Feb 23, 2023
3 min read

The 10 Most Common AML Red Flags 2024—Complete Guide

Learn about the money laundering red flags indicated in the FATF’s latest report.

The financial industry has to comply with Anti-Money Laundering (AML) regulations. This includes adopting a risk-based approach when working with customers, conducting Customer Due Diligence (CDD) checks and developing an ongoing transaction monitoring system. All of these procedures involve determining red flags that indicate suspicious customer activity. 

This article explains what these AML red flags are, with a focus on the top ten most common indicators.

What is an AML red flag?

AML red flags are warning signs, such as unusually large transactions, which indicate signs of money laundering activity. If a company detects one or more red flags in a customer’s activity, it should pay closer attention. In many cases, companies have to submit suspicious activity reports to authorities. However, the presence of a red flag does not  necessarily mean that the customer is a criminal by default. 

Categories of red flags

The FATF indicates 42 red flags that companies should be aware of, dividing them  into the following four categories:

  • Red flags about the client—for example, the client is overly secretive or evasive about their identity
  • Red flags in the source of funds—for example, the client is using multiple bank accounts for no good reason
  • Red flags in the choice of lawyer—for example, the client has changed advisors multiple times in a short timespan
  • Red flags in the nature of the retainer—for example, the client is involved in transactions that do not correspond to their usual business activities

FATF warnings

The FATF warns that criminals use one or a combination of the following methods to launder money:

  • Misuse of client accounts—use of corporate account for personal purposes, carding fraud, money mules
  • Property purchases—investing the proceeds of crime in real estate
  • Creation of companies and trusts—retaining control over criminally-derived assets while inhibiting law enforcement from tracing the origin and ownership of the assets
  • Managing client affairs and making introductions—use of bogus representatives to make  companies and trusts look more legitimate and avoid additional checks
  • Lending—when one company lends money to another in cash, which is paid back in non-cash

We’ve chosen the ten most common types of red flags in money laundering. The full version of the report “Money Laundering and Terrorist Financing Vulnerabilities of Legal Professionals” can be found here.

Red flags

  • Red flag #1: Overly secretive clients

    If a customer doesn’t want to provide their personal information, that’s a red flag that should draw your attention. According to the FATF, some of the information that customers deliberately hide includes:

    • Who they are

    • Who their beneficial owner is

    • Where their money is coming from

    • Why they’re performing the transaction

    Therefore, companies have to implement Know Your Customer (KYC) checks and Customer Due Diligence (CDD) procedures. This way, all new customers are mandated to provide required information, which is verified using official documents.

  • Red flag #2: Suspicious personal information

    New clients can have a questionable personal history. Therefore, companies should pay extra attention to customers with convictions for acquisitive crime or known connections with criminals. It’s also worth keeping a close eye on relatives of someone involved in illegal activities.

  • Red flag #3: Questionable source of funds

    According to the FATF report, questionable sources of funds include:

    • “Third-party funding either for the transaction or for fees/taxes involved with no apparent connection or legitimate explanation

    • Funds received from a foreign country when there is no apparent connection between the country and the client

    • Funds received from high-risk countries.”

  • Red flag #4: Atypical transactions

    If a customer conducts unusual transactions, a certain level of suspicion should arise. This includes:

    • Receiving and withdrawing large amounts of money on a regular basis without a clear economic purpose

    • Depositing unusually large amount of private funding, especially in cash

    • Using multiple bank accounts or foreign accounts without good reason

    • Repaying mortgages much earlier than the initially agreed maturity date or securing loans pledged by third parties unrelated to the borrower

    To detect such patterns, companies have to establish transaction monitoring policies and systems. At the moment, businesses increasingly rely on automated transaction monitoring solutions, which can be combined with KYC checks.

  • Red flag #5: Irrational choice of legal representative

    People typically hire legal representatives that correspond to their needs. That’s why if a client chooses a lawyer that’s not familiar with their industry-specific regulations, or doesn’t reside in the same country, it can be considered a red flag.

  • Red flag #6: Politically Exposed Person (PEP)

    Another red flag may come from Politically Exposed Persons (PEPs). A PEP is an individual who is currently (or has been) in a powerful public position, such as a high-level politician or judge. Since PEPs are exposed to sensitive information, there’s a higher possibility that they might abuse their position. Therefore, companies should have their policies intact when working with such customers. If you want to learn more about PEPs and how to work with them, read our guide here.

