Lesson 1Customer due diligence and onboarding controls: KYC, beneficial ownership, screening, EDD triggers for high-risk merchants like crypto and gamblingDis section address customer due diligence for merchants and partners, including KYC, beneficial ownership, sanctions and PEP screening, EDD triggers for high-risk sectors, and ongoing monitoring tailored to payment processor business models wey fit di market.
Merchant KYC and verification controlsBeneficial ownership identificationSanctions and PEP screening at onboardingEDD for crypto, gambling, and high riskOngoing due diligence and refresh cyclesLesson 2Transaction monitoring and detection rules: typologies for payments and digital wallets, rule design, thresholds, and scenario developmentDis section focus on transaction monitoring for payment processors, covering typologies for cards, APMs, and wallets, rule and scenario design, thresholds, alert handling, tuning, and model governance to detect money laundering and fraud patterns properly.
Payment and wallet AML typologiesDesigning rules and scenariosThreshold setting and calibrationAlert triage and investigation flowsModel validation and performance reviewsLesson 3Risk-based approach: risk appetite statements, risk tolerances, segmentation of customers and productsDis section describe how payment processors apply a risk-based approach, including risk appetite and tolerance statements, customer and product segmentation, scoring methodologies, and alignment of controls and monitoring intensity to risk levels wey make sense.
Drafting AML risk appetite statementsDefining risk tolerances and limitsCustomer and merchant segmentationProduct and channel risk scoringLinking controls to residual riskLesson 4Reporting and escalation: internal suspicious activity reporting, senior management and board reporting, regulator communication protocolsDis section cover reporting and escalation for AML and sanctions, including internal suspicious activity reports, case escalation, management information for senior leaders and di board, and communication protocols with regulators and banking partners for smooth work.
Internal suspicious activity reportingEscalation criteria and timelinesManagement and board reporting packsRegulator communication protocolsReporting to sponsor banks and partnersLesson 5Sanctions compliance program elements: screening workflows, watchlist management, false positive tuning, blocking/filing proceduresDis section detail sanctions compliance for payment processors, including screening design, list management, workflow configuration, false positive reduction, and procedures for blocking, rejecting, reporting, and documenting sanctions-related decisions wey strong.
Sanctions risk assessment for processorsName and payment screening designWatchlist sourcing and list governanceFalse positive reduction and tuningBlocking, rejecting, and reporting flowsLesson 6Policies and procedures: AML, sanctions screening, KYC, enhanced due diligence (EDD), transaction monitoring, data protection, recordkeepingDis section explain how to draft and maintain AML, sanctions, KYC, EDD, monitoring, data protection, and recordkeeping policies and procedures wey risk-based, operationally realistic, version-controlled, and aligned with regulatory expectations for di best.
Policy hierarchy and ownership modelCore AML and KYC policy elementsSanctions and screening proceduresEDD and transaction monitoring SOPsVersion control and approval workflowLesson 7Training and competency management: role-based training curriculum, frequency, tracking and testing of effectivenessDis section cover role-based AML and sanctions training for payment processors, including curriculum design by function, training frequency, delivery methods, tracking completion, testing effectiveness, and remediation for low scores or control failures wey help.
Training needs analysis by role and riskDesigning AML and sanctions curriculaTraining frequency and refresher cyclesTesting knowledge and measuring impactTracking completion and remediation stepsLesson 8Governance and organizational structure: Board oversight, Compliance Officer responsibilities, escalation pathsDis section define governance structures for AML and compliance in payment processors, clarifying board oversight duties, di Compliance Officer mandate, escalation channels, and committee frameworks wey ensure independent, well-resourced control functions properly.
Board AML and compliance oversight dutiesCompliance Officer mandate and authorityThree lines of defense model in practiceEscalation paths and issue ownershipCompliance and risk committee structuresLesson 9Recordkeeping and auditability: retention requirements, audit trails, change control for rules and modelsDis section explain recordkeeping and auditability requirements for AML programs, including retention schedules, secure storage, audit trails for key decisions, and change control for rules, models, and data to support regulator and internal audit reviews well.
Regulatory record retention requirementsDesigning searchable audit trailsEvidence of investigations and decisionsChange control for rules and modelsData lineage and system-of-record controls
