60 Must-Know CAMS Exam Concepts: A Comprehensive Study Reference

#1What is the difference between a Principal MSB and an Agent MSB in terms of AML/CFT compliance?

A Principal MSB bears primary regulatory responsibility for its AML/CFT program, including filing suspicious activity reports (SARs) and maintaining a written compliance program. Agent MSBs operate under the Principal's program but still carry obligations to follow its procedures and report anomalies. Regulators hold the Principal accountable when an Agent fails to comply.

#2Why must banks perform enhanced due diligence on check-cashing MSBs?

Check-cashing MSBs handle high volumes of currency, creating elevated money-laundering risk. Banks that provide accounts to these MSBs must verify that they maintain adequate AML controls, understand their customer base, and can explain high-volume or unusual transaction patterns. Failure to do so exposes the bank to regulatory sanctions and potential criminal liability.

#3How can a fraudulent healthcare company exploit a check-cashing MSB for laundering?

A healthcare company submitting fraudulent insurance claims receives checks that it routes through a complicit check-cashing MSB. The MSB converts the checks to cash, which is then returned to the criminal operators minus a fee. This exploits the MSB's legitimate function to integrate illicit funds into the financial system.

#4How does workers' compensation fraud intersect with MSB money laundering?

Fraudulent employers pay workers off the books, then route workers' compensation premiums through MSBs to disguise their true payroll. The MSB unwittingly processes payments that obscure the employer's fraudulent activity, making it difficult for regulators and insurers to detect the scheme.

#5Why do MSBs remain critical for unbanked and underserved populations?

MSBs provide essential financial services — remittances, check cashing, and currency exchange — to individuals who lack access to traditional banking. This includes immigrant communities, low-income populations, and people in regions with limited bank infrastructure. Eliminating MSBs would push these populations toward unregulated channels, increasing risk rather than reducing it.

#6What regulatory and institutional controls govern MSB oversight?

MSBs in the United States must register with FinCEN, implement a BSA/AML compliance program, file SARs and CTRs, and comply with state licensing requirements. They are examined by the IRS and state regulators. Internationally, similar oversight exists under FATF Recommendation 14, which requires countries to license or register MSBs and subject them to monitoring.

#7How does the Principal-Agent relationship benefit MSB market expansion?

The Principal-Agent model allows MSBs to expand geographically by appointing local agents — convenience stores, gas stations, and pharmacies — to offer financial services. The Principal maintains the compliance infrastructure while Agents provide the customer-facing touchpoints, expanding the network without requiring each location to maintain a standalone compliance program.

#8How do international criminal organizations exploit money remitters and currency exchanges?

Criminal organizations use money remitters to move drug proceeds across borders by structuring transactions below reporting thresholds or using false identifiers. Currency exchanges are exploited to convert large sums into foreign currencies, which are then wired internationally. Both methods obscure the origin of funds through layering.

#9What AML risks arise from high-volume check cashing by construction companies?

Construction companies that pay workers in cash may use check-cashing MSBs to convert payroll checks. Abnormally high volumes or checks from unfamiliar third parties are red flags for potential payroll fraud, tax evasion, or laundering of criminal proceeds through the construction sector.

#10What are the five core pillars of an AML program for a US Principal MSB?

The five pillars are: (1) Designation of a qualified compliance officer; (2) Development of internal policies, procedures, and controls; (3) Ongoing employee training; (4) Independent testing (audit) of the program; (5) Customer due diligence (CDD) including beneficial ownership identification. These mirror the requirements for banks under the BSA.

#11Why do bearer shares create elevated AML risk, and what enhanced due diligence is required?

Bearer shares are owned by whoever physically possesses the certificate, making it impossible to trace the true beneficial owner through corporate records. Money launderers use bearer shares to create shell companies with untraceable ownership. Enhanced due diligence includes requiring immobilization of bearer shares, verifying UBOs through alternative means, and applying enhanced monitoring.

#12Describe the complete cycle of a Black Market Peso Exchange (BMPE).

In a BMPE cycle: (1) A drug cartel deposits dollar proceeds with a peso broker in the US; (2) The peso broker uses the dollars to purchase goods from US exporters on behalf of Colombian importers; (3) The goods are shipped to Colombia and sold for pesos; (4) The peso broker delivers pesos to the cartel in Colombia. The cartel receives clean pesos without moving cash across borders, while the US exporter may be an unwitting participant.

#13What is "bill stuffing" in casinos, and how is it used for money laundering?

