AML AUDITS
for FCA Payment and Emoney Institutions
Low-cost, High Quality and collobarative
Indepedent AML Audit for UK-Authorised Payment and E-Money Firms (2025)
Financial services firms regulated under the MLRs are required to complete an independent AML audit at least annually — and your safeguarding bank or liquidity provider will also expect to see it.
AuthoriPay provides AML audits specifically for UK-authorised payment institutions, EMIs, MSBs and fintech firms. We take a “fix first, report second” approach, meaning you can correct weaknesses before the final audit report is issued — giving you a cleaner regulatory position and protecting your banking relationships.
We are members of the APCC and active leaders within the UK payments industry, giving us deep insight into how banks, auditors and supervisors assess AML effectiveness in 2025.
Who are our audits for?
Our audits are suitable for all financial services firms including:
- Payment Service and Electronic Money Firms authorised by the FCA
- Money Service Businesses regulated by HMRC for AML purposes
- Annex 1 firms registered with the FCA
- Crypto firms registered with the FCA
- EEA based Payment and Emoney Institutions
- Canadian MSBs
- MENA-based payment and emoney firms
- Small UK and EEA banks
AML Audit process
Our audits can be conducted either remotely, or onsite over the following four stages:
- Stage One: AuthoriPay will send the auditee a remote audit questionnaire (that has been designed to assess all aspects of AML/CTF regulation and compliance) which they will complete and return along with documented policies and procedures for review. AuthoriPay also ask, if possible, that the auditee provide a walk-through of their CDD procedures.
- Stage Two: AuthoriPay will review the answers and supporting documentation from the questionnaire, along with any notes that have been made during the walk-through and provide the auditee with a gap analysis report. This report will provide recommendations for improvement (if any are found) which the auditee can incorporate into its controls in order to get a higher score on the final audit report.
- Stage Three: The auditee will work through and implement any recommendations made by AuthoriPay in the gap analysis. If necessary, AuthoriPay can provide support to implement these recommendations
- Stage Four: The auditee will resubmit any documentation that has been updated to evidence that recommendations have been implemented. AuthoriPay will re-assess the documentation and produce a final report containing findings along with red, amber and green ratings.
Scope
While it’s refered to as an AML AUDIT, we cover not just AML, but also Counter-Terrorist Financing and Financial Sanctions. We focus on all aspects of compliance including:
- Customer Due Diligence (CDD, KYC, Ongoing monitoring)
- Suspicious Activity Reporting
- PEPs, Sanctions screening
- Enhanced Due Diligence
- Internal controls and governance
- Any other areas requested by your bank or the regulator such as Senior Manager Interviews.
Timescales
With regards to each stage of the process the following timescales should apply:
- Our remote AML audit is conducted in just 1 – 2 weeks.
- If you request the more expensive onsite AML audit, this will take 2-3 weeks in total, depending on the complexity of your operations. We’ll only be onsite for one day normally.
- The Initial report will then take up to one week to prepare.
Fees
Our Fees are 30% below the market rate yet our auditors are experienced, fair-minded and well regarded. We pride ourselives on providing only the highest levels of service to all our clients, whether you’re a boot-strapped startup or an establshed bank.
Other Services
AuthoriPay also offers ancillary audit services listed in the buttons below:
Get in touch
AuthoriPay Ltd, Milton Hall, Ely Road, Cambridge, CB24 6WZ.