Written by Anders Schultz-Møller

The rising price of disengagement

It’s easy to think that money laundering is primarily the domain of Hollywood villains and sophisticated cybercriminals. But data tells a different story. The vast majority of AML failures are not due to a lack of firewalls but human error.

The most common reasons for fines are:

1. Insufficient KYC and CDD processes

At the core is Know Your Customer (KYC) (KYC) is the foundation of your protection. It’s the process of verifying that a customer is who they say they are – ID checks and screening against sanctions lists. But the real failure often happens in the next step: Customer Due Diligence (CDD).

CDD is where you assess the customer’s risk profile. It’s about understanding the nature of their business and the origin of their funds. The most common human mistake here is to treat this as a one-time onboarding checklist.

2. Insufficient transaction monitoring

Transaction monitoring is the process of reviewing financial activities to detect behavior that seems unusual in relation to the customer profile. Although software typically flags these transactions, it’s almost always the human that fails.

Often this is due to “alert fatigue”. When outdated systems generate too many false positives, compliance staff become overwhelmed. They start dismissing alerts too quickly just to clear the pile and risk closing the case on real money laundering.

In addition, criminals know how to avoid simple software rules – for example, by breaking large amounts of money into small, unflagged transactions (a tactic called “structuring”). It takes a trained human eye – not just an algorithm – to detect the subtle patterns and connect the dots between seemingly unrelated transactions.

3. Missing or delayed reporting of SARs

A Suspicious Activity Report (SAR) (SAR) is the mandatory reporting to authorities (e.g. the national Financial Intelligence Unit) when there is a reasonable suspicion of financial crime. Timing is crucial; regulators often operate with tight deadlines (e.g. 30 days) from the date the suspicion arises.

The failure here is often cultural or bureaucratic. Some frontline employees realize something “doesn’t feel right” but are afraid to escalate it or don’t know who to go to. Other times, the compliance team is behind and the investigation drags on for months.

A delayed SAR is considered a serious compliance failure because it delays the authorities’ ability to freeze funds. If the report ends up in a pile on a desk due to bottlenecks or lack of training, the window to stop the crime closes and the fines for the company start rolling in.

These are all processes that depend on the vigilance and understanding of your employees. And the price of human oversight is rising fast.

AML Reality Check

• Record high global fines
  2024 was a “record year” for AML fines, with $3.3 billion in sanctions globally across just 8 major cases. The total amount since 2000 has now reached USD 28 billion. (Source: Thefinancialcrimenews)

• Nordic sanctions
  The Nordic countries have not gone scot-free either. Regulators have imposed significant fines, including a single fine of up to USD 35 million from NYDFS for AML compliance failures, and a USD 46 million fine to a Swedish financial organization in 2024 – the second largest in Europe that year outside the UK. (Source: Moneylaunderingnews and Finbold)

Criminals don’t always wear balaclavas

If AML training is to stick, we need to move away from legal jargon and look at the people involved.

One of the reasons employees lose engagement is that they think they will never encounter a money launderer themselves. They look for complex, sophisticated crime patterns. But reality is both stranger – and more subtle – than fiction.

Real-life examples – like a respected university professor specializing in organized crime who was convicted of money laundering, or a case where a grandmother and her grandson laundered money from drug trafficking – show that financial crime often hides in plain sight. (Source: Sanctions.io)

These stories show that financial crime is not always sophisticated. Employees need to be trained to recognize patterns in everyday situations. Human-centered training translates passive knowledge into active vigilance.

From passive listening to active vigilance

If you want your team to spot a red flag in a spreadsheet or understand the compliance implications of a new customer profile, you can’t settle for passive presentations.

Engaged employees are the best defense against financial crime. Studies show that highly engaged employees are more likely to actively participate in training, remember the content better and actually increase the number of SARs reported. (Source: Financial Crime Academy).

This is where the shift happens:

1. Stop thinking of training as an annual commitment.
2. Make it relatable through real-life scenarios and clear storytelling.
3. Use interactive formats in e-learning. Interactive and scenario-based modules – including quizzes, games and cases – in AML training has proven significantly more effective than classic classroom training. (Source: Financial Crime Academy).
4. Create a strong compliance culture where employees feel safe to report suspicious activities without fear. Such a culture significantly increases the impact of the AML program. (Source: AML UAE).

Ready to change the narrative?

At Grape, we know the difference between compliance that just ticks the boxes – and compliance that is actually remembered and put into action.

Our AML anti-money laundering and counter-terrorist financing course is built on the principle that you must first train people to recognize the danger signs before you can prevent financial crime. We translate complex requirements into clear, concrete and practical examples that your employees can actually remember – where it counts.