Bill stuffing involves feeding large amounts of currency into slot machines or video poker terminals with no intention of gambling. The criminal inserts dirty cash, plays minimally, and then cashes out for a casino check or ticket — effectively converting illicit cash into a seemingly legitimate payout from a licensed gaming establishment.

#14Why are bearer negotiable instruments considered high risk for money laundering?

Bearer negotiable instruments — including cashier's checks, money orders, and traveler's checks made payable to "bearer" — transfer ownership simply by physical delivery. They leave no audit trail of the person who ultimately redeems them, making them ideal for structuring, layering, and cross-border movement of illicit funds.

#15How do Benami accounts and the hawala system undermine KYC and CDD?

Benami accounts are opened in a nominee's name to conceal the true account holder's identity. Hawala is an informal value-transfer system that operates outside the formal banking system, with settlement occurring through a network of brokers rather than wire transfers. Both mechanisms bypass the KYC and CDD controls that financial institutions use to detect and report suspicious activity.

#16What are the two definitions of "beneficial owner" in AML regulations?

The first definition refers to the natural person who ultimately owns or controls 25% or more of a legal entity. The second refers to the natural person on whose behalf a transaction is being conducted. Both definitions are critical: one addresses corporate transparency, the other addresses transactional transparency.

#17What is the strategic importance of FATF-Style Regional Bodies (FSRBs), such as CFATF?

FSRBs extend the reach of FATF's AML/CFT standards to countries that are not FATF members. CFATF (Caribbean Financial Action Task Force) evaluates member jurisdictions against FATF standards through mutual evaluations. This peer-review mechanism creates diplomatic pressure for compliance and identifies vulnerabilities in regional financial systems.

#18How do bearer form instruments differ from bearer shares?

Bearer form instruments (checks, money orders payable to "bearer") are financial instruments that transfer through physical delivery. Bearer shares are equity instruments (ownership certificates) that also transfer through physical delivery. Both create anonymity, but bearer shares confer ongoing corporate ownership and control, whereas bearer instruments represent a single financial claim.

#19Why is the distinction between beneficiary and cardholder important for transaction monitoring?

A cardholder is the person whose name appears on the card, while the beneficiary is the person who ultimately receives value from a transaction. When these differ — as in corporate cards, prepaid cards, or third-party payments — monitoring systems must flag the discrepancy because it may indicate unauthorized use, structuring, or laundering through intermediaries.

#20How can criminals combine bearer instruments and Benami accounts for layering?

A criminal purchases bearer instruments (money orders, cashier's checks) using illicit cash, then deposits them into Benami accounts held in nominees' names. The funds are subsequently transferred through multiple accounts or withdrawn as clean funds. This combination obscures both the source (via bearer instruments) and the destination (via Benami accounts), creating multiple layers of obfuscation.

#21What is above-the-line and below-the-line testing in transaction monitoring rule tuning?

Above-the-line testing evaluates the alerts a monitoring system generates to determine how many are true positives (genuine suspicious activity) versus false positives. Below-the-line testing examines un-alerted transactions to find suspicious activity the system missed (false negatives). Both are essential: above-the-line testing improves precision, while below-the-line testing improves recall.

#22Why are customer-facing employees the first line of defense in AML?

Customer-facing employees — tellers, relationship managers, account officers — interact directly with customers and observe their behavior. They are best positioned to notice red flags such as unusual nervousness, reluctance to provide identification, frequent large cash transactions, or requests that make no business sense. Their observations, combined with training, form the initial filter before automated systems.

#23What is the difference between an internal whistleblower hotline and a customer activity referral?

A whistleblower hotline allows employees to report suspected internal misconduct — such as a colleague facilitating money laundering or ignoring red flags. A customer activity referral is an employee's report of suspicious customer behavior to the compliance team. Both are essential, but they address different risk vectors: insider threats versus external threats.

#24How should a compliance team respond to negative media information about a customer?

Upon discovering negative media (adverse news), the compliance team should: (1) Verify the information from multiple sources; (2) Assess its relevance to money laundering, terrorist financing, or fraud risk; (3) Review the customer's transaction history for corroborating suspicious patterns; (4) Determine whether to file a SAR, enhance monitoring, or exit the relationship; (5) Document the analysis and decision.

#25Why are both automated and manual monitoring necessary in an AML program?

Automated monitoring processes high volumes of transactions using predefined rules and thresholds, catching known patterns efficiently. Manual monitoring supplements this with human judgment to detect novel schemes, context-dependent anomalies, and behaviors that fall outside rule-based parameters. Relying on either alone creates blind spots.

