Executive Summary

Anti-money laundering compliance is no longer a concern only for banks and financial institutions. In the Philippines, corporations are increasingly expected to know who they deal with, understand who ultimately owns or controls their business, monitor suspicious transactions, and maintain proper records.

The Anti-Money Laundering Act of 2001, as amended, requires covered persons to adopt anti-money laundering and counter-terrorism financing controls. These include customer due diligence, beneficial ownership verification, transaction monitoring, recordkeeping, and reporting of covered and suspicious transactions to the Anti-Money Laundering Council.

Even corporations that are not directly classified as covered persons should still take AML compliance seriously. Banks, investors, counterparties, regulators, auditors, and government agencies may require proof that the company has clean ownership, lawful funds, reliable documentation, and effective internal controls.

For corporations, AML compliance is not just about avoiding penalties. It is about protecting the company from fraud, regulatory scrutiny, reputational damage, frozen accounts, delayed transactions, rejected bank applications, failed due diligence, and possible exposure to criminal or civil proceedings.

A strong AML compliance program helps a corporation show that it is transparent, well-governed, and prepared to deal with financial institutions, regulators, investors, and business partners.

What Is Anti-Money Laundering Compliance?

Anti-money laundering compliance refers to the policies, procedures, checks, and controls that help prevent a business from being used to hide, move, convert, or disguise money from unlawful activities.

Money laundering usually involves making illegal funds appear legitimate. This may happen through bank transactions, shell companies, fake contracts, nominee arrangements, suspicious investments, real estate purchases, trade transactions, digital assets, casinos, remittance channels, or other financial and commercial activities.

AML compliance helps businesses identify red flags before a transaction becomes a legal problem. It also helps companies prove that they acted responsibly if questioned by a bank, regulator, auditor, investor, or government agency.

In simple terms, AML compliance asks three basic questions:

1. Who are we dealing with?

   
   

2. Where did the money come from?

   
   

3. Does the transaction make commercial and legal sense?

   
   

For corporations, these questions should not be treated as mere paperwork. They are part of responsible corporate governance.

Why AML Compliance Matters for Corporations

Corporations can be misused for money laundering because they can hold assets, open bank accounts, issue shares, enter contracts, receive investments, transfer funds, and transact with suppliers or customers.

A corporation may be used to conceal the identity of the real owner, receive suspicious funds, layer transactions through multiple entities, or make illicit money appear as legitimate business income.

This is why regulators now pay closer attention to corporate transparency and beneficial ownership. A company must be able to identify the natural persons who ultimately own, control, or benefit from the corporation.

For business owners, AML compliance matters because banks and financial institutions often conduct strict know-your-customer and know-your-business checks.

A corporation with unclear ownership, incomplete documents, inconsistent transactions, or high-risk counterparties may face delays in opening or maintaining bank accounts.

For directors and officers, AML compliance matters because weak controls can expose the company to regulatory findings, penalties, and reputational harm. In serious cases, suspicious activity may result in account freezing, investigation, civil forfeiture, or criminal complaints.

For investors and counterparties, AML compliance matters because it affects trust. Companies with clean ownership and proper records are easier to diligence, finance, audit, and transact with.

Who Must Comply with Philippine AML Rules?

The Anti-Money Laundering Act applies directly to covered persons. These include banks, non-bank financial institutions, insurance companies, securities dealers, money service businesses, remittance companies, foreign exchange dealers, pawnshops, virtual asset service providers, casinos, and other persons or entities covered by law and regulation.

Certain designated non-financial businesses and professions may also be covered when they perform specific activities. These may include lawyers, accountants, company service providers, and persons involved in managing client money, securities, bank accounts, company formation, or buying and selling business entities, subject to the rules and exemptions under the law.

Corporations that operate in regulated sectors should confirm whether they are covered persons. This is especially important for companies engaged in lending, financing, money services, fintech, virtual assets, remittance, securities, insurance, gaming, real estate-related transactions, company services, and high-value financial activity.

Even if a corporation is not itself a covered person, it may still be affected by AML rules indirectly. Banks, payment processors, investors, suppliers, and counterparties may require the company to submit corporate documents, beneficial ownership information, source of funds documents, and explanations of unusual transactions.

This means AML compliance is both a legal requirement for covered persons and a practical business necessity for many corporations.

