Sep 15, 2022
4 min read

AML Compliance for Brokers: How to Detect and Avoid Money Laundering

If you aren’t sure what money laundering red flags are and how to follow all the AML regulations, this article can help you.

The trading industry is constantly mired in financial scandals related to money laundering. In 2021, two well-known broker-dealer companies, Morgan Stanley and Interactive Brokers, faced scrutiny by US authorities for having managed the accounts of a Venezuelan businessman, who managed to launder more than $2 billion. For Interactive Brokers, this wasn’t the first penalty of its kind. Just a year earlier, the company had to pay a penalty of $38 million for a different AML violation.

The trading industry is strictly monitored by Anti-Money Laundering (AML) regulators. This is due to the huge number of financial operations conducted by the industry and the variety of international actors involved. Accordingly, broker-dealers need to follow compliance requirements established by national authorities. Our article will break this down in more detail. 

Detecting money laundering red flags

National and international AML regulators have a list of common red flags which may signal money laundering activity. FINRA, an organization that oversees US broker-dealers, has outlined five categories that companies should look out for.

#1. Customer Due Diligence (CDD) and interactions with customers 

This category is related to customer verification. Red flags arise when:

  • A customer refuses to provide certain information (e.g., source of funds);
  • The provided information doesn’t match provided documents;
  • A customer comes from a high-risk country (e.g., bank secrecy havens, tax shelters, and high-risk geographic locations); 
  • A customer has no apparent reason to use the services of a broker-dealer from another country;
  • A customer has a history of account rejection or termination in other financial institutions;

It’s also a red flag if a customer is on sanction lists (OFAC, UN, HMT, EU, DFT, etc.) and Politically Exposed Persons (PEP) lists.

#2. Deposits and securities

This category focuses on “suspicious transactions.” These have a broad range of red flags but typically include: 

  • Depositing finances and shortly after requesting their withdrawal;
  • Depositing or receiving large amounts of low-priced, non-exchange listed securities;
  • Sending shares into multiple seemingly unrelated accounts.

If a broker-dealer notices such a pattern, they should report it to the respective authority. Companies can use automated financial transaction monitoring tools which help identify any unusual or unexpected transactions that may give rise to suspicion of money laundering or terrorist financing. This is done by establishing the destination of funds and ascertaining the reason for certain transactions.

Are you thinking about implementing an automated transaction monitoring solution? Sumsub has just what you need. Contact us today to get a free demo.

#3. Securities trading

This category focuses on abnormal customer behavior during securities trading. Some of these actions can be evidence of price manipulation. Examples of red flags include:

  • Placing and entering multiple orders from both sides of the market and consequently canceling them on the placing side with the intent to raise stock prices;
  • Engaging in pre-arranged or other non-competitive securities trading;
  • Making a large purchase or sale of a security shortly before a significant announcement is issued that affects the price of the security.

If you want to learn more about market manipulation and ways to confront it, read our article on common challenges in trading

#4. Money movements

This category focuses on customers who avoid reporting their funds or try to hide large transactions. For example, customers may: 

  • Break funds transfers into smaller transactions to avoid raising suspicion;
  • Use wire transfers for no apparent reason. If a user makes wire transfers to high-risk countries, it may be considered a red flag and companies should therefore increase their due diligence procedures.

#5. Insurance products

Insurance-related red flags include:

  • Conducting unusual operations, such as canceling an insurance contract and directing that the funds be sent to a third party; 
  • Repeatedly opening and closing accounts with one insurance company, each time with new ownership information;
  • Purchasing an insurance product with no concern for the investment objective or performance.

It should be noted that the presence of a red flag doesn’t necessarily mean that a customer is engaged in criminal activity. However, broker-dealers should be vigilant if they detect several red flags. And if the broker determines that the activity is indeed suspicious, they should report it to the respective authority. Failure to do so may result in penalties.

Broker-dealer AML regulations

Every country has its own set of AML regulations with which broker-dealers have to comply. While the details vary, most requirements are the same across the world. In this article, we provide a quick overview of regulations in the US, UK, and the EU.

  • US regulators and regulations

    Regulators: In the US, the main regulatory body is the Financial Industry Regulatory Authority (FINRA). To conduct securities transactions or any other business with investors, both firms and individuals must be registered with FINRA.

