Zenoo
Risk operations

Most AML compliance software solves one problem and creates three

Most AML compliance software solves one problem and creates three
Zenoo's Editorial Team8 min read
Share

A lender we spoke to last year had seven AML vendors. One for document verification, one for biometrics, one for sanctions screening, two for company data across different jurisdictions, one for transaction monitoring, and one for adverse media. Every one of them worked. That was never the problem. The problem was that a single corporate onboarding touched five of those systems, and nobody owned the space between them.

That gap between tools is where compliance actually breaks. Not in the screening logic. Not in the data. In the handoffs.

If you are evaluating AML compliance software right now, you are probably being shown demos of individual capabilities that all look impressive in isolation. Here is what those demos never show you: what happens when you have to run all of them, in sequence, on a real customer, at scale, on a regulator's timeline.

What AML compliance software is actually supposed to do

AML compliance software is the set of tools a regulated business uses to detect and prevent money laundering across the customer lifecycle. In practice that means four jobs: verifying who your customer is (KYC), verifying the businesses you onboard and their ownership structures (KYB), screening everyone against sanctions, politically exposed persons (PEP), and adverse media lists, and monitoring transactions for suspicious behaviour over time.

That is the theory. Most teams do not buy one piece of software that does all four. They buy four or five separate ones, and then they discover that stitching them together is a full-time engineering and operations job that nobody budgeted for.

The Financial Action Task Force (FATF), which sets the global standard through its 40 Recommendations, does not care how many vendors you use. It cares that you have a risk-based approach that works from onboarding through ongoing monitoring. The FCA and the European Banking Authority (EBA) hold the same line. The obligation is on the outcome, not the tooling.

Fragmented tooling costs more than the licences

The licence fees for AML software are the part everyone can see on a spreadsheet. The real cost sits in the workflow.

When we benchmarked 40 onboarding workflows, the median KYB check took 3.2 hours. The fastest teams, the ones running orchestrated parallel checks instead of sequential manual ones, averaged 47 seconds. Same regulations. Same underlying data sources. Wildly different outcomes. The difference was entirely in how the tools were connected, or not connected.

Here is the pattern we see every week. An analyst pulls a company record from one provider. Copies the directors into a second tool to screen them. Waits. Exports the sanctions result as a PDF. Uploads it to the case management system. Chases the UBO data separately because the company data vendor does not resolve ownership past the first layer. By the time all of that is done, the customer has either gone quiet or gone to a competitor.

A mid-tier neobank we know lost 11 days to a single corporate onboarding. The compliance team ran checks across four providers manually, missed a sanctioned ultimate beneficial owner buried two layers deep in the ownership chain, and the deal collapsed. That is not an edge case caused by bad analysts. It is the predictable result of asking humans to be the integration layer between systems that were never designed to talk to each other.

"We didn't have a screening problem," the Head of Financial Crime at a European payments firm told us. "Every vendor gave us the right answer. We had a problem getting five right answers into one decision, fast enough to matter."

The false-positive tax nobody wants to talk about

Screening and transaction monitoring generate alerts. Most of those alerts are noise. The FCA's own estimates put the false-positive rate in transaction monitoring at around 95%. That means for every genuine signal, your analysts wade through nineteen that lead nowhere.

The average compliance analyst spends 22 minutes per alert. At 200 alerts a day, that is 73 hours of analyst time per week spent, in the main, confirming that nothing is wrong. You are paying senior, expensively trained people to close alerts that should never have reached them.

Fragmented tooling makes this worse in a specific way. When your screening tool, your monitoring tool, and your case management system do not share context, every alert arrives without the surrounding information an analyst needs to dismiss it quickly. So they go and gather that context by hand, across the same disconnected tools that created the alert. The false-positive rate is a data problem, but the time cost is an orchestration problem.

This is exactly the workflow gap Zenoo was built to close. If you are running three or more providers and your analysts are the glue holding them together, it is worth seeing how orchestration changes the arithmetic. Book a demo and run it against your own onboarding flow.

API-first infrastructure versus legacy point solutions

Here is the distinction that matters when you are comparing AML compliance software, and it is not the one most vendors lead with.

Legacy point solutions are built to be used. You log into a portal, you run a check, you read a result. They are designed around a human sitting at a screen. That is fine for one check. It falls apart when you need to run thousands of checks a day and route the results into other systems automatically.

API-first infrastructure is built to be connected. Every capability, KYB, KYC, sanctions screening, monitoring, is available as a programmatic call your systems make and consume without a human clicking through a portal. The result comes back structured, ready to feed a decision engine, a case management tool, or your own product.

The difference in practice looks like this.

Legacy point solutions API-first infrastructure
Primary interface Web portal, manual entry API calls, programmatic
Running many checks Analyst repeats the process Runs in parallel, automatically
Getting results into your systems Manual export, upload, re-key Structured data, direct integration
Adding a new check type New vendor, new integration project Additional call to the same platform
Who does the orchestration Your team, by hand The platform

The reason this matters for money laundering specifically is that criminals do not respect your integration backlog. A sanctions list updates. A company changes its ownership. An adverse media story breaks. If your infrastructure requires a person to notice, log in, and run a check, you are always behind. If it is API-first and running real-time screening, the check happens the moment the data changes.

