AML Programme Build — End-to-End AML Framework Design for Regulated Firms

What's Included

Everything a regulator expects to see

A compliant AML programme is not just a policy document — it is a living framework that covers governance, risk assessment, customer due diligence, transaction monitoring, and staff training. We design programmes that are proportionate to your business model and built to withstand regulatory scrutiny.

Whether you are building from scratch or remediating an existing framework, we scope each engagement individually. Everything is fixed-fee and agreed in writing before any work begins.

Initial consultation

Free

No charge, no commitment. Fixed fees agreed in writing before work begins.

Core programme deliverables

AML/CFT Policy — tailored to your products, customers and jurisdiction
Business-Wide Risk Assessment (BWRA)
Customer Risk Rating (CRR) framework and scoring model
Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) procedures
Transaction monitoring procedures and alert triage framework
SAR/STR filing procedures and escalation matrix
Staff AML training programme and materials
MLRO annual report template
Record-keeping and data retention procedures
Sanctions screening procedures

How We Work

The programme build process

01

Discovery & scoping

We review your business model, products, customer base and regulatory obligations. We identify gaps in any existing controls and scope the work required.

02

Risk assessment

We produce your Business-Wide Risk Assessment — the foundation of the entire framework — identifying your inherent risks and documenting your control environment.

03

Framework design & documentation

We draft and deliver every policy, procedure and framework document — written in plain language, practical to implement, and aligned to your regulatory obligations.

04

Review, sign-off & training

We walk through every document with you, incorporate feedback, and deliver staff training so your team can operate the programme confidently from day one.

05

Ongoing support (optional)

Regulations change. We offer retained advisory support to keep your programme current — including annual BWRA updates, regulatory change monitoring, and MLRO support.

Sectors

Who this service is designed for

🪙

VASPs & Crypto Exchanges

FCA-registered or seeking registration — we build the AML framework that satisfies UK MLR requirements and FATF expectations for virtual asset service providers.

💳

Payment Institutions

FCA-authorised payment firms, e-money institutions, and remittance businesses — proportionate AML programmes for regulated payment services.

🏦

Fintech Startups

Pre-authorisation or post-authorisation — we help fintech businesses build the compliance infrastructure needed to obtain and retain FCA authorisation.

🌍

International Firms Entering the UK

Overseas firms establishing UK operations — we design UK-compliant AML frameworks that align with your global programme while satisfying local regulatory expectations.

Why KYCifi

Built by practitioners

There is a fundamental difference between a template AML policy bought online and a framework designed by someone who has actually run these programmes inside major financial institutions.

Our founder spent over a decade managing AML operations at KPMG, Deloitte, Bank of New York and Eversheds Sutherland. Every programme we build reflects that experience — practical, regulator-ready, and built to last.

What sets our programmes apart

Designed by practitioners — not template factories
Calibrated to your actual business model and risk profile
Written in plain language — your team will understand and use them
Built to withstand FCA, HMRC, or supervisory body scrutiny
Delivered with a training session so your team is ready from day one
Fixed-fee engagement — no hourly billing, no surprises

A complete AML framework — built for your business