Compliance Controls Library

Reference dossiers on AML, KYC, sanctions, fraud, and risk controls. What regulators expect, what good looks like, and the audit findings to avoid.

Showing 21–39 of 39 controls

Page 2 of 2

Incident Response operational-resilience

Incident Response is the documented process a financial institution uses to detect, contain, investigate, and report security and ...

Independent Testing regulatory

Independent Testing is a mandatory AML/BSA compliance control requiring a qualified, independent function to periodically review whether an ...

Liveness Detection KYC

Liveness detection is a KYC control that confirms the person presenting an identity document during remote onboarding is physically ...

Model Monitoring risk

Model Monitoring is the ongoing process of validating, tuning, and testing the risk models a financial institution uses to detect financial ...

Model Risk Management risk

Model Risk Management (MRM) is the formal discipline of identifying, validating, and governing quantitative models that financial ...

Model Validation risk

Model Validation is the formal, independent process of testing whether a quantitative risk model is conceptually sound, performs as ...

Network Analysis AML

Network analysis is an AML compliance control that uses graph mathematics to map the connections between accounts, legal entities, ...

Ongoing Monitoring KYC

Ongoing monitoring is the continuous review of customer transactions, relationships, and risk profiles to detect suspicious activity and ...

Operational Resilience Testing operational-resilience

Operational Resilience Testing is the structured process by which financial institutions verify that critical business services can ...

Peer Group Comparison AML

Peer group comparison is an AML transaction monitoring control that measures each customer's financial activity against a cohort of ...

PEP Screening KYC

PEP Screening is the process of checking customers and their beneficial owners against databases of politically exposed persons to assess ...

Record Keeping regulatory

Record keeping is the compliance obligation requiring financial institutions to retain, index, and produce documentary evidence of customer ...

Sanctions Screening sanctions

Sanctions screening is the compliance control that checks customers, transactions, and counterparties against government-maintained lists ...

Simplified Due Diligence KYC

Simplified Due Diligence (SDD) is a risk-proportionate tier of customer due diligence that lets regulated financial institutions apply ...

Strong Customer Authentication payments

Strong Customer Authentication (SCA) is a multi-factor payment verification requirement that obliges payment service providers to ...

Suspicious Activity Report Filing AML

Suspicious Activity Report (SAR) filing is the control by which financial institutions formally report transactions or customer behaviors ...

Third-Party Risk Management operational-resilience

Third-Party Risk Management (TPRM) is the framework of policies, due diligence, and ongoing monitoring that regulated financial ...

Transaction Monitoring AML

Transaction Monitoring (TM) is the ongoing review of customer transactions to detect patterns consistent with money laundering, terrorist ...

Velocity Checks fraud

Velocity checks are a fraud and AML control that measures the rate, frequency, or cumulative value of a customer's transactions over a ...