Speed vs scrutiny
21 Jan 2026
With payments settling in seconds and operating around the clock, traditional AML and CTF frameworks are being pushed to their limits, forcing institutions to rethink how financial crime controls operate in a real-time environment
Image: denis_rozhnovsky/stock.adobe.com
As real-time payments continue to expand across global markets, financial institutions are being forced to confront a growing operational tension: how to deliver speed and certainty while maintaining robust anti-money laundering (AML) and counter-terrorist financing (CFT) controls.
Instant payment rails operate 24/7, settle transactions within seconds and, in many cases, offer no opportunity for recall once funds have moved. While these systems promise significant efficiency gains and improved cash-flow visibility, they also place pressure on AML frameworks that were originally designed for slower, reversible, batch-based payment models.
From batch processing to instant settlement
Real-time payments represent a structural shift in how money moves through the financial system.
Unlike traditional payment methods, which are processed within defined cut-off times and settlement windows, real-time payments are continuous and immediate, enabling funds to be credited almost instantly to the recipient.
For businesses, this immediacy supports improved liquidity management, automated reconciliation and on-demand payments across supply chains, payroll and treasury operations. For financial institutions, however, it also compresses the time available to detect and intervene in potentially suspicious activity.
Historically, AML controls have relied heavily on transaction-level monitoring, with the option for post-transaction review and human intervention. In a real-time environment, those controls must operate differently.
AML controls move upstream
According to Lloyd Sebastian, vice president and segment head for global financial institutions at CIBC Mellon, the rise of real-time payments is fundamentally reshaping how AML and CFT risk is managed.
“Real-time payments are fundamentally changing AML and CFT risk management by shifting controls upstream,” Sebastian says. “There is a greater need for robust pre-validation controls at the account and client level, rather than relying primarily on transaction-level intervention after the fact.”
That shift is echoed by Rachel Whelan, APAC & MEA head of corporate cash management and global head of payments & transactional FX product management at Deutsche Bank, who says the instant nature of real-time payments has placed client experience firmly at the centre of AML design.
“The nature of real-time payments being instant and having an instant experience embedded into their usage drives the priority of ensuring that the client experience is seamless,” Whelan says.
“This is where the need for highly automated AML and CFT checks to be embedded into the experience as early as possible in the flow comes into play.”
As a result, firms are increasingly shifting towards preventative rather than in-flight checks.
“Moving to preventative rather than in-flight checks is something we are seeing more of,” Whelan adds, noting that the speed and irrevocable nature of real-time payments requires real-time detection, supported by the use of AI tools and enriched data to help identify the parties involved in transactions.
This upstream shift is designed to preserve straight-through processing (STP) and avoid reintroducing the friction that historically slowed payments and tied up liquidity.
Rather than pausing transactions mid-flow, firms are placing greater emphasis on customer risk scoring, onboarding controls and data accuracy before payments are initiated.
That does not mean transaction monitoring disappears. Sanctions screening, AML surveillance and fraud-prevention tools continue to play a critical role, but they must now function within a real-time processing environment rather than around it.
The tension between speed and control
Applying AML controls at real-time speed remains a persistent operational challenge. Identifying and flagging suspicious activity has traditionally depended on time — time to review transactions, escalate alerts and, where necessary, halt settlement.
“In a real-time payments environment, transactions must move instantly and, in some cases, cannot be recalled,” Sebastian says. “This creates a tension between speed and control that payments teams must actively manage.”
Whelan points out that this tension is compounded by the fact that many AML processes were never designed for real-time environments.
“The speed of the experience that is underpinned by the real-time payment can’t support AML and CFT requirements, due to the nature of such processes being built on legacy platforms that are based on bulk processing and, in most instances, highly manual,” she says.
To keep pace with rising volumes, firms are being forced to automate rapidly — while ensuring risk management is not compromised.
The growing use of real-time payments in cross-border contexts adds further complexity, Whelan adds, as regulatory jurisdictions do not always share the same requirements, creating inconsistencies that payments teams must navigate in real time.
False positives and operational pressure
As reliance on automation grows, so too does the challenge of false positives. To mitigate risk in faster payment environments, firms often tighten screening rules, increasing the likelihood that legitimate transactions are flagged.
