The AML Compliance Gap in Real-Time Payments

As real-time payments accelerate globally, from the UK’s Faster Payments to the EU’s Instant Payments Regulation, banks are racing to keep up. But while the rails are fast, the compliance systems riding them often aren’t. Beneath the surface of instant settlement lies a growing, under-reported risk: the widening gap between payment speed and financial crime detection.

This blog explores the tension between instant payments and transaction monitoring, and argues that compliance systems must evolve from static, rules-based setups to dynamic, risk-adaptive frameworks that meet the speed of money movement without compromising control.

The Global Shift to Real-Time Payments

According to the 2024 Prime Time for Real-Time report by ACI Worldwide, over 195 billion real-time transactions were processed globally in 2023, a 63% increase over the previous year. Europe is preparing to mandate instant credit transfers under the EU Instant Payments Regulation, requiring euro payments to settle within 10 seconds and for the service to be available at all times, including nights and weekends.

These developments are reshaping customer expectations, enabling new fraud vectors, and exposing operational gaps in legacy compliance systems.

The Regulatory Landscape Is Tightening

Regulators are responding with urgency. The UK Financial Conduct Authority (FCA) recently found that many financial firms still have inadequate AML controls, particularly when it comes to real-time risk detection. The Financial Action Task Force (FATF) has also emphasized the need for AML and CFT frameworks to evolve alongside digital transformation and faster payment networks.

However, many institutions still rely on batch-based screening and manual alert resolution. Neither approach is built for the pace of modern payments.

Criminals Don’t Wait for Batch Jobs

Instant payments have given rise to instant criminal strategies. In schemes like money muling and authorised push payment (APP) fraud, bad actors exploit the latency between payment execution and alert generation to disappear with the funds.

The UK Finance 2024 Annual Fraud Report revealed that £460 million was lost to APP scams in 2023 alone. Many of these scams exploited the lack of real-time controls and relied on instant settlement to outpace detection.

One emerging tactic is smurfing in money laundering, where large amounts of illicit funds are broken into smaller transactions to bypass thresholds. Real-time systems, without adaptive intelligence, struggle to catch this behaviour before funds exit the system.

Why Static Rule Engines Are No Longer Enough

Most legacy monitoring tools are built around:

• Pre-set thresholds and velocity checks

• Fragmented, siloed risk models

• Manual alert triage that creates backlogs

These setups lead to high false positives, poor adaptability, and failure to catch emerging threats. This is especially problematic in fast-moving or cross-border payment ecosystems.

What a Future-Ready Monitoring System Looks Like

1. Risk-Adaptive Decisioning

Compliance systems need to move from static rules to real-time behavioural analysis. Contextual intelligence can help differentiate between suspicious and legitimate activity before the transaction settles.

2. Integrated Alert Handling

Unifying screening, transaction context, and historical behaviour in one decision engine allows faster, more accurate adjudication. Leveraging automated watchlist management improves operational efficiency and risk responsiveness.

3. Cloud-Native Infrastructure

As instant payments expand globally, compliance solutions must scale dynamically. Cloud-native models enable elastic compute, continuous updates, and wide-reaching coverage. These are essential components of a real-time AML strategy.

4. Cross-System Interoperability

Effective AML requires full visibility across the customer lifecycle. From onboarding and name screening to transaction monitoring and reporting, systems must connect. The U.S. Department of the Treasury’s 2024 National Strategy for Combating Illicit Finance advocates for a holistic, technology-enabled approach to integrating compliance operations and real-time risk data.

Conclusion: Speed Without Safety Is Not Innovation

In the race to enable instant payments, financial institutions cannot afford to lag in compliance. The challenge is not just transaction speed, it is decision speed. Legacy monitoring cannot protect a real-time financial environment.

The institutions that succeed will be those that modernize their compliance infrastructure, embed real-time risk intelligence, and turn financial crime prevention into a source of resilience and trust.