The Legal Framework for AML Compliance in the Philippines

The main law is Republic Act No. 9160, known as the Anti-Money Laundering Act of 2001, as amended by later laws. The AMLA created the Anti-Money Laundering Council and established the country’s framework for preventing, detecting, investigating, and prosecuting money laundering.

The AMLC is empowered to receive covered and suspicious transaction reports, investigate money laundering activities, institute civil forfeiture proceedings through the Office of the Solicitor General, seek freezing of monetary instruments or property, and coordinate with local and foreign authorities. The law also requires covered institutions to establish money laundering prevention programs and train responsible officers and personnel.

The AMLC’s Revised Implementing Rules and Regulations provide more detailed rules on covered persons, customer due diligence, reporting, recordkeeping, and compliance obligations.

The AMLC has also issued guidelines on transaction reporting and compliance submissions, including rules relevant to covered and suspicious transaction reporting.

In addition, the Securities and Exchange Commission has strengthened beneficial ownership disclosure requirements for corporations. SEC Memorandum Circular No.

15, Series of 2025 introduced revised beneficial ownership disclosure rules, effective January 1, 2026, to improve corporate transparency and help prevent the misuse of corporate vehicles for illicit activities.

Together, these rules show the direction of Philippine regulation: corporations are expected to be transparent, traceable, and accountable.

Core AML Compliance Requirements for Corporations

Customer Due Diligence

Customer due diligence, often called CDD or know-your-customer, is the process of identifying and verifying the identity of customers, clients, investors, counterparties, or beneficial owners.

For corporations, CDD may involve collecting government IDs, corporate documents, SEC registration papers, articles of incorporation, bylaws, board resolutions, tax registration, proof of address, source of funds, source of wealth, and ownership information.

CDD should not be treated as a one-time requirement. A company should update information when there are ownership changes, unusual transactions, new business lines, changes in authorized signatories, or higher-risk counterparties.

The level of review should depend on risk. A low-risk customer may require standard checks. A high-risk customer may require enhanced due diligence, including deeper review of source of funds, business background, beneficial owners, sanctions exposure, and transaction purpose.

Beneficial Ownership Identification

Beneficial ownership is one of the most important concepts in modern AML compliance.

A beneficial owner is the natural person who ultimately owns, controls, or benefits from a corporation or transaction. This matters because criminals may hide behind layers of companies, nominee shareholders, relatives, associates, or complex ownership structures.

Corporations should maintain accurate records of their beneficial owners and ensure that the information reported to the SEC, banks, and regulators is complete and consistent.

Under the SEC’s revised beneficial ownership disclosure framework, corporations are expected to identify and report individuals who ultimately own or control the entity, subject to the applicable thresholds and categories under the rules. Recent guidance on the revised rules explains that the framework is designed to align with AML and counter-terrorism financing standards and prevent misuse of corporate vehicles.

This means corporations must go beyond listing registered shareholders. They must understand who truly controls the company.

Transaction Monitoring

Transaction monitoring means reviewing transactions to identify unusual or suspicious activity.

A corporation should be alert when a transaction does not match the customer’s business profile, when funds move through unexplained channels, when payments come from unrelated third parties, or when a transaction lacks a clear commercial purpose.

Monitoring is especially important for companies dealing with large payments, cross-border transfers, high-value assets, cash-intensive activities, online payments, virtual assets, investment transactions, and frequent fund movements.

The goal is not to accuse every customer of wrongdoing. The goal is to notice patterns that require explanation, documentation, or escalation.

Covered and Suspicious Transaction Reporting

Covered persons must report covered transactions and suspicious transactions to the AMLC within the period required by law and regulation. Under AMLA, covered persons are required to report covered and suspicious transactions, and AMLC guidelines govern transaction reporting and compliance submissions.

A covered transaction generally refers to a transaction that reaches the monetary threshold set by law or regulation, while a suspicious transaction is based on warning signs, unusual behavior, lack of lawful purpose, inconsistent information, or other indicators of possible money laundering or related unlawful activity.

A suspicious transaction may be reportable even if the amount is below the covered transaction threshold.

Corporations classified as covered persons should maintain internal procedures for identifying reportable transactions, reviewing red flags, obtaining compliance approval, and submitting reports through the proper AMLC channels.

Recordkeeping

AML compliance depends on records. A corporation should keep documents showing how it identified customers, verified beneficial owners, reviewed transactions, assessed risk, and handled suspicious activity.

