Skip to main content

AML·FT study lessons

AML for FinTech & Crypto15 free, citation-backed lessons covering every exam domain. Read on any device, no login.

Start with Lesson 01 →
  1. 01Why FinTech AML Is Different (Start Here)The same BSA/AML laws apply to fintechs, but speed, scale, and third-party rails break controls built for a slower, in-person world. Learn the mental model for this workshop — and why this is education, not legal advice.5 min read
  2. 02Are You a "Financial Institution"? MSB and Money Transmitter StatusBefore any control, answer the question everything hangs on: are you a money services business or money transmitter under 31 CFR 1010.100(ff)? Apply the functional test, learn the FinCEN registration duty, and avoid the traps that catch fintechs and crypto firms.5 min read
  3. 03The BaaS / Sponsor-Bank Model and Shared ResponsibilityIn a Banking-as-a-Service stack, the fintech owns the customer but the bank owns the BSA obligation — and gaps fall between them. Learn how a responsibility matrix and real oversight turn shared responsibility from a slogan into a control, and why "someone else owns it" is the most expensive assumption in fintech.5 min read
  4. 04Building a FinTech AML Program: The PillarsInternal controls, a designated BSA officer, training, independent testing, and risk-based CDD — the pillars are universal, but applying them at fintech speed is the challenge. Learn where each pillar breaks and how a current risk assessment ties them together.5 min read
  5. 05Digital Onboarding, CIP, and Identity VerificationApply the Customer Identification Program — collect, verify, record, list-check — to a fully automated two-minute signup. Learn documentary vs. non-documentary verification, the synthetic-identity threat, and how layered signals defend a defensible "reasonable belief" standard.5 min read
  6. 06KYC / CDD and the Beneficial Ownership RuleGo beyond identity to the risk profile that drives monitoring. Apply the CDD Rule (31 CFR 1010.230), including the 25% ownership and control prongs for business customers, plus risk-rating, EDD, and the ongoing refresh fintechs most often skip.5 min read
  7. 07Transaction Monitoring at Scale and Model RiskSee how the alert-to-SAR funnel works on high-volume, real-time rails — and where fintechs fail: loose thresholds, alert backlogs, and coverage gaps. Learn to govern your monitoring system as a model under SR 11-7 and tune it with above/below-the-line testing.5 min read
  8. 08Sanctions and OFAC Screening for FinTechsOFAC is a separate, strict-liability regime that covers everyone — and screening only the customer isn't enough. Learn to screen counterparties against the SDN and Consolidated lists, tune matching, refresh lists, and build OFAC's five-component compliance framework.5 min read
  9. 09The Travel RuleMaster the rule that follows the money: required information must travel with transmittals of $3,000 or more (31 CFR 1010.410(e)-(f)). Learn which fields travel, how the rule applies to crypto and cross-border payments, and how to build completeness checks into your pipeline.5 min read
  10. 10Virtual Currency / Crypto AMLCrypto doesn't escape the BSA. Apply FinCEN's 2019 CVC guidance to decide when a crypto business is a money transmitter, then learn how blockchain analytics trace fund provenance and how FATF Recommendations 15 and 16 set the global VASP and Travel Rule frame.5 min read
  11. 11Money Transmitter Licensing and State RegulationFinCEN registration is not a license. Learn why a nationwide money-movement fintech may need up to ~50 state licenses — with net worth, bonding, and exams — how the sponsor-bank model can avoid them, and how the MTMA and NMLS are harmonizing the patchwork.5 min read
  12. 12Fraud–AML Convergence (FRAML)Fraud and AML look at the same customers and signals, and fintech pushes them together. Learn why fraud proceeds are dirty money that often trigger a SAR, how money mules live at the seam, and how to share data and escalation without losing the reporting duty.5 min read
  13. 13SAR and CTR Obligations in a FinTechTurn detection into defensible filings. Apply the SAR rules (31 CFR 1022.320) — the $2,000 threshold, the 30-day clock, and strict confidentiality — write a narrative a detective could use, and handle CTRs and structuring wherever cash touches your ecosystem.5 min read
  14. 14Regulatory Exams and Enforcement TrendsThere's no single fintech regulator, but a web of authorities reaches you — directly and through your sponsor bank. Learn what exams test against the FFIEC manual and the recurring enforcement themes: BaaS oversight failures, CIP/CDD gaps, weak monitoring, and sanctions lapses.5 min read
  15. 15Recap and FinTech AML ChecklistTie the whole workshop into one practical, end-to-end fintech AML checklist — from status and program through onboarding, monitoring, sanctions, reporting, and exams — then find your highest-risk gaps. Education, not legal advice: confirm real decisions with qualified counsel.5 min read

Get every AML·FT lesson + the full question bank

Drop your email and we'll send new lessons and unlock the complete AML·FT practice bank.

I'll email you when AML·FT lessons drops. No spam, unsubscribe anytime.

By signing up, you agree to our Privacy Policy and Terms.

Or jump straight to AML·FT practice questions →