risks in Financial Services
Banks and financial institutions face risk through deposits, transfers, lending, trade finance, private banking, correspondent relationships, cards, and digital channels. Risk increases when customer behavior, source of funds, geography, or transaction purpose is unclear.
Learning Outcomes- Recognize AML risks in banking products
- Identify unusual customer and transaction behavior
- Distinguish higher-risk products and channels
- Apply risk-based thinking to financial-services scenarios
Domain 1 Sub-domain
Money Laundering Risks in Nonbank Financial Services
MSBs, fintechs, payment institutions, virtual asset providers, securities firms, insurance providers, and exchange houses can be misused for rapid value movement, anonymity, layering, or integration. Controls must match the speed and risk profile of the product.
Learning Outcomes- Explain risks in MSBs, fintechs, securities, insurance, and virtual assets
- Identify red flags linked to rapid movement of value
- Understand agent, wallet, prepaid, and remittance risks
- Apply enhanced monitoring principles
Domain 1 Sub-domain
Money Laundering Risks in DNFBPs
DNFBPs such as lawyers, accountants, real estate agents, dealers in precious metals/stones, casinos, and TCSPs can be misused to hide ownership, create legal structures, move value, or integrate illicit wealth.
Learning Outcomes- Identify DNFBP sectors and risk exposure
- Explain misuse of legal persons and arrangements
- Recognize real estate and high-value asset red flags
- Apply beneficial ownership concerns to scenarios
Domain 2
Frameworks, Governance and Regulations
The global standards and legal frameworks that shape AML/CFT controls.
Domain 2 Sub-domain
Global AFC Standards and Guidance
International AML/CFT expectations are shaped by FATF Recommendations, mutual evaluations, UN conventions, sanctions obligations, Basel guidance, Wolfsberg principles, and regulatory expectations. The exam often tests how standards translate into practical controls.
Learning Outcomes- Explain the role of FATF and global standard setters
- Identify key international guidance sources
- Understand mutual evaluation and effectiveness concepts
- Apply global standards to institutional controls
Domain 2 Sub-domain
AFC Regulations and Regimes
AML/CFT regimes require customer due diligence, recordkeeping, suspicious activity reporting, sanctions compliance, beneficial ownership transparency, and risk-based supervision. Candidates must recognize how requirements differ but share common control themes.
Learning Outcomes- Recognize core regulatory obligations
- Explain CDD, EDD, STR/SAR, recordkeeping, and sanctions duties
- Identify governance and accountability expectations
- Apply regulatory concepts to exam scenarios
Domain 2 Sub-domain
Use of Guidance and AFC Cooperation
Effective AML/CFT depends on cooperation among institutions, regulators, law enforcement, FIUs, and international networks. Information sharing, typology reports, supervisory guidance, and public-private partnerships improve detection and investigation.
Learning Outcomes- Explain the role of FIUs and information sharing
- Identify public-private cooperation benefits
- Use typologies and guidance for risk assessment
- Apply cooperation concepts to investigations
Domain 3
Building a Compliance Program
How institutions design, operate, test, and improve AML/CFT controls.
Domain 3 Sub-domain
AML Risk Management Program Components and Duties
A sound AML program includes governance, policies, internal controls, responsible officer oversight, training, independent testing, monitoring, reporting, and board/senior management accountability.
Learning Outcomes- Identify core AML program components
- Explain responsibilities of compliance, business, audit, and management
- Understand training and independent testing requirements
- Apply three-lines-of-defense concepts
Domain 3 Sub-domain
Risk Assessment
Risk assessment evaluates customer, product, service, geography, delivery channel, transaction, and emerging risk factors. It drives controls, monitoring, resource allocation, and enhanced due diligence.
Learning Outcomes- Identify risk assessment inputs
- Explain inherent risk, controls, and residual risk
- Apply customer/product/geography risk factors
- Use risk assessment outcomes to guide controls
Domain 3 Sub-domain
Design Your AML/CFT Program and Controls
AML controls should be risk-based, documented, tested, and aligned with products, customers, systems, and regulatory obligations. Strong controls include CDD, EDD, screening, monitoring, escalation, and audit trails.
Learning Outcomes- Design controls based on risk
- Identify gaps in AML control frameworks
- Explain screening, monitoring, and escalation controls
- Apply control design in case-based questions
Domain 3 Sub-domain
Transaction Monitoring and Investigation
Monitoring identifies unusual activity using rules, scenarios, alerts, case management, and analyst review. Investigations should connect customer profile, transaction behavior, source of funds, counterparties, geography, and explanation quality.
Learning Outcomes- Explain alert triage and investigation steps
- Identify transaction monitoring red flags
- Distinguish unusual and suspicious activity
- Apply investigation judgment to scenarios
Domain 3 Sub-domain
Concluding an Investigation and Liaising with Law Enforcement
When suspicion is formed, institutions should document rationale, escalate, file STR/SAR where required, maintain confidentiality, and respond appropriately to law enforcement or FIU requests.
Learning Outcomes- Determine when escalation or reporting is needed
- Explain STR/SAR documentation principles
- Understand confidentiality and tipping-off concerns
- Identify when to cooperate with authorities
Domain 4
Tools and Technologies to Fight Financial Crime
How data, technology, automation, and analytics support AML/CFT work.
Domain 4 Sub-domain
Technology for AFC Compliance
Technology supports screening, transaction monitoring, case management, risk scoring, data quality checks, workflow, reporting, and governance. It must be explainable, tested, and aligned with risk.
Learning Outcomes- Identify common AFC technology tools
- Explain model governance and tuning needs
- Recognize benefits and limitations of automation
- Apply technology risk concepts
Domain 4 Sub-domain
Technology for Customer Onboarding
Digital onboarding uses identity verification, document checks, biometrics, database screening, sanctions/PEP screening, and risk scoring. The main risk is weak identity assurance or poor data capture.
Learning Outcomes- Explain digital onboarding controls
- Identify KYC technology benefits and risks
- Recognize identity fraud and synthetic identity concerns
- Apply onboarding controls to scenarios
Domain 4 Sub-domain
Technology for Ongoing Monitoring and Investigations
Ongoing monitoring uses alerts, analytics, link analysis, AI-assisted detection, entity resolution, and case workflow tools. Effective systems require good data, governance, testing, and human judgment.
Learning Outcomes- Explain ongoing monitoring technologies
- Identify data and model risk issues
- Understand alert quality and false positives
- Apply analytics to investigation scenarios
Domain 4 Sub-domain
Data Collection and Preparation
AML technology depends on complete, accurate, timely, and well-structured data. Poor data quality creates missed alerts, false positives, poor segmentation, and weak reporting.
Learning Outcomes- Explain why data quality matters
- Identify key data fields for AML monitoring
- Recognize data lineage and governance concerns
- Apply data quality issues to control weaknesses