Records may include customer profiles, identification documents, corporate papers, contracts, invoices, payment records, transaction history, source of funds documents, board approvals, compliance reviews, and internal reports.

Proper recordkeeping helps protect the company during audits, bank reviews, regulatory inquiries, investigations, and litigation.

AML Compliance Program

Covered persons are expected to maintain a money laundering prevention program. This should include internal policies, risk assessment, customer due diligence procedures, reporting rules, recordkeeping, employee training, internal controls, and compliance oversight.

For corporations, an AML compliance program should not be copied from a template without review. The program should match the company’s business model, risk exposure, customer base, transaction volume, payment channels, and regulatory classification.

A company that handles cross-border payments has different AML risks from a purely domestic service provider. A real estate company has different risks from a lending company. A virtual asset service provider has different risks from a traditional consultancy.

The compliance program must reflect real risks, not merely satisfy a checklist.

Step-by-Step Guide: How Corporations Can Build an AML Compliance Program

Step 1: Determine Whether the Corporation Is a Covered Person

The first step is to identify whether the company falls under AMLA as a covered person.

Review the company’s primary purpose, secondary purpose, licenses, actual business activities, customer transactions, payment channels, and regulatory registrations.

A corporation may appear ordinary based on its articles of incorporation, but its actual activities may bring it closer to a regulated sector. This is common in fintech, payment processing, virtual assets, lending, financing, remittance, company services, real estate transactions, and investment-related activities.

Step 2: Conduct an AML Risk Assessment

The company should identify its specific AML risks.

This includes reviewing customer types, ownership structures, transaction amounts, payment methods, geographic exposure, cross-border activity, cash usage, online platforms, agents, intermediaries, and third-party payments.

The risk assessment should answer one practical question: where could this business be misused to move, hide, or disguise unlawful funds?

Step 3: Identify Beneficial Owners

The corporation should collect and maintain accurate beneficial ownership information.

This means identifying the natural persons who ultimately own or control the company, not merely the names appearing in the stock and transfer book.

The company should also check whether beneficial ownership information submitted to banks, the SEC, and other regulators is consistent.

Step 4: Create Written AML Policies

The company should prepare written AML policies that are clear, practical, and usable by management and staff.

The policies should explain how the company identifies customers, verifies documents, reviews transactions, escalates suspicious activity, stores records, trains personnel, and reports when required.

Policies should be tailored to the company’s risk profile. A short, clear, and properly implemented policy is better than a long manual that no one follows.

Step 5: Appoint Responsible Officers

AML compliance needs accountability.

A corporation should assign responsible officers or a compliance team to oversee AML procedures, maintain records, review high-risk transactions, coordinate with banks or regulators, and ensure that employees know what to do when they encounter red flags.

For covered persons, compliance officer appointment and reporting lines should follow applicable regulatory requirements.

Step 6: Train Employees

Employees who handle customers, payments, documents, onboarding, contracts, sales, finance, and compliance should receive AML training.

Training should be practical. Staff should learn how to spot unusual behavior, inconsistent documents, suspicious payment patterns, beneficial ownership issues, and transactions that do not match the customer’s profile.

Step 7: Monitor and Update the Program

AML compliance is not a one-time project.

The company should review its AML program regularly, especially when there are changes in law, business model, ownership, customer base, payment method, or regulatory exposure.

A company that expands into digital payments, foreign clients, or high-value transactions should update its AML controls before problems arise.

AML Red Flags Corporations Should Watch For

Corporations should be cautious when a customer or counterparty refuses to provide ownership information, insists on using nominees without explanation, gives inconsistent documents, or cannot explain the source of funds.

A transaction may also require closer review when payment is made by an unrelated third party, when funds pass through several accounts without commercial reason, when the customer wants to rush a transaction, or when the transaction value does not match the customer’s known business.

Other warning signs include complex ownership structures without clear business purpose, frequent changes in shareholders or directors, unusual cash activity, unexplained offshore entities, repeated transactions just below reporting thresholds, and counterparties connected to high-risk jurisdictions.

These red flags do not automatically prove money laundering. They mean the company should ask more questions, document the explanation, and escalate the matter when appropriate.

Risks and Penalties for Non-Compliance

AML non-compliance can have serious consequences.

Covered persons that fail to comply with AML obligations may face administrative sanctions, monetary penalties, regulatory scrutiny, and possible referral for investigation. Depending on the facts, money laundering offenses may also carry criminal penalties under AMLA.

