AML / CFT Platform

Build an Anti-Money Laundering Programme Your Regulator Will Approve

A complete AML and Counter-Financing of Terrorism (CFT) platform that turns regulatory obligations into automated, defensible workflows. From Customer Due Diligence to Suspicious Activity Reporting — engineered to satisfy FATF, MAS, FCA, FinCEN, EU AMLD, and every major AML regime worldwide.

Book a Demo Transaction Monitoring
FATF Aligned ISO 27001 Certified SOC Type 1 & 2 700+ Global Clients
What Is AML?

Anti-Money Laundering, Explained

Anti-Money Laundering (AML) is the framework of laws, regulations, and procedures designed to prevent, detect, and report the use of the financial system to disguise the proceeds of crime. Counter-Financing of Terrorism (CFT) targets the same financial channels but is concerned with funds destined for terrorist activity, regardless of whether those funds originated legitimately. In every major jurisdiction, AML and CFT obligations are imposed jointly on financial institutions, payment providers, fund managers, insurers, crypto businesses, and other regulated entities.

The cost of getting AML wrong has never been higher. Global regulators issued more than $5 billion in AML penalties in 2024 alone. Beyond fines, deficient AML programmes lead to restricted licences, public censure, and personal liability for compliance officers. Yet most institutions still run AML on a patchwork of legacy screening tools, spreadsheets, and email-based case handling — systems that struggle to keep up with rising customer volumes, evolving typologies, and tightening regulatory expectations.

One Constellation's AML / CFT platform replaces that patchwork with a single, configurable workflow engine that implements every component of a modern AML programme: Customer Due Diligence (CDD), Enhanced Due Diligence (EDD), sanctions and PEP screening, real-time transaction monitoring, suspicious activity reporting, and immutable audit evidence. Used today by more than 700 financial institutions, banks, fund administrators, and legal firms globally.

Understanding the Threat

The Three Stages of Money Laundering

Effective AML controls are designed around how money laundering actually works. The classical model — recognised by FATF and every major regulator — identifies three distinct stages, each requiring different detection signals and control responses.

Stage 01

Placement

Cash from criminal activity enters the legitimate financial system. Common methods include cash deposits structured below reporting thresholds, smurfing across multiple accounts, and use of cash-intensive businesses. Strong KYC and source-of-funds verification at onboarding are the primary defence.

Stage 02

Layering

Funds are moved rapidly through a series of transactions designed to obscure their origin — wire transfers across jurisdictions, shell-company routing, conversion to and from crypto assets. Real-time transaction monitoring with behavioural analytics is critical to detecting layering activity.

Stage 03

Integration

The funds re-enter the economy as apparently legitimate wealth — through real estate purchases, business investments, luxury goods, or fund subscriptions. Strong KYB, UBO transparency, and source-of-wealth scrutiny make integration difficult to execute undetected.

Four Pillars of AML/CFT

Complete Coverage of the FATF Framework

Our AML / CFT suite implements all four pillars required by FATF and reflected in every major regulatory framework worldwide — Customer Due Diligence, ongoing monitoring, suspicious activity reporting, and audit evidence retention.

🪪

Customer Due Diligence

KYC, KYB, UBO identification, risk rating, PEP and sanctions screening — at onboarding and at every periodic review cycle.

🔍

Ongoing Monitoring

Real-time transaction monitoring, behavioural anomaly detection, and continuous re-screening of every customer against updated watchlists.

📋

SAR / STR Reporting

Structured case files for Suspicious Activity Reports. Direct regulator filing where supported (FinCEN, MAS STRO, FCA / NCA, AUSTRAC).

📚

Evidence & Audit

Every decision, alert, and case logged immutably. Regulator inspections and internal audits supported with one-click evidence export.

How AML / CFT Works on One Constellation

A Five-Stage Workflow Engineered for Defensibility

Our AML workflow implements the control environment regulators expect — risk-based, documented, defensible, and continuously reinforced. Every customer flows through the same configurable pipeline; every decision creates an evidence record.

