Corruption Mutates. So Must AML: What Payment Firms Should Learn from Networked Financial Crime
How AnyAccount Helps
At AnyAccount Ltd, we support FinTech start-ups and scaling businesses with:
Regulatory and compliance strategy
Governance frameworks for regulated firms
Authorisation and regulatory engagement support in the US, UK & EU
Operational infrastructure and control design
Accounting, finance and reporting frameworks
Scalable compliance monitoring and risk management systems
If you would rather build a business that is regulator-ready from the start — instead of retrofitting controls after the questions arrive — speak to us. We help FinTech firms put the right regulatory, operational and governance foundations in place.
The Basel Institute on Governance has published a useful piece on corruption as a “complex, adaptive system”. Its central point is simple but important: corruption is not just a collection of isolated acts by bad individuals. It is a networked system that evolves when pressure is applied to it.
That matters far beyond classic public-sector bribery. For payment firms, the same logic applies to money laundering, sanctions evasion, mule activity, fraud rings and abuse of cross-border remittance flows. Illicit actors do not politely stop when a control is introduced. They test it, route around it, and find the next weakness. Compliance, alas, is not chess against a sleepy opponent. It is chess against someone moving the board.
The Basel article describes corruption and anti-corruption as an “uninterrupted dance”, where corrupt actors are often “two steps ahead”. It also notes that enforcement can change behaviour without necessarily reducing the underlying problem. The outcome may be not less corruption, but different corruption.
For AML teams in payment companies, that is the key lesson.
From Corruption Networks to AML Networks
The article highlights how corrupt systems shift from centralised structures to more fragmented, informal and relationship-based networks. It also points to the role of professional enablers, hidden ownership, cross-border structures and service providers in what it calls a wider “kleptocratic enterprise”.
In payment firms, the equivalent risk is rarely a single suspicious transaction sitting neatly in isolation. It is usually a pattern:
multiple customers using the same device, IP address or address history
repeated payments to a shared beneficiary
rapid changes in corridor, funding source or pay-out method
linked accounts moving just below monitoring thresholds
unrelated senders showing coordinated behaviour
mule accounts clustered around common contact details or bank instruments
This is why AML in payments cannot rely only on sanctions screening, transaction thresholds and periodic customer reviews. Those controls remain essential, but they are not enough. The real risk often sits in the relationship between accounts, devices, beneficiaries, instruments and corridors.
When Controls Shift the Risk
The Basel article gives a strong example from the Port of Rotterdam. Increased inspections and surveillance aimed at drug trafficking made insider access more valuable, meaning corruption became a way to bypass stronger controls.
Payment firms see similar dynamics. Tighten one control and the risk may move elsewhere. Reduce transaction limits and laundering may fragment into smaller amounts. Block one high-risk corridor and behaviour may shift to a neighbouring route. Improve customer onboarding and abuse may move to account takeover, mule recruitment or compromised payment instruments.
The danger is mistaking displacement for success.
A payment company should therefore ask not only, “Did alerts fall?” but also, “Where did the behaviour go?” Lower alerts may mean better control effectiveness. Or it may mean the typology has migrated into a part of the system that no one is watching. A very British problem: the queue has not vanished, it has merely moved around the corner.
The AML Implications for Payment Firms
The practical takeaway is that AML frameworks need to become more adaptive. A payment firm should not treat its AML risk assessment as an annual document that gets dusted off for board approval and then returned to the cupboard.
A stronger approach would include:
regular typology reviews using live transaction and fraud data
network analysis across customers, beneficiaries, devices and funding sources
corridor-level monitoring, including shifts in volume, value and behaviour
stronger links between fraud, AML, sanctions and customer-support intelligence
review of near-miss cases, not only confirmed suspicious activity
periodic testing of monitoring rules to identify displacement effects
escalation where behaviour changes after new controls are introduced
This is where payment firms can take the Basel Institute’s argument and make it operational. If criminal networks adapt, monitoring logic must adapt. If informal relationships matter, firms need to examine behavioural links. If professional or technical enablers are part of the ecosystem, vendor and partner oversight becomes part of financial crime prevention.
Static AML Is Yesterday’s Control Framework
The Basel article argues that anti-corruption work needs to move away from linear theories of change and toward systems thinking, including mapping relationships, incentives and behavioural patterns over time.
That is equally true for payment companies. A static AML programme will eventually become a museum exhibit: well-labelled, orderly and no longer relevant to the living world outside.
The firms that do this well will be the ones that combine traditional AML controls with behavioural intelligence. They will look at how customers interact, how corridors change, how mule networks form, how fraud indicators overlap with laundering risk and how criminals respond when controls are tightened.
The message is clear enough: money laundering is not just transactional. It is networked, adaptive and opportunistic.
Payment firms should build their AML programmes accordingly.
