Skip to main content Skip to navigation

AML compliance for challenger banks

Regulation Retail Banks Knowledge & Training

In a constantly evolving financial landscape, challenger banks have become increasingly mainstream, with one study suggesting 14 percent of UK adults hold an account with one of the four largest institutions.

Challenger banks disrupt the space occupied by legacy banks and financial institutions (FIs) to capitalize on consumer demand for seamless banking experiences delivered via digital platforms. However, their increased appeal presents new risks as criminals find ways to exploit emerging vulnerabilities for illegal activities such as money laundering and terrorism financing. Given these risks, challenger banks must understand their regulatory responsibilities and how to implement anti-money laundering (AML) programs to fulfill them. 

What is a challenger bank?

A challenger bank is an FI  that offers banking services through digital channels, often mobile apps. The name “challenger” comes from the fact they are challenging the traditional banking system by offering cost-effective, novel, and versatile financial products without compromising the customer experience. The term ‘challenger bank’ is often used alongside similar designations such as ‘digital bank’ and ‘neobank’, but these are in fact distinct: 

  • Challenger banks: Banks operating with their own licenses that can offer a range of banking services directly to customers.
  • Neobanks: Banks that do not operate under a full-scale traditional license and must partner with a license holder to offer banking services.
  • Digital banks: An umbrella term for several different types of banks, including challenger banks and neobanks, that leverage digital technologies for their services.

New challenger banks debut every year, offering a range of traditional and FinTech services to compete with their brick-and-mortar counterparts, including: 

  • Current and savings accounts.
  • Credit and debit cards.
  • Spending analysis apps.
  • Bill payment facilities.
  • Investment platforms. 

AML regulations for challenger banks

Jurisdictions worldwide have developed AML/CFT regulatory frameworks, which all FIs, including challenger banks, must conform to. Challenger banks sometimes partner with established banks for licensing, brand recognition, or financial reasons. However, these banks should be aware they remain fully obligated to conform to all relevant AML/CFT legislation, even if an FI they partner with already is. Challenger banks should, therefore, be familiar with the specific AML/CFT laws and regulatory bodies. 

US challenger bank regulations

  • Bank Secrecy Act (BSA): The BSA requires US challenger banks to implement a suitable AML program with reporting and record-keeping procedures, screening and monitoring measures, and a schedule of independent audits.
  • USA Patriot Act: Introduced to combat terrorism and terrorist financing, the Patriot Act expands the scope of the BSA with further identity verification and information-sharing requirements. 
  • Anti-Money Laundering Act (AMLA): AMLA supplements the US AML/CFT program with measures such as a beneficial ownership database, increased penalties for non-compliance, and expanded regulatory oversight. 

All US banks’ AML/CFT programs are regulated by the Financial Crimes Enforcement Network (FinCEN) and the Office of Foreign Assets Control (OFAC)

UK challenger bank regulations

  • Proceeds of Crime Act (POCA): This defines the offenses that constitute money laundering in the UK, and imposes requirements on firms regarding due diligence, transaction monitoring, and reporting. 
  • Money Laundering, and Transfer of Funds (Information on the Payer) Act: This addresses gaps in POCA by requiring firms to conduct written risk assessments, enhancing sanctions enforcement, and improving transparency over beneficial ownership
  • Terrorism Act: Introduced in 2000 and occasionally amended since then, this extended UK banks’ compliance obligations to CFT. 

In the UK, all FIs are regulated by the Financial Conduct Authority (FCA)

EU challenger bank regulations

  • ‘New’ Sixth Anti-Money Laundering Directive (6AMLD): As the EU’s main piece of AML legislation, 6AMLD must be transposed by member states into their domestic legislation. It contains definitions of predicate offenses in money laundering and requirements around beneficial ownership registration, politically exposed persons (PEPs), screening, monitoring, and reporting. 
  • AML Regulation: Adopted as part of the EU’s 2023 ‘package’ of AML reforms, this provides a single rulebook for obligated private sector entities to follow in an attempt to harmonize European AML regulation. 

Also included in this package was a new EU-wide regulator, the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA), will begin operating in 2025. Previously, challenger banks in the EU were overseen by individual states’ regulators, as well as by the European Banking Authority (EBA)

A Guide to Anti-Money Laundering for Digital Banks

Based on expert advice and interviews with sector leaders, our comprehensive guide takes you through every step in the compliance process for digital banks.