  • Red flag #7: Usage of virtual assets

    The mere use of virtual assets (e.g., cryptocurrencies) doesn’t indicate a red flag. However, if it is detected that a customer exchanges fiat into crypto on a regular basis without an apparent reason, this should raise suspicion. To learn more about the FATF’s regulations on virtual assets, read our Travel Rule guide.

  • Red flag #8: Presence on sanctions lists

    Companies need to ensure that their customers aren’t on any sanction lists. In many cases, customers may be added to a sanctions list after initial onboarding. Therefore, companies have to check sanctions lists on an ongoing basis.

  • Red flag #9: Presence in adverse media

    Companies need to monitor whether their customers have any adverse media presence. This means any sort of compromising information discovered across various sources (including traditional media, databases of international organizations, blogs, etc.). A proper adverse media check can expose complicity in money laundering, terrorist financing, financial fraud, racketeering, organized crime and much more.

  • Red flag #10: Geographic inconsistencies

    If a customer receives or sends money to unusual geographic locations that have nothing to do with their background or area of expertise, this can be considered a red flag. Further suspicion should arise if the location can’t be tracked or is a high-risk country.

Red flags by industry

There are certain red flags that are specific to specific fields.


  • Unusual size, destination, or pattern of transactions
  • Use of mixing services and fraudulent exchanges
  • Breaking down large transactions into smaller ones (also known as structuring)
  • Suspicious user behavior (e.g., constant change of personal information)

If you want to read more about money laundering in the crypto industry, ways to spot the red flags and what to do afterward, read our article here.

Real estate

  • Anonymous buyers
  • Use of shell companies
  • Buyers or funds located in a country with a weak AML regime, high corruption, or known support for terrorism
  • Discrepancy between the buyer’s official income and the property value
  • Unexplained distance between the buyer and the property
  • Under- or overpriced property value
  • Large amounts of cash used

To learn more about money laundering in real estate, check out our guide here.

Traders and broker-dealers

  • Quick movement of money coupled with low beginning and ending daily balances 
  • Foreign exchange transactions
  • Large transfers from customers that don’t have a trading background 

To read more about trading regulations around the world, check out our guide here.


 Usually, criminals conduct money laundering through banks in three stages:

  • Placement—introducing illicit money into the financial system
  • Layering—conducting a number of complex financial transactions to hide the source of illicit money
  • Integration—returning illicit money to criminals from what seems to be legitimate sources

A full guide on AML in banking can be found here.


  • What are red flag indicators?

    Red flag indicators signal criminal activity. Companies need to establish policies and procedures to ensure their ability to detect and report red flags to respective authorities in a timely manner. The Financial Action Task Force (FATF) provides companies with guidelines on what can be considered a red flag.

  • What is considered a red flag in banking?

    Some red flags include:

    • Overly secretive clients

    • Vague background information

    • Questionable source of funds

    • Atypical transactions

    • Irrational choice of a legal representative

    • Politically Exposed Person (PEP) status

    • Usage of virtual assets

    • Sanctions lists

    • Adverse media

    • Geographic inconsistencies

  • What are the red flags in cryptocurrency?

    Some of the red flags that we identify for the crypto industry include:

    • Unusual size, destination, or pattern of transactions

    • Use of mixing services and fraudulent exchanges

    • Breaking down large transactions into smaller ones (also known as structuring)

    • Suspicious user behavior (e.g., constant change of personal information)

  • What is considered suspicious bank activity?

    In general, suspicious activity in banking doesn’t have a good logical explanation. An example could be when a company specializing in marketing suddenly pays for building materials.

  • What is suspicious transaction monitoring?

    Transaction monitoring is an ongoing security process that helps companies detect suspicious transactions. Transaction monitoring software spots unusual patterns and reviews dubious transfers and transactions made in digital or fiat currencies. The purpose is to answer the following questions:

    • Where did the money come from?

    • Where is the money going?

  • Do wire transfers raise red flags?

    Generally, wire transfers don’t raise red flags unless they follow some of the abnormal patterns mentioned above. According to FinCEN guidelines, banks have to report wire transfers that exceed $10,000 to the IRS.

Adverse MediaAMLCDDFATFKYCRed FlagsRisk-Based ApproachSanctionsTransaction MonitoringVirtual Assets