There are specific moments when an in-house MLRO is either not yet warranted, temporarily unavailable, or structurally impractical. Licence application before you have sustainable revenue. An MLRO departure leaving a statutory gap. A firm too small for a full-time appointment but requiring a qualified, accountable senior presence. These are the situations we are built for.
The person we provide takes on the role with genuine accountability. They own the programme, review the SARs, and correspond with the NCA. Not an external advisor who countersigns documents from a distance.
Named role with genuine statutory responsibility under the applicable AML legislation. Formally notified to the NCA where required. Not a figurehead appointment.
Ownership of the AML and CFT programme: policies, risk appetite, controls framework, periodic review. The compliance officer signs off on changes and keeps the programme current against regulatory developments.
Review and approval of all Suspicious Activity Reports. Submission to the relevant Financial Intelligence Unit. Documentation of the decision-making process with full audit trail.
Handling of all correspondence with the NCA in the compliance officer capacity. Preparation for and attendance at regulatory examinations. Preparation of responses to regulatory queries.
Periodic AML reporting to the board and senior management, independent of the commercial function. Includes programme status, SAR volumes, key risk indicators and regulatory developments.
Participation in risk and compliance committees. AML input into product launches, customer segment decisions and geographic expansion. Governance documentation maintained for NCA review.
Design and delivery of AML training for staff with AML responsibilities. Documented training records. Calibration of training content to your specific customer base and risk profile.
A deputy can be provided alongside the primary compliance officer where the NCA or your internal governance requires a resilience arrangement. Both roles can sit with the same engagement team.
Monitoring of regulatory developments relevant to your licence and customer base. Assessment of impact on your AML programme. Implementation of required changes before examination deadlines.
This is not a substitute for a full-time, in-house compliance function at an established regulated firm. It is for three specific situations where that model is not yet appropriate, is temporarily unavailable, or where scale does not justify it.
The NCA needs a named, qualified compliance officer before granting an EMI, PI or CASP licence. You need that person now, without committing to a permanent senior hire before your post-licence revenue justifies it. We provide the compliance officer for the application phase, through to licence grant and the first year of operation. This is the most common engagement we run for pre-licensed entities.
Your compliance officer has resigned or is leaving. The statutory gap cannot remain open. We step into the role within two weeks and maintain the function while you run a permanent recruitment process. All NCA correspondence, SAR decisions, board reporting and programme oversight continue without interruption. When your permanent hire starts, we manage the handover and exit cleanly.
You are a licensed entity with AML obligations but a caseload that does not justify a full-time compliance officer. A fractional arrangement: a defined number of days per month, agreed in writing, covering SAR review, board reporting, NCA correspondence and programme oversight. Full statutory accountability, proportionate cost.
Some NCAs require a named deputy. Others require evidence of a resilience arrangement. We can provide the deputy alongside the primary compliance officer, or as a standalone appointment where you have a functioning in-house lead who needs a named deputy for continuity purposes.
An examination is imminent and the compliance function is not examination-ready. We provide interim senior support to prepare: policy review, documentation gap assessment, staff briefing and examination attendance. A senior resource alongside the existing team, not a replacement.
MiCA requires CASPs to appoint a designated AML Compliance Officer. We provide an outsourced AMLCO for the registration process and ongoing statutory function, with specific experience in crypto customer typologies, Travel Rule and on-chain monitoring requirements.
If you are a licensed, high-volume EMI, PI or bank with a functioning compliance team, the primary compliance officer function should sit in-house. That person needs daily proximity to your operations, systems and staff. External provision for this profile creates governance risk and is unlikely to satisfy a thorough NCA examination. What we can do for established entities is provide KYC/ODD analyst teams, AML audit, or a deputy compliance officer alongside your in-house lead. If your situation is at the boundary, raise it in the scoping call and we will give you an honest answer.
EBA/GL/2021/05 permits regulated entities to outsource the compliance officer function to a third party under defined conditions. We have structured our engagement model specifically to satisfy those conditions across all EU NCAs.
The legal basis: EBA/GL/2021/05 on internal governance and EBA guidelines on ML/TF risk management permit outsourcing of the compliance officer function provided: the role holder has genuine accountability, an independent reporting line to the board is maintained, the arrangement is documented in an outsourcing agreement, and the regulated entity retains ultimate responsibility for its AML programme. Our engagements are structured to satisfy all four conditions.
The compliance officer holds the role with real statutory accountability: they own the SAR decision, they sign board reports in their own name, and they attend NCA examinations. No rubber-stamping.
The compliance officer reports directly to your board, not to the CEO or commercial function. This independence is what regulators require and what our engagement structure is designed to provide.
A written outsourcing agreement and GDPR Art. 28 DPA are signed before any work begins. The NCA can inspect the arrangement as part of your overall AML governance review at any time.
A compliance officer is not a compliance administrator. The role requires legal judgment, regulatory knowledge, and the credibility to stand behind decisions when a regulator or board asks why. Our leads have operated inside regulated institutions, not watched from the outside.
Every lead holds CAMS certification (Certified Anti-Money Laundering Specialist), the global professional standard for AML compliance practitioners.
Every engagement lead has operated inside regulated financial institutions under active NCA supervision: in EMIs, payment institutions and licensed fintechs, running live AML compliance functions with real regulatory accountability.
Our team has held compliance officer and deputy roles under supervision from CBI, MFSA, CySEC, Bank of Lithuania, DNB and others. This means we understand what each regulator looks for in an AML programme review, not just what the EBA guidelines say.
We do not offer generic compliance services. AML, KYC and financial crime compliance is the entirety of what we do. The compliance officer we provide has spent their career in this function, not rotating through broader compliance roles.
Can't find your answer? Contact us directly. We respond within one business day.
Yes. EBA/GL/2021/05 explicitly permits outsourcing of the compliance officer function to a third party. What is required is that the role holder has genuine accountability (not nominal), an independent reporting line to the board is maintained, and the arrangement is documented in a written outsourcing agreement that the NCA can inspect.
Our engagement structure is designed specifically to satisfy these conditions. We have had compliance officer engagements accepted by CBI, MFSA, CySEC, Bank of Lithuania and DNB, among others. If you have a specific concern about your NCA's approach, raise it in the scoping call.
A senior advisor will assess your situation and come back with an honest view: which engagement type fits, what it will cost, and how quickly we can be in place. No obligation.
EU-based KYC and ODD analyst teams. Operational in two weeks. Fixed monthly rate, no placement fees. Pairs with a compliance officer for a complete outsourced compliance function.
View service →Independent AML effectiveness audit and programme design for regulated firms. Written findings, risk-rated recommendations. Fixed fee agreed before engagement starts.
View service →AML programme build and KYC teams for crypto CASPs under MiCA. Travel Rule implementation, AMLCO support and pre-registration NCA preparation.
View service →For regulated financial institutions using AI in credit decisions, insurance pricing or HR screening. Classification, FRIA and cross-regulatory advisory integrated with your AML and GDPR framework.
View service →