#26What policies govern internal whistleblower hotlines?

Effective policies include: guarantees of anonymity or confidentiality; protection against retaliation; clear escalation procedures; defined investigation timelines; independence of the investigation team (separate from the accused's reporting chain); and regular reporting to senior management and the board on the volume and outcomes of reports.

#27How does a compliance team determine whether negative media is "financially risk-relevant"?

The team assesses whether the media report relates to predicate offenses for money laundering (fraud, corruption, tax evasion, drug trafficking), sanctions violations, or terrorist financing. Media about unrelated personal matters may not trigger AML action. The assessment should consider the credibility of the source, the specificity of allegations, and any regulatory or law-enforcement actions cited.

#28What challenges arise when implementing a standardized referral system in large organizations?

Large organizations span multiple jurisdictions, languages, and regulatory regimes. Challenges include inconsistent understanding of red flags across business lines, varying local reporting thresholds, technology fragmentation (different systems in different regions), cultural resistance to reporting colleagues, and the difficulty of maintaining consistent training across thousands of employees.

#29Why is a feedback loop between investigation and rule-tuning teams critical?

Investigators uncover patterns in confirmed suspicious activity that monitoring rules may not yet capture. Feeding this intelligence back to the rule-tuning team enables them to create new rules or adjust thresholds to catch similar future activity. Without this feedback loop, the monitoring system stagnates while criminal methods evolve.

#30How does proactive media monitoring work, and what triggers a review?

Proactive media monitoring involves systematic screening of news sources, court records, and regulatory databases against the institution's customer base. Triggers include: name matches with customers; mentions of predicate offenses; regulatory enforcement actions; PEP status changes; and sanctions designations. Screening can be automated through third-party data providers such as World-Check, Dow Jones, or LexisNexis.

#31What AML/CFT challenges arise after a bank acquisition, as illustrated by the Danske Bank case?

When a bank acquires a foreign branch or subsidiary, it inherits existing customers, processes, and risks. The Danske Bank scandal demonstrated that failure to apply the parent bank's AML standards to the acquired Estonian branch — including inadequate KYC, weak transaction monitoring, and insufficient oversight — allowed approximately €200 billion in suspicious funds to flow through the branch over nearly a decade.

#32Why is integrated IT compliance infrastructure essential across banking groups?

Fragmented IT systems create blind spots: a customer flagged in one jurisdiction may not be flagged in another, and transaction patterns across entities go undetected. Integrated infrastructure enables consolidated customer profiles, cross-entity transaction monitoring, and unified sanction screening — all essential for detecting complex, multi-jurisdictional laundering schemes.

#33How does KYC for credit risk differ from KYC for AML/CFT risk?

Credit-risk KYC focuses on the customer's ability and willingness to repay: income, assets, credit history, and debt-to-income ratios. AML/CFT KYC focuses on the customer's identity, the source of their funds, the purpose of the relationship, and whether they pose money-laundering or terrorist-financing risk. A customer may be creditworthy but still present high AML risk.

#34How do internal audit failures contribute to systemic AML governance breakdowns?

Internal audit serves as the third line of defense. When auditors lack expertise in AML, are not independent from business-line management, or conduct superficial reviews, they fail to identify control weaknesses. This creates a false sense of compliance, allowing deficiencies to persist until regulators or law enforcement discover them — often after significant harm has occurred.

#35What triggers enhanced due diligence for non-resident customer portfolios?

Non-resident portfolios are inherently higher risk because the institution has less visibility into the customer's domestic activities and regulatory environment. EDD triggers include: customers from high-risk jurisdictions, PEP status, complex ownership structures, large or frequent cross-border transactions, and negative media or adverse information.

#36Why must the AML function maintain independence from business lines?

If the AML function reports to or is influenced by revenue-generating business lines, there is an inherent conflict of interest: business leaders may pressure compliance staff to approve profitable but risky customers. Independence — typically achieved through direct reporting to the board or a board-level committee — ensures that compliance decisions are not subordinated to commercial interests.

#37How can a global organization instill a unified AML culture?

A unified AML culture requires: tone from the top (board and senior management visibly prioritizing compliance); consistent global policies adapted for local regulations; standardized training programs; incentive structures that reward compliance rather than only revenue; regular cross-jurisdictional communication; and consequences for non-compliance that are applied consistently regardless of location or seniority.

#38What is the appropriate escalation path when a foreign branch processes suspicious billions?