Poor data quality and overly rigid rule sets can exacerbate the problem, generating high alert volumes that strain operations teams and delay genuine payments.
“Poor data quality and overly rigid rule sets increase the risk of false positives, which can undermine efficiency and strain operational resources,” Sebastian says, noting that these pressures are becoming more pronounced as real-time payment volumes grow.
Whelan agrees, particularly in the context of low-value, high-volume payments.
“False positives when dealing with smaller ticket volume throughput are a problem, as this has operational overhead and associated costs that don’t correspond to the value of the transactions,” she says.
As a result, firms are increasingly focused on “fail-fast” approaches, with greater emphasis on upfront validation and pre-processing controls to reduce reliance on traditional, manual AML methods later in the flow.
Managing alert volumes without weakening controls has become a central focus for institutions, particularly as client expectations for instant payments continue to rise.
Data quality moves to the foreground
Data quality has emerged as one of the most critical enablers of effective AML in real-time payments. While instant payment systems are capable of carrying richer data than legacy formats, inconsistent or incomplete information — particularly static client and counterparty data — can limit the effectiveness of screening tools.
The industry’s migration towards ISO 20022 messaging standards is intended to improve transparency, data consistency and interoperability across payment flows. By standardising message structures and data fields, ISO 20022 offers the potential for more accurate screening and monitoring.
However, realising those benefits depends on firms’ ability to maintain high-quality data throughout their systems.
Cross-border complexity
The challenge intensifies in cross-border payment flows, where multiple intermediaries, differing regulatory regimes and fragmented data standards can obscure visibility.
Cross-border payments are inherently higher risk from an AML perspective, exposing institutions to sanctions evasion, terrorist financing and money laundering threats.
Regulatory fragmentation across jurisdictions makes it difficult for global firms to apply consistent controls, while the speed of instant payments further compresses the time available for detection.
Correspondent banking relationships add another layer of complexity, as illicit funds can be layered across multiple institutions and jurisdictions, making transaction trails harder to follow.
Infrastructure-level distinctions
Not all parts of the financial system face the same exposure. A spokesperson for Deutsche Börse highlights that AML and CFT risks primarily concern payment systems rather than exchange trading.
“Our securities markets operate under strict rules involving identity checks, clearing processes and continuous surveillance, which significantly mitigate these risks,” the spokesperson says, pointing to independent trading surveillance mechanisms that safeguard market integrity.
The distinction underlines how rapidly evolving payment rails present a different risk profile to more established market infrastructures.
Designing AML into payment systems
In some jurisdictions, AML and sanctions oversight are increasingly being embedded directly into payment system design rather than layered on post-implementation.
From a Canadian perspective, Sebastian points to the rollout of modern, data-rich payment infrastructures that align with international standards.
Canada’s high-value payments system, Lynx, was fully implemented in 2023, replacing a legacy batch-based platform. Designed with ISO 20022 alignment, the system supports greater data inclusion and interoperability. Looking ahead, the planned Real-Time Rail, expected later this decade, will enable near-instant payments on a 24/7 basis.
“Both current and forward-looking payment infrastructures in Canada have AML and sanctions considerations embedded within their core frameworks,” Sebastian says, adding that these controls act as mitigating factors while still allowing markets to realise efficiency and liquidity benefits.
Whelan cautions, however, that embedded AML introduces a different set of risks.
“Embedded AML risk management is being looked at, but it doesn’t come without risks,” she says. “It introduces a different set of risks that arise from expectations of the parties involved, being a mixture of regulated and non-regulated entities, and not operating under the same level of AML risk management standards.”
As a result, she argues, automation and intelligence must be carefully designed to make embedded AML effective without undermining the client experience.
An operational design challenge
What is becoming increasingly clear is that AML and CFT are no longer confined to compliance functions. In a real-time payments environment, financial crime controls are shaping system architecture, data governance and operational workflows.
Automation, machine learning and real-time monitoring tools can help firms scale controls at speed, but they do not eliminate responsibility. Governance, accountability and risk ownership remain critical, particularly as decision-making becomes more technology-driven.