Download now

AML risks for challenger banks

All FIs face unique AML/CFT risks based on their customers, location, and products. Because of their innovative nature, challenger banks face both conventional and newer money laundering risks. Often, the features that make their offering attractive to customers are also the ones criminals seek to exploit. Therefore, they must find ways to continue playing to their strengths while mitigating risks such as: 

  • Speed and anonymity: Online financial services offer a degree of anonymity that in-person banking does not, which criminals can exploit to conceal their identities or use ‘money mules’ to open accounts on their behalf. At the same time, the speed of challenger bank transactions is a customer service benefit but also allows criminals to move large amounts of money around the world quickly. Without effective transaction monitoring measures, money launderers may use challenger banks to transfer funds before AML alerts can be triggered. 
  • Emergent methodologies: By definition, challenger banks disrupt traditional banking services. However, their innovations may also allow criminals to exploit new vulnerabilities and regulatory blindspots. Money launderers and fraudsters have already proven early adopters of new technology: In one 2024 case, a major engineering firm lost millions of dollars after being instructed to transfer funds by a deepfake video of a senior manager. 
  • Limited compliance resources: Challenger banks can move and innovate faster than legacy FIs – but they lack the compliance budgets and high headcounts of older institutions. This can create AML challenges, where hiring experts, training staff, and investing in specialist software are all essential elements of compliance programs. 
  • Regulatory gaps: Many customers open accounts with challenger banks specifically because they can easily send money to other countries. However, money launderers often attempt to use cross-border transactions to exploit inconsistencies in regulation across jurisdictions, making it harder for illicit finance flows to be detected. 

How challenger banks can comply with AML regulations

All FIs, including challenger banks, should design their AML compliance programs with the Financial Action Task Force’s (FATF) International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation, or ‘40 Recommendations’. These set the standard for AML globally and include core principles widely adopted across regulated industries. 

Challenger banks should also consider their unique risks and advantages when developing compliance programs. A risk-based AML program is important for challenger banks because it balances regulatory compliance and customer experience. It allows lower-risk customers to engage with services without needless friction while ensuring more robust scrutiny is applied to higher-risk customers. 

AML regulations dictate that firms must establish and verify their customers’ identities. Challenger banks are well-placed to use digital identity verification, including biometric data or scans of official documents, to onboard customers quickly but securely. At onboarding, they should also screen customers against international sanctions lists and watch lists, monitor their politically exposed person (PEP) status, and monitor their involvement in adverse media stories that might reveal a change in their AML risk profile. Once onboarding has been completed, banks should monitor customer transactions so they can investigate and report any suspicious financial behavior.  

Crucially, as forward-thinking, tech-native institutions, challenger banks are well-positioned to adopt smart AML technology to address their compliance needs. The compliance burden on these banks is substantial, requiring the collection and analysis of vast amounts of customer data. However, managing this data manually is impractical, making integrating specialist AML software essential. To maximize its effectiveness, this technology should be supported by in-house expertise through the appointment of a skilled compliance officer and regular AML training for all employees.

Compliance solutions for challenger banks 

FIs operating globally partner with ComplyAdvantage to meet regulatory obligations and fuel business growth. Challenger banks can build on their reputation for innovation by deploying leading-edge AML compliance technology, benefitting from: 

  • Real-time sanctions updates: ComplyAdvantage’s proprietary data is powered by artificial intelligence (AI) and overseen by experts, allowing firms to receive updates even before regulators announce them. 
  • Reduced false positive rates: Firms using ComplyAdvantage can streamline compliance with machine learning (ML) models that perform semantic and statistical analysis on new alerts, removing false positives from irrelevant or duplicated data. 
  • Automated customer and event risk scoring: Compliance teams can develop a data-driven understanding of their customers and tackle the most important cases first with automated, dynamically updated, and fully configurable risk scoring.  

Streamline your AML compliance for faster growth

Fortify your organization and fuel your growth with dynamic solutions tailored to your needs. Book your free demo today and find out why 1000s already use ComplyAdvantage.

Get a demo

Originally published 01 March 2021, updated 12 November 2024

Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.

Copyright © 2024 IVXS UK Limited (trading as ComplyAdvantage).