The branch compliance officer must immediately notify the group compliance officer or chief AML officer at the parent entity. The matter should be escalated to the board risk committee. Simultaneously, SARs must be filed with both local (branch jurisdiction) and parent-jurisdiction authorities. External legal counsel should be engaged, and the institution should consider whether to suspend or restrict the branch's operations pending investigation.

#39Why is a consistent customer risk-rating methodology important across jurisdictions?

Consistent methodology ensures that a high-risk customer is treated as high-risk regardless of which branch or subsidiary they use. Without consistency, customers can exploit differences — opening accounts in jurisdictions with lower risk ratings to avoid scrutiny. Standardization also enables meaningful aggregation and reporting of risk data at the group level.

#40What does a holistic risk view require in terms of policies, systems, and governance?

A holistic risk view requires: (1) Integrated policies that apply group-wide standards while accommodating local regulatory requirements; (2) Connected systems that share customer data, transaction records, and alert information across entities; (3) Governance structures that ensure accountability at both the local and group levels, with clear escalation paths and regular reporting to the board.

#41What is the FFIEC CDD objective regarding predicting customer transactions, and how does it relate to FATF's ongoing due diligence?

The FFIEC (Federal Financial Institutions Examination Council) requires institutions to develop customer profiles that enable them to anticipate the types and volumes of transactions a customer will conduct. This creates a baseline for detecting anomalies. FATF's ongoing due diligence complements this by requiring continuous scrutiny of transactions throughout the relationship to ensure they remain consistent with the institution's knowledge of the customer.

#42How should CDD be applied to privately held corporations to identify beneficial owners?

For privately held corporations, institutions must look beyond the registered directors and shareholders to identify the natural persons who ultimately own or control 25% or more of the entity. This requires reviewing shareholder registers, operating agreements, trust documents, and corporate structure charts. Where nominee shareholders or complex holding structures exist, the institution must trace ownership to the ultimate beneficial owners.

#43What FATF triggers require institutions to perform CDD during automated transaction monitoring?

FATF Recommendation 10 identifies triggers including: transactions above applicable thresholds; wire transfers; suspicious activity (regardless of amount); and situations where the institution doubts the adequacy or accuracy of previously obtained customer identification data. Automated systems should flag these events and route them for CDD review.

#44What is the difference between dynamic and static customer profiles?

Static profiles capture information collected at onboarding (name, address, expected activity) and are updated only during periodic reviews. Dynamic profiles are continuously updated based on actual transaction behavior, automatically adjusting risk scores as patterns change. Dynamic profiling is superior for detecting gradual changes in customer behavior that may indicate emerging risk.

#45How does FATF Recommendation 10 apply to occasional transactions, such as tourist currency exchange?

FATF Recommendation 10 requires CDD for occasional transactions above designated thresholds (typically USD/EUR 15,000, or the local equivalent). For currency exchange by tourists, if the transaction exceeds the threshold, full CDD must be performed including identity verification. Below the threshold, simplified measures may apply — but if there is suspicion of money laundering, CDD must be performed regardless of amount.

#46What is FATF's fourth CDD measure — ongoing due diligence?

FATF identifies four CDD measures: (1) Identify the customer and verify identity; (2) Identify the beneficial owner; (3) Understand the purpose and intended nature of the business relationship; (4) Conduct ongoing due diligence including scrutinizing transactions to ensure they are consistent with the institution's knowledge of the customer, their business, and risk profile. The fourth measure is critical because risk is not static.

#47What triggers a periodic review — for example, an expired passport combined with high-risk jurisdiction expansion?

Periodic reviews are triggered by: expiration of identification documents (mandating re-verification); changes in customer risk profile (e.g., expansion into high-risk jurisdictions); material changes in transaction patterns; adverse media hits; regulatory changes affecting the customer's industry; and time-based review cycles defined by the customer's risk rating.

#48Why is understanding the purpose and intended nature of the business relationship a CDD requirement?

Without understanding why a customer is establishing a relationship and what transactions they plan to conduct, the institution cannot set a meaningful baseline for monitoring. If a retail customer suddenly begins receiving large international wire transfers, the institution needs the initial baseline (purpose: personal banking, expected activity: salary deposits and domestic payments) to recognize the anomaly.

#49How should CDD responsibilities be structured in large financial institutions?

CDD responsibilities should be distributed across three lines of defense: (1) The first line (business/relationship managers) collects and verifies customer information at onboarding and during periodic reviews; (2) The second line (compliance/AML function) sets policies, provides guidance, and monitors adherence; (3) The third line (internal audit) independently assesses whether the CDD framework is effective.

