AML red flags: what payment systems and banks watch closely

Bank or PSP onboarding is increasingly a stress test of operational transparency for businesses. Refusals, account freezes, and document requests often arise not from proven legal breaches, but from AML red flags – risk indicators that banks are required to consider. Many companies only learn about these “red flags” after the fact, when transactions are already suspended and counterparties are waiting for payments. This article explains which red flags banks and PSPs monitor most closely and what businesses can do in advance to avoid falling into a high AML-risk category.

What banks and payment processors call AML red flags?

AML red flags are indicators of elevated risk that banks and payment systems use within a risk-based approach. The presence of red flags does not automatically mean a legal breach, but it justifies enhanced due diligence, additional document requests, or transaction limits. Regulators explicitly expect financial institutions to identify such risk signals and respond proportionately to the threat level.

Red flags vs legal violations: what’s the difference

It is important to distinguish red flags from confirmed AML breaches. Red flags are behavioral or structural indicators pointing to potential vulnerabilities in a business model or transaction flows. A bank does not need to prove money laundering to suspend operations or request further evidence. It is enough that the client profile no longer matches the originally declared model or typical market behavior. This is why businesses may face restrictions even when their activity is formally lawful.

Risk-based approach: why “grey areas” are enough for bank action

Modern AML frameworks rely on the risk-based approach reflected in FATF recommendations and applied by regulators in the EU, the UK, and the US. Banks must assess not only actual breaches but also the likelihood of risk based on client profile, geography, industry, and transaction patterns. As a result, “grey areas” (unusual fund flows, complex ownership structures, or opaque counterparties) are sufficient grounds for enhanced monitoring or service refusal.

Where AML red flags are identified

Red flags are detected at different stages of the client relationship, not only at onboarding. Some arise during KYC/KYB and ownership reviews, others through ongoing transaction monitoring and sanctions screening. A significant share appears after operations begin, when actual behavior diverges from the stated business model. For banks and PSPs, this is a key trigger for reassessing a company’s risk profile.

Client and beneficiary: red flags at KYC/KYB level

At the onboarding stage, banks and PSPs build an initial risk profile of the client. Most AML red flags later “surface” because mismatches visible during KYC/KYB were not properly addressed. For businesses, weak preparation at the start almost always turns into issues during scaling.

Opaque UBOs and complex ownership structures

One of the key red flags is the inability to quickly and clearly identify ultimate beneficial owners. Multi-layer holding chains, nominee shareholders, and frequent ownership changes complicate risk assessment. Even if the structure is lawful, opacity raises the company’s risk profile and may trigger enhanced due diligence or service refusal.

Note! Following the CJEU judgments in Joined Cases C-37/20 and C-601/20 (22 November 2022), public access to UBO registers in the EU is restricted to obliged entities and persons with a demonstrable legitimate interest. Banks therefore rely more heavily on UBO documentation provided directly by the client. Under the incoming AML Regulation (EU) 2024/1624, UBO identification will follow a harmonised 25% + 1 share ownership threshold, supplemented by control-based criteria.

Data inconsistencies and an “unconvincing” business story

Banks cross-check declared company information against public sources, corporate registries, and actual account activity. Any discrepancies (in addresses, activities, customer geography, or expected volumes) are treated as risk indicators. This is especially sensitive when the business model looks one way on paper but operates differently in practice.

Source of funds and source of wealth: common friction points

Even for operating companies, evidence of funds and capital origin remains a sensitive area. Typical red flags include:

• Lack of documents confirming initial capital sources;
• Mismatch between declared revenues and actual turnover;
• Funding via related entities without clear rationale;
• Sudden inflows without a sound commercial explanation.

In such cases, banks tend to raise the client’s risk profile and request additional evidence after account opening, which can delay transactions.

Transactional patterns that trigger monitoring

Even after a “clean” onboarding, a company’s risk profile can quickly change due to actual account activity. Banks and PSPs use automated monitoring systems that compare real transactions with the client’s expected profile. Any atypical patterns increase AML risk and trigger enhanced checks.

Unusual volumes and sudden activity spikes

A sharp increase in turnover immediately after onboarding, large transactions without an established operating history, or unstable cash flow patterns are treated as risk indicators. This is particularly sensitive where the declared business profile suggests moderate volumes, but actual activity quickly exceeds those expectations. For banks and PSPs, such discrepancies may call into question the reliability of the initial risk assessment and trigger enhanced monitoring or additional due diligence.

Structuring, splitting, and circular payments

Certain transactional patterns are classic red flags across industries - known as ‘structuring’ in US AML practice (31 U.S.C. § 5324) and as ‘smurfing’ or ‘splitting’ in EU and UK terminology. These include:

• Splitting payments into multiple small amounts;
• Repeated transfers between related accounts;
• Circular transactions with no clear commercial purpose;
• Pass-through payments with rapid fund outflows.

Even when such activity has a business rationale, without documented logic it is viewed as elevated AML risk.

Mismatch with the client profile

Transactions that do not align with the stated business model are among the most common monitoring triggers. This includes mismatches in counterparty geography, payment purposes, service types, or payment channels used. Banks care not only that a transaction is formally permissible, but that it is “expected” for that client. The greater the gap between profile and behavior, the higher the chance of freezes and inquiries.