The AMLC has authority to investigate covered transactions and money laundering activities, initiate civil forfeiture proceedings, cause the filing of criminal complaints, and seek freezing of monetary instruments or property connected to unlawful activity.

For corporations, the practical consequences can be just as damaging. Banks may close accounts, reject transactions, delay onboarding, or require enhanced due diligence. Investors may withdraw. Auditors may raise findings. Business partners may refuse to proceed. Regulators may require explanations or corrective action.

Corporations may also suffer reputational damage if they are linked to suspicious funds, fraudulent schemes, sanctions exposure, or undisclosed beneficial ownership.

In business, reputation is often the first asset damaged and the hardest one to repair.

Practical Examples

Example 1: Corporation with Unclear Beneficial Ownership

A corporation applies for a bank account. Its registered shareholders are corporations from different jurisdictions, but no natural person is clearly identified as the ultimate owner.

The bank requests beneficial ownership documents. The company cannot provide complete information. The account opening is delayed, and the bank classifies the company as high risk.

This situation could have been avoided if the company maintained accurate beneficial ownership records and supporting documents from the start.

Example 2: Large Payment from an Unrelated Third Party

A customer enters into a service contract with a Philippine corporation. However, payment comes from another company that is not a party to the contract and has no clear business relationship with the customer.

This is a red flag. The corporation should ask for an explanation, obtain supporting documents, and assess whether the transaction makes commercial sense.

Example 3: Repeated Transactions Below Reporting Thresholds

A company notices that a customer makes repeated payments in amounts that appear designed to avoid reporting thresholds.

This may indicate structuring. The company should review the transaction pattern, document its findings, and escalate the matter under its AML procedures if it is a covered person.

Example 4: Investor Cannot Explain Source of Funds

A corporation receives a proposed investment from an individual who is willing to invest a large amount but cannot explain the source of funds or provide supporting documents.

The company should not rely only on the availability of money. It should conduct due diligence before accepting the investment because unexplained funds may create legal, banking, and reputational risks.

Frequently Asked Questions

Do all corporations in the Philippines need an AML compliance program?

Not all corporations are directly covered persons under AMLA. However, many corporations should still maintain basic AML controls because banks, investors, auditors, counterparties, and regulators may require due diligence documents, beneficial ownership information, and source of funds explanations.

What is the difference between AML and KYC?

AML is the broader compliance framework designed to prevent money laundering and terrorist financing. KYC, or know-your-customer, is one part of AML. KYC focuses on identifying and verifying customers, beneficial owners, and counterparties.

What is beneficial ownership?

Beneficial ownership refers to the natural person who ultimately owns, controls, or benefits from a corporation or transaction. It is important because criminals may use corporations or nominees to hide the true owner of funds or assets.

What is a suspicious transaction?

A suspicious transaction is a transaction that appears unusual, lacks a clear lawful purpose, does not match the customer’s profile, involves inconsistent information, or shows other red flags that may suggest money laundering or related unlawful activity.

Is a covered transaction automatically suspicious?

No. A covered transaction is generally based on a monetary threshold. A suspicious transaction is based on red flags or unusual circumstances. A transaction can be covered, suspicious, both, or neither, depending on the facts.

Can AML non-compliance affect bank accounts?

Yes. Banks may delay account opening, request additional documents, reject transactions, close accounts, or subject the corporation to enhanced due diligence if AML concerns arise.

Why does AML compliance matter for beneficial ownership reporting?

Beneficial ownership reporting helps prevent the misuse of corporations to hide unlawful funds, conceal control, or disguise the true owner of assets. It also supports bank due diligence, regulatory transparency, and corporate accountability.

Call-to-Action

AML compliance is now part of responsible corporate governance. Whether your corporation is a covered person under AMLA or simply dealing with banks, investors, regulators, or high-value transactions, you should be prepared to explain your ownership, your funds, your customers, and your transactions.

Aureada CPA Law Firm can assist corporations with AML compliance review, beneficial ownership reporting, customer due diligence policies, risk assessment, corporate documentation, regulatory advisory, and response to bank or government inquiries.

If your company is unsure whether AML rules apply, or if you are facing questions about beneficial ownership, source of funds, suspicious transactions, or compliance documentation, seek legal guidance early.

A well-prepared compliance system protects not only your corporation’s legal position, but also its credibility, banking relationships, and long-term business value.