Developing a Compliant AML Manual in 2025: Best Practices for Regulated Firms
As we move through 2025, Anti-Money Laundering (AML) compliance remains a critical focus for investment and financial institutions regulated by the Cyprus Securities and Exchange Commission (CySEC) and the Central Bank of Cyprus (CBC). Among the most vital tools in maintaining an effective AML framework is a well-developed and actively maintained AML Manual.
The AML Manual is not just a document required for regulatory purposes — it is the foundation of an organisation’s internal controls and its frontline defence against money laundering and terrorist financing. It reflects the firm’s commitment to integrity, transparency, and regulatory alignment and must be tailored to the firm’s structure, services, and client profile.
In this article, the SALVUS Regulatory Compliance team outlines the components of an effective AML Manual and discusses best practices to be followed to ensure compliance with the applicable legislation. The article covers the following areas:
1. Regulatory Context and Legal Framework
2. Defining the AML Manual’s Purpose and Scope
3. Governance, Development, and Version Control
4. Regulatory References
5. Monitoring, Reporting, and Escalation
6. Organisational Structure and AML Roles
7. Continuous Review and Practical Implementation
We regularly share bite-sized insights on LinkedIn such as those found in this article
1. Regulatory Context and Legal Framework
For CySEC and CBC regulated firms, the AML Manual shall reflect the provisions of the Prevention and Suppression of Money Laundering and Terrorist Financing Laws of 2007 to 2025, recently updated by the Amending Law 96(I)/2025. Additionally, it shall comply with European Union (EU) Directives, Financial Action Task Force (FATF) guidance, and specific expectations set out in the CySEC and CBC AML Directive.
The manual shall show clear alignment with these frameworks, demonstrating how the firm applies its obligations in practice and adapts to legislative updates as they arise.
2. Defining the AML Manual’s Purpose and Scope
At its core, the AML Manual defines the firm’s scope, policies, procedures, roles, responsibilities, and escalation mechanisms for all matters related to AML and CFT. It applies across departments and must be fully understood by all employees. The manual shall begin by stating its purpose — to guide internal operations, ensure regulatory compliance, and provide a consistent AML control framework throughout the firm.
3. Governance, Development, and Version Control
The responsibility for developing and maintaining the AML Manual lies with the AML Compliance Officer (AMLCO). However, all updates must be reviewed and formally approved by the Board of Directors, with the approval process documented through meeting minutes.
An effective AML Manual shall include a version control register, capturing:
- the date of each amendment,
- a summary of changes,
- the person that requested the updates,
- reference to board approval.
This level of control ensures auditability, transparency, and operational discipline.
4. Regulatory References
The AML Manual must reference all relevant legislation, including among others:
- The Cyprus AML Law, with its latest amendments,
- EU directives such as the 4th, 5th and 6th AML Directives,
- Delegated Regulation (EU) 2016/1675 on high-risk third countries,
- FATF Guidelines.
It must also describe how the firm monitors legal developments and incorporates updates into the manual in a timely and structured manner.
5. Monitoring, Reporting, and Escalation
A compliant AML Manual shall clearly define how the firm monitors transactions and client activity on an ongoing basis and identifies unusual or suspicious patterns. To this end, it shall also guide employees on how they can escalate concerns to the AMLCO and prepares and submits Internal Suspicious Transaction Reports.
Procedures must be in place for documenting decisions, maintaining confidentiality, and ensuring proper retention of records.
6. Organisational Structure and AML Roles
The AML Manual shall include an up-to-date organisational chart highlighting the AMLCO and alternate AMLCO, the lines of communication between Compliance, Risk, Onboarding, and Internal Audit, as well as the escalation and decision-making hierarchy for AML matters.
This visual representation supports internal clarity and provides regulators with assurance of proper governance.
7. Continuous Review and Practical Implementation
The AML Manual shall not be treated as a static document. It requires regular review and practical application. Firms shall be in place to demonstrate how the employees maintain access to the manual and that any updates are communicated promptly.
In addition, they shall be able to showcase that procedures in the manual are actively followed and integrated into daily operations. During regulatory inspections, regulators will often compare the procedures written in the manual to those actually practiced by employees — inconsistencies can lead to fines or compliance observations.
To assist professionals in creating and maintaining an effective AML Manual, SALVUS Funds, in partnership with the Institute for Professional Excellence (IforPE), has launched a new online, self-paced course titled “Complete Guide to Prepare a Compliant AML Manual in 2025”.
This course provides practical, structured guidance for AML and Alternate AML Compliance Officers, Compliance and Risk Officers, onboarding and monitoring teams, as well as internal auditors and legal advisors.
The course explores how to build an AML Manual aligned with CySEC and CBC requirements and FATF expectations, offering examples, templates, and interactive assessment tools. It is CPD-accredited and accessible through on-demand video modules and downloadable learning materials.
Conclusion
In 2025, maintaining a compliant AML Manual is no longer a box-ticking exercise — it is a critical operational and regulatory obligation. A well-structured, up-to-date manual supports internal clarity, protects the firm from risk, and ensures readiness in the face of inspections or investigations.
With the right training and tools, professionals can transform their AML Manuals from static documents into dynamic frameworks that actively reduce exposure to financial crime.
Contact us at info@salvusfunds.comto discover how our dedicated AML/CFT experts can help enhance your establish an effective and compliance AML Manual. Westand ready to answer your questions and support you in achieving regulatory compliance.
Should you be interested to read more about AML obligations and compliance requirements please visit the following articles:
- A Practical Guide on AML Risk Assessment and Monitoring Program
- CIF Organisations, Operations & Safeguarding of Client Funds
- An effective planning ahead of a CySEC inspection
The information provided in this article is for general information purposes only. You should always seek professional advice suitable to your needs.