Compliance Controls Library

Reference dossiers on AML, KYC, sanctions, fraud, and risk controls. What regulators expect, what good looks like, and the audit findings to avoid.

Showing 1–20 of 32 controls

Page 1 of 2

3-D Secure Authentication payments

3-D Secure Authentication (3DS) is a payment security protocol that authenticates cardholders during online transactions, adding a ...

Adverse Media Screening KYC

Adverse media screening is a KYC control that systematically searches news databases, court records, and other public sources for negative ...

AI Governance AI-governance

AI Governance is the framework of policies, model validation procedures, oversight structures, and documentation standards that ensure AI ...

Alert Prioritization AML

Alert Prioritization is the AML control that ranks transaction monitoring alerts by risk severity so investigators work the highest-risk ...

AML / Fraud Training and Awareness regulatory

AML / Fraud Training and Awareness is the compliance control that ensures every employee who handles transactions, customers, or compliance ...

Audit Trail and Evidence Capture regulatory

Audit Trail and Evidence Capture is the compliance control that records every transaction, decision, and analyst action in a tamper-evident ...

Behavioral Analytics AML

Behavioral analytics is an AML control that builds statistical baselines of individual customer activity over time and flags deviations ...

Business Continuity Planning operational-resilience

Business Continuity Planning (BCP) is the documented process by which a financial institution ensures critical compliance operations remain ...

Case Management AML

Case Management is the AML workflow control that governs how a financial institution receives, investigates, documents, and resolves ...

Customer Due Diligence KYC

Customer Due Diligence (CDD) is the process through which financial institutions verify customer identity, understand the purpose of ...

Data Lineage operational

Data lineage is the documented ability to trace every compliance-critical data element from its source system, through each transformation, ...

Data Quality Monitoring operational

Data quality monitoring is the ongoing process of measuring, correcting, and governing the accuracy, completeness, consistency, and ...

Enhanced Due Diligence KYC

Enhanced Due Diligence (EDD) is the intensified customer verification and ongoing monitoring applied to high-risk relationships, mandated ...

Fraud Rules Engine fraud

A fraud rules engine is a real-time, configurable decision system that financial institutions use to evaluate transactions against defined ...

Human-in-the-Loop Review AI-governance

Human-in-the-Loop Review (HITL) is an AI-governance control that requires a qualified human reviewer to assess, confirm, or override ...

Incident Response operational-resilience

Incident Response is the documented process a financial institution uses to detect, contain, investigate, and report security and ...

Independent Testing regulatory

Independent Testing is a mandatory AML/BSA compliance control requiring a qualified, independent function to periodically review whether an ...

Model Monitoring risk

Model Monitoring is the ongoing process of validating, tuning, and testing the risk models a financial institution uses to detect financial ...

Model Risk Management risk

Model Risk Management (MRM) is the formal discipline of identifying, validating, and governing quantitative models that financial ...

Model Validation risk

Model Validation is the formal, independent process of testing whether a quantitative risk model is conceptually sound, performs as ...