As instant payments continue to grow in volume and reach, AML and CFT considerations are set to play an even more central role in how payment systems are designed and operated.
Speed may be the defining feature of real-time payments — but maintaining control is proving to be the greater challenge.
Instant payment rails operate 24/7, settle transactions within seconds and, in many cases, offer no opportunity for recall once funds have moved. While these systems promise significant efficiency gains and improved cash-flow visibility, they also place pressure on AML frameworks that were originally designed for slower, reversible, batch-based payment models.
From batch processing to instant settlement
Real-time payments represent a structural shift in how money moves through the financial system.
Unlike traditional payment methods, which are processed within defined cut-off times and settlement windows, real-time payments are continuous and immediate, enabling funds to be credited almost instantly to the recipient.
For businesses, this immediacy supports improved liquidity management, automated reconciliation and on-demand payments across supply chains, payroll and treasury operations. For financial institutions, however, it also compresses the time available to detect and intervene in potentially suspicious activity.
Historically, AML controls have relied heavily on transaction-level monitoring, with the option for post-transaction review and human intervention. In a real-time environment, those controls must operate differently.
AML controls move upstream
According to Lloyd Sebastian, vice president and segment head for global financial institutions at CIBC Mellon, the rise of real-time payments is fundamentally reshaping how AML and CFT risk is managed.
“Real-time payments are fundamentally changing AML and CFT risk management by shifting controls upstream,” Sebastian says. “There is a greater need for robust pre-validation controls at the account and client level, rather than relying primarily on transaction-level intervention after the fact.”
That shift is echoed by Rachel Whelan, APAC & MEA head of corporate cash management and global head of payments & transactional FX product management at Deutsche Bank, who says the instant nature of real-time payments has placed client experience firmly at the centre of AML design.
“The nature of real-time payments being instant and having an instant experience embedded into their usage drives the priority of ensuring that the client experience is seamless,” Whelan says.
“This is where the need for highly automated AML and CFT checks to be embedded into the experience as early as possible in the flow comes into play.”
As a result, firms are increasingly shifting towards preventative rather than in-flight checks.
“Moving to preventative rather than in-flight checks is something we are seeing more of,” Whelan adds, noting that the speed and irrevocable nature of real-time payments requires real-time detection, supported by the use of AI tools and enriched data to help identify the parties involved in transactions.
This upstream shift is designed to preserve straight-through processing (STP) and avoid reintroducing the friction that historically slowed payments and tied up liquidity.
Rather than pausing transactions mid-flow, firms are placing greater emphasis on customer risk scoring, onboarding controls and data accuracy before payments are initiated.
That does not mean transaction monitoring disappears. Sanctions screening, AML surveillance and fraud-prevention tools continue to play a critical role, but they must now function within a real-time processing environment rather than around it.
The tension between speed and control
Applying AML controls at real-time speed remains a persistent operational challenge. Identifying and flagging suspicious activity has traditionally depended on time — time to review transactions, escalate alerts and, where necessary, halt settlement.
“In a real-time payments environment, transactions must move instantly and, in some cases, cannot be recalled,” Sebastian says. “This creates a tension between speed and control that payments teams must actively manage.”
Whelan points out that this tension is compounded by the fact that many AML processes were never designed for real-time environments.
“The speed of the experience that is underpinned by the real-time payment can’t support AML and CFT requirements, due to the nature of such processes being built on legacy platforms that are based on bulk processing and, in most instances, highly manual,” she says.
To keep pace with rising volumes, firms are being forced to automate rapidly — while ensuring risk management is not compromised.
The growing use of real-time payments in cross-border contexts adds further complexity, Whelan adds, as regulatory jurisdictions do not always share the same requirements, creating inconsistencies that payments teams must navigate in real time.
False positives and operational pressure
As reliance on automation grows, so too does the challenge of false positives. To mitigate risk in faster payment environments, firms often tighten screening rules, increasing the likelihood that legitimate transactions are flagged.
Poor data quality and overly rigid rule sets can exacerbate the problem, generating high alert volumes that strain operations teams and delay genuine payments.