01
Risk-Based Customer Profile
At onboarding, our proprietary risk matrix scores each customer across geography, industry, exposure type, and observed behaviour — driving the depth of due diligence applied.
02
Enhanced Due Diligence (EDD)
High-risk customers route automatically to structured EDD workflows — source of wealth, source of funds, adverse media checks, and senior management sign-off where required.
03
Continuous Screening
Every customer is re-screened as global sanctions and PEP lists update. Adverse media is monitored in real time across thousands of news sources in multiple languages.
04
Transaction Surveillance
Real-time monitoring against configured typologies — structuring, layering, velocity anomalies, geographic risk, counterparty concentration, and many more.
05
Report & Defend
SAR / STR cases assembled automatically. Regulatory inspections supported instantly with one-click evidence packs containing every relevant decision and document.
AML Control Environment
✓ CDD Policy LibraryActive
✓ EDD Workflow EngineActive
✓ Sanctions & PEP ScreeningLive
✓ Adverse Media MonitorLive
✓ Transaction SurveillanceLive
✓ SAR / STR Filing PipelineReady
✓ Audit Trail VaultImmutable
✓ MLRO DashboardActive
Risk-Based Approach

Three CDD Tiers, Applied Automatically

FATF and every major regulator require AML controls to be proportionate to risk. Our platform turns that principle into a configurable engine, applying Simplified, Standard, or Enhanced Due Diligence based on the risk profile of each customer.

Simplified Due Diligence

Tier 1 · Low Risk

Applied to demonstrably low-risk relationships — for example, regulated financial institutions from FATF-equivalent jurisdictions, or government entities.

  • Basic identity verification
  • Light-touch sanctions screening
  • Extended periodic refresh cycles
  • Straight-through onboarding

Standard CDD

Tier 2 · Standard Risk

The default tier for most customers. Full identity verification, address verification, beneficial ownership identification for corporates, and baseline ongoing monitoring.

  • Document and biometric KYC
  • Full sanctions and PEP screening
  • Annual periodic refresh
  • Active transaction monitoring

Enhanced Due Diligence

Tier 3 · High Risk

Mandatory for PEPs, customers from FATF high-risk jurisdictions, complex corporate structures, and high-value or politically-sensitive relationships.

  • Source of wealth documentation
  • Senior management approval required
  • Heightened transaction monitoring
  • Shorter periodic refresh cycles
Money Laundering Typologies

The Patterns Our Platform Detects

Modern AML detection is not just rule-based — it is typology-aware. Our platform ships with pre-configured detection logic for the typologies regulators most frequently identify in supervisory reviews and FATF mutual evaluations.

Structuring & Smurfing

Deposits or transfers deliberately kept below reporting thresholds, often spread across multiple accounts or short time windows to evade detection by Currency Transaction Report (CTR) systems.

Cash depositsThreshold patternsMulti-account

Layering & Rapid Movement

Funds received and rapidly moved on, often across multiple jurisdictions or counterparties — the classic intermediate stage of money laundering, designed to obscure origin.

Wire chainsCross-borderCrypto bridges

Trade-Based Money Laundering

Misuse of legitimate trade transactions to move illicit value — over-invoicing, under-invoicing, phantom shipments, multiple-invoicing of the same goods.

Invoice fraudTrade financeShell suppliers

PEP & Sanctions Exposure

Politically exposed persons and sanctioned entities are screened continuously — at onboarding, on every transaction, and as watchlists update. Indirect exposure through UBOs and counterparties is also detected.

PEP screeningSanctions hitsIndirect exposure

Crypto-Specific Risks

Travel Rule violations, mixer / tumbler interactions, sanctioned wallet addresses, and high-risk VASP counterparties — all surfaced through chain analytics and policy-based rules.

Travel RuleWallet riskVASP exposure

Behavioural Anomalies

Customer-specific baselines flag deviations from established patterns — sudden volume spikes, atypical counterparty geography, unusual product usage — catching risks that static rules miss.

VelocityGeographicAccount takeover
Proven in Production

AML That Actually Works at Scale

700+
Institutions Running AML on the Platform
60%
Reduction in False-Positive Alerts
100K+
Transactions Monitored Globally
24/7
Continuous Sanctions Re-Screening
Regulatory Framework

Aligned With Every Major AML Regime

Our AML workflows are pre-configured for the major global frameworks — and built to evolve as standards tighten. Every workflow maps explicitly back to the specific regulatory requirements it satisfies.

🌐
FATF 40 Recs
Global AML / CFT Baseline
🇸🇬
MAS Notice 626
Singapore AML / CFT
🇬🇧
MLR 2017 / FCA
UK AML Regulations
🇺🇸
BSA / FinCEN
US AML Framework
🇪🇺
EU AMLD 6
EU-Wide AML Directive
🇦🇪
DFSA / ADGM
UAE AML Standards
🇭🇰
HKMA AMLO
Hong Kong AML Ordinance
🇦🇺
AUSTRAC
Australian AML / CTF Act
AML / CFT FAQ