    The Financial Crimes Enforcement Network (FinCEN) is another US organization that punishes criminals and criminal networks related to money laundering activities. It analyzes financial data and builds global cooperation with counterpart organizations in other countries.

    Regulation: The Bank Secrecy Act (BSA).

  • UK regulators and regulations

    Regulator: The Financial Conduct Authority (FCA) is the main AML regulator in the country. The FCA operates an up-to-date register on all authorized UK firms capable of trading forex or providing trading platforms for retail traders to buy and sell forex or contracts for difference (CFDs), binary options, and other commodities.


  • EU regulations

    Regulations: EU countries based their AML regulations on several EU legislative directives—4 AMLD, 5 AMLD, and 6 AMLD. These directives have been almost entirely adopted by the national authorities of the EU member states. In July 2021, the European Commission presented a package with a series of proposals against money laundering in the region. Among such initiatives, the EU plans to create an institution dedicated to confronting money laundering in the Union. Other initiatives include:

    • New regulations on AML, which will unify EU AML requirements, including Customer Due Diligence (CDD).
    • Revision of Regulation of Transfer of Funds, which will allow trace transfers of virtual assets.

Broker-Dealer AML Compliance Infrastructure

Broker-dealers need to follow the national regulations of the countries they operate in. In most countries, regulators require companies to register with the respective authorities (e.g., firms working in the US must be registered with FINRA). 

Internal controls. Registered companies must implement policies and internal controls, which should be compatible with the risk profiles of its staff members, customers, and financial activities. 

Customer verification. Companies should also implement proper Customer Due Diligence (CDD) procedures. This includes collecting the personal data of their customers. What’s required for collected may vary from country to country, but usually the following information must be collected from customers and then verified:

  • Full name;
  • Residential address;
  • Date of birth;
  • ID number.

Companies must also check whether their customers are featured within any sanction lists (OFAC, UN, HMT, EU, DFT, to name a few), PEP lists, and adverse media, among others.

Record keeping. Companies should keep the records of their customers for a period specified by the responsible authorities or law directly. For example, in the UK, the general period for record keeping is five years as prescribed by the AML law is as follows:

  • Where the records relate to an occasional transaction, the 5-year data retention period begins when the transaction is completed;
  • If an account gets closed, the 5-year data retention period begins from the date of account closure. 

Reporting. In case companies have suspicions of money laundering taking place on their platform, they should report the cases to the respective authorities. Suspicious activities can be identified by checking the list of AML red flags provided at the beginning of the article. 

Companies can implement automated Know Your Customers (KYC) solutions to comply with AML regulations. They can also use KYC tools to easily collect and verify information about their customers. Moreover, an efficient KYC provider can help broker-dealers stay compliant and maintain high pass rates. 

If you want to learn more about building an efficient verification flow for broker-dealers, download Sumsub’s complete KYC guide for the trading industry.


  • What is brokerage compliance?

    Brokerage compliance is a series of policies and procedures broker-dealers need to implement to stay compliant with national customer due diligence regulations. They include:

    • Internal policies;
    • Identification and verification;
    • Sanction and AML screening;
    • Ongoing monitoring;
    • Record-keeping;
    • Reporting.

  • Who regulates broker-dealers?

    There are governmental authorities established to regulate broker-dealers. In many cases, firms need to register with these authorities and report all suspicious activities to them. Examples of such authorities include:

    • The Financial Industry Regulatory Authority (FINRA) in the United States;
    • The Financial Conduct Authority (FCA) in the United Kingdom.

  • What are the FINRA compliance requirements?

    • Implementing policies and procedures to detect suspicious transactions;
    • Establishing policies and controls that would achieve compliance with the Bank Secrecy Act;
    • Annual testing for compliance to be conducted by staff or by a qualified outside party;
    • Designating to FINRA (by name, title, mailing address, e-mail address, telephone number, and facsimile number) an individual or individuals responsible for implementing and monitoring the day-to-day operations and internal controls of the program;
    • Providing ongoing training for appropriate staff members;
    • Including appropriate risk-based procedures for conducting ongoing customer due diligence.

  • Does FinCEN regulate broker-dealers?

    Yes. Every broker in the US is required to file suspicious activity reports with FinCEN.

AMLFinancial InstitutionsKYCMoney LaunderingRed FlagsReporting