What good actually looks like

Strip away the marketing and good AML compliance software has a few observable properties.

It unifies KYB, KYC, and AML rather than making you assemble them. When a business onboards, its ownership structure resolves, every relevant person and entity screens against sanctions, PEP, and adverse media lists, and the whole thing produces one auditable decision. Not five results in five systems that a human reconciles.

It screens in real time, not in overnight batches. Sanctions regimes change fast. FATF grey-list and black-list decisions move markets and obligations within days. Batch screening leaves a window open, and that window is exactly what a risk-based approach is meant to close.

It gives analysts context, not just alerts. An alert with the surrounding entity data, prior decisions, and risk rationale attached can be triaged in a fraction of the time an alert that arrives naked. That is how you attack the 95% false-positive burden without weakening detection.

It leaves an audit trail by default. When the FCA or your EBA-supervised regulator asks why you made a decision, the answer should be a query, not an archaeology project across seven vendor portals.

And it is honest about what it does not do. No single platform is the best in the world at every underlying data source. What matters is whether it connects the right sources and owns the workflow between them. We are the first to say orchestration is the value, not any one screening engine in isolation.

Practical guidance for evaluating AML software

When you shortlist AML compliance software, test the joins, not the parts. Ask a vendor to run a full corporate onboarding, ownership resolution through to sanctions screening on every UBO, and time it end to end. That single test surfaces more than a week of feature demos.

Ask who owns the space between checks. If the honest answer is "your team," you are buying a point solution and inheriting an integration project.

Ask how a sanctions list update propagates. If the answer involves a batch job or a manual re-run, that is your risk window.

Ask to see the audit trail for a decision made three months ago. If it takes them more than a minute to reconstruct, it will take your regulator longer.

And map the total cost honestly. The licence is the visible number. The analyst hours lost to manual reconciliation, the abandoned onboardings, the deals lost to an 11-day turnaround, those are the numbers that actually move your P&L.

Frequently asked questions

What is AML compliance software?

AML compliance software is the set of tools a regulated business uses to detect and prevent money laundering across the customer lifecycle. It covers KYC (verifying individuals), KYB (verifying businesses and their ownership), sanctions, PEP, and adverse media screening, and ongoing transaction monitoring. Good software connects these into one auditable workflow rather than leaving your team to stitch separate vendors together.

What is the difference between KYC, KYB, and AML?

KYC (Know Your Customer) verifies the identity of individual customers. KYB (Know Your Business) verifies companies and resolves their ultimate beneficial ownership. AML (Anti-Money Laundering) is the broader obligation that both feed into, including sanctions screening and transaction monitoring, and it is the standard set globally by the FATF 40 Recommendations and enforced by regulators such as the FCA and the EBA.

Why do compliance teams end up with so many AML vendors?

Because point solutions are excellent at single capabilities. Teams buy the best document verification tool, then the best sanctions screening tool, then a separate company data provider, and so on. Each works well alone. The cost surfaces later, in the manual work of moving data between them and reconciling results, which is where onboardings stall and beneficial owners get missed.

What does API-first AML compliance software mean?

It means every capability is available as a programmatic call your systems make and consume automatically, rather than a portal a human logs into. Checks run in parallel, results come back as structured data ready to feed a decision or a case, and new check types are added as calls to the same platform rather than as fresh integration projects. It is the difference between software designed to be used by a person and infrastructure designed to be connected to your product.

How does AML software reduce false positives?

The false-positive rate itself is largely a data and tuning problem, with the FCA estimating around 95% of transaction monitoring alerts are false positives. Software reduces the time cost of that burden by giving analysts full context with every alert, prior decisions, entity data, and risk rationale, so triage takes a fraction of the 22 minutes a naked alert typically demands. Unified platforms cut it further because the context already lives in one place.

Key takeaways

  • The expensive part of AML compliance is not the screening, it is the handoffs between disconnected tools that your team is forced to bridge by hand.
  • Median KYB checks took 3.2 hours in our benchmark of 40 workflows, while orchestrated parallel checks averaged 47 seconds on the same data.
  • Around 95% of transaction monitoring alerts are false positives by the FCA's own estimate, and analysts spend 22 minutes per alert, roughly 73 hours a week at 200 alerts a day.
  • API-first infrastructure is built to be connected and screen in real time, where legacy point solutions are built to be clicked through by a person.
  • Evaluate software by timing a full corporate onboarding end to end, not by watching feature demos of individual capabilities.

If you are stitching together three or more AML vendors and your analysts are the integration layer, see what unified KYB, KYC, and AML looks like against your own data. Visit zenoo.com and book a demo. 30 minutes. Your data. No slides.

Was this useful?
Share
Z

Published by

Zenoo's Editorial Team

Practical, unbiased content on KYC, AML, and compliance operations. Written by the team building tools to make compliance work better.

The compliance intelligence you actually need

Weekly insights on KYC, AML, and compliance operations. No vendor spin. No gated whitepapers. Just honest, useful guidance.

More from Zenoo Insights

22 hours per alert is too long. Cut it to 12 minutes.

One platform. 10 AI agents. 240+ check types. Live in weeks, not months.

30 minutes. Your data. No slides.