Answers for Compliance Officers

What is AML and why is it important?+
Anti-Money Laundering (AML) is the framework of laws, regulations, and procedures that financial institutions and other regulated businesses must follow to prevent, detect, and report money laundering and terrorist financing. AML is mandated globally — through FATF, MAS, FCA, FinCEN, EU AMLD, and dozens of other regimes — and is enforced through some of the largest regulatory penalties imposed on financial firms anywhere in the world. A robust AML programme protects the institution from financial crime, regulatory penalties, reputational damage, and personal liability for senior compliance officers.
What is the difference between AML and CFT?+
AML (Anti-Money Laundering) targets the concealment of proceeds from criminal activity. CFT (Counter-Financing of Terrorism) targets funds destined for terrorist activity, regardless of whether those funds originated legitimately. In practice, the controls overlap heavily — customer identification, sanctions screening, transaction monitoring — which is why regulators treat them as a combined obligation, often referenced as "AML / CFT" or "AML / CTF".
What is the difference between AML and KYC?+
KYC (Know Your Customer) is a subset of AML. AML is the broader framework of laws and controls designed to detect and prevent financial crime. KYC is the identity-verification and customer-risk-assessment component of that framework, performed at onboarding and refreshed periodically. AML also covers sanctions screening, transaction monitoring, suspicious activity reporting, and the operational governance around all of those activities.
What are the four pillars of an AML programme?+
Most regulators recognise four core pillars: (1) a documented AML compliance programme overseen by a designated officer, typically a Money Laundering Reporting Officer (MLRO); (2) Customer Due Diligence including KYC, KYB, sanctions / PEP screening, and risk rating; (3) ongoing monitoring including transaction surveillance and continuous re-screening; and (4) Suspicious Activity Reporting plus immutable evidence retention. One Constellation implements all four pillars in a single platform.
How does the platform implement a risk-based approach?+
Every customer is risk-scored at onboarding and re-scored continuously as new information arrives. The risk tier drives the depth of CDD applied — Tier 1 (low) gets simplified due diligence, Tier 2 (standard) gets full CDD, Tier 3 (high) triggers EDD with senior management approval. Risk factors, weightings, and tier triggers are fully configurable to match your firm's documented risk appetite and the FATF risk-based approach.
Do you support direct SAR / STR filing with regulators?+
Yes for the major supported regulators. Direct or assisted filing is available for FinCEN (US SARs), MAS STRO (Singapore STRs), FCA / NCA (UK SARs), AUSTRAC (Australian SMRs), and others. Cases are assembled automatically from flagged activity, reviewed by your MLRO, and submitted through integrated channels — with full audit evidence retained.
How is the audit trail structured for regulator inspections?+
Every event — customer onboarding, risk score calculation, screening result, alert triage, case action, SAR filing, periodic review — is logged with timestamp, actor identity, and cryptographic signature. Logs are write-once and append-only, exportable in regulator-ready formats. During an inspection, MLROs can produce complete evidence packs for any customer, period, or alert in a single click.
Can the platform handle high-risk industries like crypto and gaming?+
Yes. Crypto-specific configurations cover the FATF Travel Rule, VASP-to-VASP information exchange, chain analytics integration, wallet risk scoring, and the heightened PEP / sanctions screening expected by crypto-focused regulators. Gaming configurations cover age verification, source-of-funds checks, and deposit / withdrawal monitoring aligned with UKGC, MGA, AUSTRAC, and FinCEN casino rules.
How does ongoing monitoring work?+
Customers are continuously re-screened against updated sanctions and PEP lists. Transaction patterns are compared against behavioural baselines in real time. Periodic CDD refresh schedules trigger automatically based on the customer's risk tier. Any material change — new PEP flag, adverse media hit, unusual transaction pattern — escalates instantly to the Compliance Portal for analyst review.
How does the platform reduce false-positive alerts?+
False positives typically come from weak entity matching and coarse, static screening rules. Our platform uses fuzzy matching, structured entity resolution, jurisdictional context, configurable match thresholds, and an analyst feedback loop — together reducing false-positive rates by up to 60% compared with legacy AML tools. The result: analysts spend their time on real risk, not noise.
Does the platform integrate with our existing systems?+
Yes. The platform is API-first and provides REST APIs, webhooks, mobile SDKs, and pre-built connectors for major core banking, payments, CRM, and fund administration platforms. Most institutions are integrated and running live AML workflows within a few weeks.
Is the platform secure and certified?+
Yes. One Constellation is hosted on Google Cloud Services in Singapore with end-to-end encryption, ISO 27001 certification, SOC Type 1 and Type 2 attestation, Singapore FinTech Association membership, and GDPR alignment. Independent security audits are conducted regularly.

Build an AML Programme Your Regulator Will Approve

See how One Constellation turns AML / CFT into an automated, defensible, and audit-ready operation — configured for your jurisdiction and industry.

Book a Demo Explore Compliance Portal