AML inspection pack: what to prepare before a supervisor asks
Policies, files, ledgers, training, risk assessments and decision evidence in one inspection-ready view.
Executive summary
Inspection readiness is built during daily work.The pack should connect governance and client-file evidence.Version history and decision trails matter.An AML inspection pack is the structured evidence package that lets an office show how its compliance system works in practice. It should connect policies, business-wide risk assessment, training, client files, decisions, reports and remediation into one coherent story.
The most painful inspections are usually not caused by one missing document. They are caused by scattered evidence: decisions in email, training in spreadsheets, screening results in a PDF folder, policies with no version history and client files with no clear approval path.
A strong inspection pack is built continuously, not in panic. Every material decision should already be dated, attributed, versioned and tied to the client file or governance record it supports.
Who this applies to
This guide is for AMLCOs, partners, notaries, lawyers, accountants, estate agents and compliance staff who need to show a supervisor how AML controls operate in practice.
- Business-wide risk assessment
- AML policies and versions
- Training records
- Client-file samples
- Screening and UBO evidence
- STR/no-STR decisions
- Remediation and assurance checks
Legal and supervisory context
Supervisors do not only ask whether a policy exists. They ask whether the office followed it, whether staff were trained, whether files show consistent decisions and whether exceptions were escalated.
The best inspection packs are generated from live evidence. They do not require staff to search inboxes, rename PDFs or reconstruct who approved what after the fact.
What the office must actually do
The office should maintain a living inspection pack that can be exported when needed and that covers both governance-level controls and client-level proof.
- Keep policy and risk-assessment versions.
- Track training completion.
- Maintain client-file decision trails.
- Include screening, UBO and EDD evidence.
- Record STR decisions and filing acknowledgements.
- Track findings and remediation.
What good evidence looks like
A strong pack includes manifests, dates, responsible persons, ledger references, decision envelopes and exported documents that allow the supervisor to follow the story without guesswork.
Common mistakes supervisors find
- Building the pack only after the inspection letter arrives.
- Keeping key decisions in email.
- Policies without version or adoption evidence.
- Training records that do not link to rule changes.
- Client-file samples with no clear approval trail.
Practical checklist
- Maintain BWRA and policies.
- Track training.
- Keep file evidence structured.
- Ledger material decisions.
- Review assurance gaps.
- Prepare exports regularly.
- Record remediation.
- Builds inspection packs from live platform evidence.
- Links governance and client-file records.
- Includes ledger, replay and proof metadata.
- Exports manifests and supporting documents.
- Shows assurance gaps before the supervisor does.
FAQ
What should be in an AML inspection pack?
Policies, risk assessment, training, client-file samples, screening, UBO, EDD, reporting decisions and remediation evidence.
Is a PDF policy enough?
No. The office should also show adoption, training, version control and evidence that the policy was followed.
How often should the pack be reviewed?
Regularly, and after material rule, policy or risk changes. Waiting until inspection creates avoidable stress.
Official references
From knowledge to compliance
Reading is a start. Sceau turns these obligations into a workflow that runs itself and proves itself.
Book a demo