High-risk industries and business models: why even legitimate businesses can look suspicious

For banks and PSPs, risk is assessed not only at the company level but also based on industry and monetisation model. Some sectors are inherently classified as higher risk due to historically higher fraud rates, chargebacks, and AML incidents. Even fully lawful businesses in these segments face stricter checks and ongoing monitoring.

Categories most often treated as high risk by banks and PSPs include:

• Gambling and iGaming;
• Crypto projects and virtual asset operations;
• FX/CFD, investment platforms, and brokerage services;
• Adult industry and subscription-based content;
• Money services and cross-border remittances.

Operating in these sectors is not prohibited, but it automatically raises requirements for transparency, documentation, and compliance processes.

Business models with elevated AML profiles

Even outside “classic” high-risk sectors, the operating model itself can raise the risk profile. Banks pay closer attention to:

• Receiving funds on behalf of third parties;
• Acting as an intermediary between buyers and sellers;
• Aggregating payments from many users;
• Using alternative payment methods.

These models make it harder for banks to trace the economic substance of transactions, which increases AML scrutiny.

Marketing and positioning as additional triggers

How a business presents itself on its website and in marketing materials can be a red flag. Aggressive profit claims, vague service descriptions, or gaps between public positioning and actual operations raise suspicion. Even a neutral product can be classified as high risk due to careless messaging.

Company documents and behavior: operational red flags

Even with a sound business model, operational compliance weaknesses are often the decisive factor for banks and PSPs. Financial institutions assess not only the onboarding profile, but also a company’s ability to manage AML risks in daily operations. A formally “clean” structure loses value if effective control processes are missing in practice.

Typical operational red flags include:

• AML/compliance policies with no practical implementation;
• No designated compliance owner or transaction oversight;
• Lack of basic screening of customers and counterparties;
• Weak due diligence of partners and vendors handling funds or data;
• Mismatch between contractual setup and actual fund flows;
• Fragmented or outdated internal procedures;
• No recordkeeping or basic transaction monitoring.

A separate risk factor is how a company responds to bank inquiries. Slow replies, incomplete explanations, or inconsistent information signal weak risk management. Even without breaches, this often leads to risk profile downgrades, transaction limits, or enhanced monitoring.

How to mitigate AML risks before and during onboarding

You can reduce the risk of freezes and refusals by banks and PSPs even before the first onboarding by preparing a clear company profile and basic operating processes. AML compliance is not a one-off task, but a set of practices that must work on an ongoing basis.

Before onboarding and throughout cooperation with banks and payment providers, focus on the following steps:

• Prepare a clear description of the business model, fund flows, and the company’s role in the payment chain;
• Collect documents on ownership structure, UBOs, sources of funds, and the economic substance of operations in advance;
• Implement basic AML procedures and appoint a responsible owner;
• Set up sanctions and risk screening for customers and counterparties;
• Align the contractual framework with actual fund flows;
• Establish an internal process for responding to bank and PSP inquiries;
• Regularly reassess the risk profile when geography, industry, or monetisation changes.

In practice, companies that treat AML as part of their operating model face fewer sudden account freezes and transaction limits as they scale.

Practical checklist: quick self-check before launching or scaling up

Before bank onboarding or connecting a payment provider, it is useful to run a quick internal self-check. This helps identify typical AML red flags before a bank flags them.

Make sure that:

• The ownership structure and UBOs are transparent and supported by documents;
• The business model and fund flows are clearly described and match actual operations;
• A responsible AML/compliance owner is appointed;
• Basic KYC procedures for customers and partners are in place (where applicable);
• Sanctions and risk screening of counterparties is set up;
• Operating geographies do not conflict with bank/PSP restrictions;
• The contractual framework reflects the company’s real role in the payment chain;
• Response templates and a document pack for bank requests are prepared;
• The team understands which transactions are considered higher risk.

This self-check does not replace a full AML audit, but it significantly reduces the risk of onboarding refusals and unexpected freezes as the business scales.

How Key2Law can help reduce AML risks and pass bank and PSP checks

The Key2Law team supports businesses at every stage of managing AML risks — from preparing for bank onboarding to building sustainable compliance processes as they scale. We focus on practical risk reduction and real expectations of banks and PSPs, not box-ticking paperwork.

Our experts provide comprehensive support to businesses:

• Assess AML risks in the business model and payment flows;
• Identify red flags before onboarding and address them in advance;
• Structure a clear narrative of operations and the company’s role in the payment chain;
• Prepare document packs for banks and PSPs (UBOs, SoF/SoW, risk narrative);
• Set up basic AML procedures and appoint a responsible owner;
• Configure sanctions and risk screening by counterparty and geography;
• Align the contractual framework with actual fund flows;
• Support responses to bank and regulator inquiries;
• Prepare the business for due diligence and investor reviews;
• Support expansion into new jurisdictions with AML requirements in mind.

A well-designed AML approach reduces the risk of account freezes, service refusals, and operational disruption as the business grows. Contact the Key2Law team to discuss how we can help you pass bank checks and build a resilient AML framework.