Welcome to the Intelect FAQ Page
Whether you are a compliance officer, business owner, or professional working in a regulated sector, navigating Anti-Money Laundering legislation, due diligence requirements, and financial crime prevention can feel complex and fast-moving. This page brings together answers to the questions we are most frequently asked, covering everything from the basics of Customer Due Diligence and Enhanced Due Diligence, through to sanctions screening, beneficial ownership, and what to do when something does not feel right about a client. Our answers are written by experienced investigators and compliance professionals, so you can trust that what you read here reflects real-world practice, not just regulatory theory. If your question is not covered below, contact us directly we are always happy to help.
Section 1: Due Diligence Fundamentals
Q: What is due diligence and why does my business need it?
Due diligence is the process of researching and verifying information about a person, company, or transaction before entering into a business relationship. For UK-regulated businesses, it is a legal requirement under the Money Laundering Regulations 2017, which mandate that firms identify who they are dealing with, assess risk, and take steps to prevent financial crime. Failing to conduct proper due diligence can result in regulatory sanctions, reputational damage, and in serious cases, criminal liability. Intelect provides investigator-led due diligence that goes beyond automated searches to uncover what the data does not show on the surface.
Q: What is the difference between Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)?
Customer Due Diligence (CDD) is the standard level of checks required when onboarding most clients, typically confirming identity, verifying the nature of the business relationship, and assessing basic risk. Enhanced Due Diligence (EDD) applies to higher-risk situations, such as Politically Exposed Persons (PEPs), clients from high-risk jurisdictions, complex ownership structures, or transactions above certain thresholds. EDD involves significantly deeper investigation, including adverse media screening, source of wealth and funds analysis, and third-party intelligence gathering. Intelect Group delivers both CDD and EDD reports, tailored to the level of risk.
Q: What triggers the need for Enhanced Due Diligence (EDD) on a client?
DD is triggered by a combination of risk indicators. Under the UK Money Laundering Regulations 2017, EDD is automatically required for Politically Exposed Persons (PEPs) and their associates, clients or transactions involving high-risk third countries, correspondent banking relationships, and situations where the client is not physically present for identification. Firms must also apply EDD where their own risk-based assessment identifies elevated risk, for example, unusually complex ownership structures, high-value transactions, or sectors known for vulnerability to financial crime.
Q: What is a Politically Exposed Person (PEP) and how does it affect client onboarding?
A Politically Exposed Person (PEP) is an individual who holds, or has held within the last 12 months, a prominent public function, such as a head of state, senior politician, judge, military official, or board member of a state-owned enterprise. Their close family members and known associates also fall within scope. PEPs present a higher risk of bribery and corruption by virtue of their position and access to public funds. Under UK regulations, any business relationship with a PEP requires senior management approval, source of wealth checks, and ongoing enhanced monitoring.
Q: What is a Suspicious Activity Report (SAR) and when must one be submitted?
A Suspicious Activity Report (SAR) is a formal disclosure made to the National Crime Agency (NCA) in the UK (or other nominated law enforcement agency, dependent on your jurisdiction) when a regulated business knows, suspects, or has reasonable grounds to suspect that a person is involved in money laundering or terrorist financing. SARs must be submitted before carrying out a transaction where possible (a “consent SAR”), and as soon as practicable in other circumstances. Failure to file a SAR when required is a criminal offence. Staff training on identifying and escalating suspicious activity is essential for compliance.
Section 2: AML Compliance & Training
Q: Which businesses in the UK are required to comply with Anti-Money Laundering (AML) regulations?
The UK Money Laundering Regulations 2017 apply to a defined range of sectors known as the “regulated sector.” These include financial institutions and banks, accountancy and audit firms, legal practices, estate agents and letting agents (since 2020), trust and company service providers, high-value dealers, and crypto-asset businesses. These businesses must have documented AML policies, conduct risk assessments, train staff, apply customer due diligence, and report suspicious activity. Supervision is currently carried out by sector-specific bodies including the FCA, HMRC, and professional associations such as the ICAEW and SRA. However, this is likely to change in 2026 with the FCA becoming the pivotal body.
Q: How often should AML training be refreshed for staff?
UK regulatory guidance requires AML training to be provided to relevant staff on a regular basis, typically interpreted as annually as a minimum, with additional training when regulations change or new risks emerge. The FCA and HMRC both emphasise that one-off training is insufficient; ongoing awareness and role-specific content are expected. Training should be documented, with completion records retained as evidence in the event of a regulatory inspection. Intelect provides CPD-certified training programmes that can be delivered online or in-person and adapted to specific sectors.
