AMLCO annual report

How to prepare the AMLCO Annual Report in 2023

Entities authorised to provide investment, crypto-asset, and payment services are obliged to follow AML Laws and Directives and thus submit an annual AMLCO report to the regulator. The said report discusses how the policies and procedures established, prevent a company from money laundering and terrorism financing (ML/TF).

The Anti-Money Laundering Compliance Officer’s Report (AMLCO) constitutes an annual obligation for entities regulated by the Cyprus Securities and Exchange Commission (CySEC) or the Central Bank of Cyprus (CBC). The report must be submitted to the regulator the latest by the end of March of each year, referencing the company’s activities during the previous calendar year.

Within this commentary the SALVUS Regulatory Compliance team examines the following aspects of the AMLCO Annual Report:

1. Obligation, Purpose & Significance
2. Executive Summary
3. Regulatory Framework
4. Inspections of the AMLCO
5. Communication, Education & Training

We regularly share bite-sized insights on LinkedIn such as those found in this article

1. Obligation, Purpose & Significance

According to the AML Directives issued by both the CySEC and the CBC, the person responsible to prepare the report is the AMLCO. Its purpose is to inform the Board of Directors (BoD) of the effectiveness of company practices and measures applied for the prevention of ML/TF. It also presents the corrective measures decided for mitigating identified weaknesses.

The AMLCO annual report is a significant tool for the company’s BoD, regulator and auditors in assessing its level of compliance with

  • the AML/CFT Law and Directive,
  • circulars published by supervisory authorities, and
  • sanctions and restrictive measures imposed at a national and European level.

2. Executive Summary

The executive summary is a fundamental part of the report that should serve as an independent reading. It should be a maximum of two to three pages long, discussing AMLCO’s most significant findings and recommendations throughout the year. The following diagram suggests how the summary can be structured, providing key areas of discussion.

AMLCO Executive Summary

In conclusion and after presenting the key takeaways of the previous year, the AMLCO signs the report at the end of the executive summary.

3. Regulatory Framework

One of the different sections of the annual report should be dedicated to the applicable regulatory framework. A brief description should be provided regarding legislative changes that occurred or are known as upcoming on

  • Primary legislation;
    • national AML/CFT Law and European AML Directives.
  • Secondary legislation;
    • directives issued by the regulator concerning AML/CFT.

The said section should also refer to data and reports, issued by international organisations missioned to prevent ML/TF, such as the Financial Action Task Force (FATF). Furthermore, it should discuss circulars published by the regulator providing further guidance on law implementation and regulatory developments.

For each point of reference, the AMLCO should analyse if and how it affects the company’s operations and whether it has resulted in additional regulatory obligations. In this respect, any measures taken to ensure compliance must be also discussed and if no measures were taken provide the reason why.

4. Inspections of the AMLCO

A detailed description is expected of the areas examined by the AMLCO during the year, through the conduct of desk-based and onsite reviews. The AMLCO is required to elaborate further on the methodology followed during the inspections discussing:

  • the type of information and documentation requested,
  • the tests conducted to ensure the efficiency of the operations and procedures followed,
  • the variety of samples requested to be examined,
  • the adequacy of the evidence provided, and
  • the feedback and recommendations shared with the personnel.

Findings, both rectified and still pending, shall be presented for each assessment area, disclosing specific deficiencies or weaknesses identified, as well as the rectification measures and time required.

The AMLCO’s onsite and desk-based inspections in combination with the findings identified represent in our opinion, the most important part of the report. They should provide a clear picture of the company’s level of compliance and the specific actions taken to target AML/CFT deficiencies and potential threats.

5. Communication, Education & Training

From the regulator’s point of view, significant attention is given to the communication between the AMLCO and the company employees. This may concern issues that occurred, cases discussed, and clarifications requested on AML matters. Therefore, any form of communication is required to be shared through the report, as well as specific results arising from it.

Furthermore, the quality of the education and training offered by the company to the AMLCO and the personnel is of critical importance for the regulator. Detailed information on the courses and seminars attended, including specific ways employed to assess their adequacy and effectiveness is necessary for the report.

Final thoughts

In conclusion, the AMLCO Annual Report plays a pivotal role in the evaluation of an obliged entity’s compliance with the AML/CFT framework. If prepared with diligence and care it serves as a map for the Board of Directors to follow to pursue full compliance with the company’s regulatory obligations.

In this respect, professionals designated as AMLCOs in Cyprus Investment Firms (CIF), Crypto-Asset Services Providers (CASP), and Payment Services firms must know how to prepare a complete and accurate report. Additionally, members of the Board of Directors must remain aware of the information and data that need to be shared with the regulator, during the report’s review and approval.

SALVUS Funds in cooperation with the Institute for Professional Excellence (IforPE) has developed a self-study course titled – How to prepare the AMLCO Annual Report in 2023. Through this course, we share the vast experience accumulated by our Regulatory Compliance team in preparing annual reports for our regulated clients.

The course is designed to provide professionals with the necessary information to be included in the AMLCO Annual Report following regulatory requirements. Professionals who undertake this course should be in a position to prepare the relevant report adjusted to company activities performed and procedures followed.

The SALVUS Regulatory Compliance team can support CIF, CASP and other CySEC and CBC regulated entities, to fulfil their AML/CFT regulatory and reporting obligations, and prepare your Annual AMLCO Report through our Anti-Money Laundering Consulting service.

Please contact us at info@salvusfunds.com or call us at +357 7000 7898 if you require guidance on AML compliance procedures and reports or if you have questions about our AMLCO Annual Report course with IforPE.


Should you be interested to read more about Cyprus Investment Firms and Anti-Money Laundering, please visit the selected articles below:

The information provided in this article is for general information purposes only. You should always seek professional advice suitable to your needs.

Share this post