“Poor data quality and overly rigid rule sets increase the risk of false positives, which can undermine efficiency and strain operational resources,” Sebastian says, noting that these pressures are becoming more pronounced as real-time payment volumes grow.
Whelan agrees, particularly in the context of low-value, high-volume payments.
“False positives when dealing with smaller ticket volume throughput are a problem, as this has operational overhead and associated costs that don’t correspond to the value of the transactions,” she says.
As a result, firms are increasingly focused on “fail-fast” approaches, with greater emphasis on upfront validation and pre-processing controls to reduce reliance on traditional, manual AML methods later in the flow.
Managing alert volumes without weakening controls has become a central focus for institutions, particularly as client expectations for instant payments continue to rise.
Data quality moves to the foreground
Data quality has emerged as one of the most critical enablers of effective AML in real-time payments. While instant payment systems are capable of carrying richer data than legacy formats, inconsistent or incomplete information — particularly static client and counterparty data — can limit the effectiveness of screening tools.
The industry’s migration towards ISO 20022 messaging standards is intended to improve transparency, data consistency and interoperability across payment flows. By standardising message structures and data fields, ISO 20022 offers the potential for more accurate screening and monitoring.
However, realising those benefits depends on firms’ ability to maintain high-quality data throughout their systems.
Cross-border complexity
The challenge intensifies in cross-border payment flows, where multiple intermediaries, differing regulatory regimes and fragmented data standards can obscure visibility.
Cross-border payments are inherently higher risk from an AML perspective, exposing institutions to sanctions evasion, terrorist financing and money laundering threats.
Regulatory fragmentation across jurisdictions makes it difficult for global firms to apply consistent controls, while the speed of instant payments further compresses the time available for detection.
Correspondent banking relationships add another layer of complexity, as illicit funds can be layered across multiple institutions and jurisdictions, making transaction trails harder to follow.
Infrastructure-level distinctions
Not all parts of the financial system face the same exposure. A spokesperson for Deutsche Börse highlights that AML and CFT risks primarily concern payment systems rather than exchange trading.
“Our securities markets operate under strict rules involving identity checks, clearing processes and continuous surveillance, which significantly mitigate these risks,” the spokesperson says, pointing to independent trading surveillance mechanisms that safeguard market integrity.
The distinction underlines how rapidly evolving payment rails present a different risk profile to more established market infrastructures.
Designing AML into payment systems
In some jurisdictions, AML and sanctions oversight are increasingly being embedded directly into payment system design rather than layered on post-implementation.
From a Canadian perspective, Sebastian points to the rollout of modern, data-rich payment infrastructures that align with international standards.
Canada’s high-value payments system, Lynx, was fully implemented in 2023, replacing a legacy batch-based platform. Designed with ISO 20022 alignment, the system supports greater data inclusion and interoperability. Looking ahead, the planned Real-Time Rail, expected later this decade, will enable near-instant payments on a 24/7 basis.
“Both current and forward-looking payment infrastructures in Canada have AML and sanctions considerations embedded within their core frameworks,” Sebastian says, adding that these controls act as mitigating factors while still allowing markets to realise efficiency and liquidity benefits.
Whelan cautions, however, that embedded AML introduces a different set of risks.
“Embedded AML risk management is being looked at, but it doesn’t come without risks,” she says. “It introduces a different set of risks that arise from expectations of the parties involved, being a mixture of regulated and non-regulated entities, and not operating under the same level of AML risk management standards.”
As a result, she argues, automation and intelligence must be carefully designed to make embedded AML effective without undermining the client experience.
An operational design challenge
What is becoming increasingly clear is that AML and CFT are no longer confined to compliance functions. In a real-time payments environment, financial crime controls are shaping system architecture, data governance and operational workflows.
Automation, machine learning and real-time monitoring tools can help firms scale controls at speed, but they do not eliminate responsibility. Governance, accountability and risk ownership remain critical, particularly as decision-making becomes more technology-driven.
As instant payments continue to grow in volume and reach, AML and CFT considerations are set to play an even more central role in how payment systems are designed and operated.
Speed may be the defining feature of real-time payments — but maintaining control is proving to be the greater challenge.
NO FEE, NO RISK
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times