#50Why is CDD considered the cornerstone of AML compliance?

CDD underpins every other AML control. Transaction monitoring is only effective if you know what "normal" looks like for a customer. Sanctions screening is only effective if you have accurately identified who the customer is. SAR filing is only meaningful if you understand the context of the activity. Without robust CDD, the entire AML program rests on a weak foundation.

#51How does FATF use peer pressure as a policy mechanism, as demonstrated in the Turkey 1996 case?

In 1996, Turkey was subject to FATF peer pressure after mutual evaluation identified significant deficiencies in its AML framework. FATF issued public statements highlighting these deficiencies, which created diplomatic and economic pressure — including the risk of being classified as non-cooperative. This pressure motivated Turkey to enact legislative reforms and strengthen its AML infrastructure.

#52What is the FATF greylist, and what are its consequences?

The FATF greylist (formally "Jurisdictions Under Increased Monitoring") identifies countries with strategic deficiencies in their AML/CFT frameworks that have committed to action plans to address them. Consequences include: heightened scrutiny by correspondent banks, increased compliance costs for businesses in graylisted countries, difficulty attracting foreign investment, and reputational damage. Countries on the greylist must demonstrate concrete progress to be removed.

#53How does FATF research emerging money-laundering trends, such as the diamond trade?

FATF conducts typologies research by convening expert working groups that analyze case studies from member jurisdictions. The diamond trade report examined how the intrinsic value, portability, and difficulty of tracing diamonds make them attractive for laundering. These reports inform updates to FATF's Recommendations and help countries develop targeted risk assessments for vulnerable sectors.

#54What was the significance of FATF's transition to an open-ended mandate in 2019?

Prior to 2019, FATF operated under time-limited mandates that required periodic renewal. The transition to an open-ended mandate signaled the international community's recognition that AML/CFT is a permanent global priority. It ensures continuity of FATF's standard-setting, mutual evaluation, and greylisting activities without the political risk of a mandate expiring.

#55What are the three core activities of FATF?

FATF's three core activities are: (1) Setting international standards (the 40 Recommendations on AML/CFT); (2) Assessing compliance through mutual evaluations and follow-up processes; (3) Identifying and responding to emerging threats through typologies research and public identification of high-risk and non-cooperative jurisdictions.

#56What are the six key elements of the FATF 40 Recommendations?

The 40 Recommendations cover: (1) AML/CFT policies and coordination (national risk assessment, inter-agency coordination); (2) Money laundering and confiscation (criminalizing ML, enabling asset forfeiture); (3) Terrorist financing and financing of proliferation; (4) Preventive measures (CDD, record-keeping, suspicious transaction reporting); (5) Transparency and beneficial ownership of legal persons and arrangements; (6) Powers and responsibilities of competent authorities (FIUs, law enforcement, supervisors).

#57How have the IMF and World Bank recognized FATF Recommendations?

In 2002, the IMF and World Bank recognized the FATF Recommendations as the international standard for combating money laundering and terrorist financing. This recognition means that FATF standards are incorporated into IMF/World Bank country assessments (Financial Sector Assessment Programs), linking AML compliance to broader economic governance and access to international development resources.

#58How do legal system conflicts with FATF standards lead to risk-based accommodations?

Countries with different legal traditions — common law, civil law, Sharia law — may find certain FATF Recommendations difficult to implement as prescribed. FATF allows risk-based accommodations: countries can achieve equivalent outcomes through alternative legal mechanisms, provided they demonstrate that the underlying objective of the Recommendation is met. This flexibility is essential for global adoption.

#59How did FATF's mission evolve with the IX Special Recommendations on Terrorist Financing?

Originally focused solely on money laundering, FATF expanded its mandate after the September 11, 2001 attacks by issuing 9 Special Recommendations on Terrorist Financing. This broadened FATF's scope to include the prevention of terrorism financing — which often involves small, legitimate-source funds rather than proceeds of crime. The Special Recommendations were eventually integrated into the revised 40 Recommendations in 2012.

#60What does a national risk assessment for the jewelry and diamond sector involve?

A national risk assessment for the jewelry/diamond sector examines: the volume and value of trade; the prevalence of cash transactions; the extent of international trade (cross-border movement of high-value portable goods); the effectiveness of existing AML controls (dealer registration, CDD compliance, reporting); and vulnerability to typologies such as trade-based laundering, under/over-invoicing, and the use of free-trade zones to obscure origin.