Q: What is an MLRO and what are their responsibilities?
The Money Laundering Reporting Officer (MLRO) is the designated person within a regulated business responsible for receiving internal SAR disclosures, deciding whether to submit them to the NCA, overseeing the firm’s AML compliance programme, and acting as the primary point of contact for regulators. The MLRO must be a senior individual with sufficient authority and resource to perform their role effectively. They are personally liable for failures in their oversight function. The role requires strong knowledge of current AML regulations, typologies, and reporting obligations.
Q: What is a risk-based approach to AML compliance?
A Risk-Based Approach (RBA) means calibrating the intensity of AML controls to the level of risk identified, applying more scrutiny where risk is higher and streamlined checks where risk is lower. This is the approach required by the Financial Action Task Force (FATF) and embedded in UK Money Laundering Regulations. In practice, it means conducting a firm-wide risk assessment, segmenting clients by risk category, and applying proportionate due diligence. A well-documented RBA is the foundation of a defensible compliance programme and is the primary focus of regulatory inspections.
Section 3: Investigations & Open Source Intelligence
Q: What is Open Source Intelligence (OSINT) and how is it used in due diligence?
Open Source Intelligence (OSINT) refers to the collection and analysis of information from publicly available sources, including company registries, court records, regulatory databases, news archives, social media, and web content. In due diligence, OSINT is used to verify identity, identify adverse media, map corporate structures, and surface red flags that formal databases may not capture. Intelect have trained compliance officers and investigators across the world in advanced OSINT techniques including how to use a combination of proprietary tools and specialist platforms to ensure comprehensive, legally compliant intelligence gathering.
Q: What is beneficial ownership and why does it matter for due diligence?
Beneficial ownership refers to the natural person who ultimately owns or controls a company or legal arrangement, even if registered in the name of another entity. Identifying the true beneficial owner, not just the registered director, is a core requirement of Customer Due Diligence under UK AML regulations. Complex or opaque ownership structures are a recognised red flag for money laundering. Intelect investigations include beneficial ownership mapping using company registry data, corporate intelligence, and cross-border source verification to confirm who is truly in control.
Q: What is asset tracing and when would a business need it?
Asset tracing is the investigative process of identifying, locating, and documenting assets belonging to an individual or entity, including those that may be hidden, transferred, or held in other names. It is commonly required in fraud recovery, litigation support, enforcement of court judgments, and due diligence on high-value counterparties. Intelect has conducted asset tracing assignments across multiple jurisdictions, uncovering hidden ownership structures and financial interests that were specifically designed to obscure the true picture.
Section 4: Sanctions, PEPs & Risk Screening
Q: What are financial sanctions and how do they affect UK businesses?
Financial sanctions are legal restrictions imposed by governments or international bodies prohibiting dealings with designated individuals, entities, or countries. In the UK, the Office of Financial Sanctions Implementation (OFSI) enforces sanctions under UK law. Regulated businesses are required to screen clients against the UK Consolidated List of Sanctions Targets before onboarding and on an ongoing basis. Breaching financial sanctions, even unknowingly can result in substantial civil penalties and reputational damage. Automated screening tools must be combined with human review to manage the risk of false positives and missed matches.
Q: What are the signs of money laundering that a business should watch out for?
Common red flags include clients reluctant to provide identification or explain the source of their funds; transactions that are unusually large, complex, or have no clear business rationale; payments from or to unrelated third parties; frequent cash transactions; and clients with connections to high-risk jurisdictions or sanctioned entities. Businesses should also be alert to clients seeking to use nominee structures, making sudden changes to ownership or instructions, or asking questions about reporting obligations. Staff training to recognise these typologies is a regulatory expectation and is not optional.
Section 5: Working with Intelect
Q: How is Intelect different from an automated due diligence database?
Automated databases provide speed and breadth, scanning large volumes of structured data quickly. However, they cannot interpret context, identify false positives, navigate complex or non-digitised records, or exercise the professional judgement required to translate raw data into a risk-rated assessment. Intelect is investigator led and we have specialists at our disposal as and when required. Every report combines advanced technology with experienced analytical oversight producing intelligence that is not only accurate but defensible to regulators, lawyers, and senior management. Where an algorithm flags a name match, Intelect determines whether it actually matters.