Your AML/CFT framework is only as strong as the evidence behind it. Boards, audit committees and supervisors increasingly want independent confirmation that the controls described in your policies actually work in practice. An independent AML/CFT framework audit provides exactly that: a structured, evidence-based assessment of how your financial crime controls are designed, and whether they operate effectively, end to end.
Alsina Advisory delivers these audits as a focused, senior-led boutique. We are independent of any software vendor or remediation provider, so our findings are objective and carry weight with your board and your national competent authority. We work across the EU, rooted in the Netherlands, and frame every finding against the regulatory framework that supervises you.
What an AML/CFT framework audit covers
We assess the whole control chain, not isolated components, because regulators examine how the parts work together. A typical engagement covers six areas, scoped to your business model and risk profile.
Governance and accountability
Board and senior-management oversight, the role of the MLRO, the three lines of defence, and whether management information genuinely drives decisions.
Business-wide risk assessment
Whether your enterprise-wide AML risk assessment (the SIRA in the Netherlands) is complete, current and methodologically sound, and whether controls map to the risks you have identified.
Customer due diligence
Onboarding, CDD and EDD, beneficial ownership, PEP handling and ongoing monitoring, tested at file level against the AMLR's tightening standards.
Monitoring and screening
Transaction monitoring coverage, scenario design and tuning, alert handling, sanctions and adverse-media screening, and reporting to your FIU.
Policies, procedures and training
Whether your policy framework reflects current obligations, and whether training reaches and changes the behaviour of the people who carry the risk.
Regulatory alignment
How your framework measures against AMLD6, the incoming AMLR, the EBA Guidelines, FATF standards and your national transposition.
How the audit works
Scoping
We start with a short scoping conversation about your risk profile, regulatory context and objectives, then agree the scope, timeline and a fixed fee or day rate in writing up front.
Evidence and fieldwork
We review documentation, interview the first, second and third lines, and test real cases and system output rather than relying on self-assessment.
Assessment against the framework
We benchmark what we find against the applicable EU and national requirements and against good industry practice, rating each area on design and operating effectiveness.
Reporting
You receive a clear, prioritised report that any board member or supervisor can follow: findings, root causes, risk ratings and pragmatic recommendations.
Independent re-testing
Where you need it, we re-test remediated areas and provide independent confirmation that the gaps have been closed.
What you get
Why an independent audit
Independence is the point. An audit only reassures a board or a regulator if the people performing it have nothing to sell you afterwards. We are not a software vendor, a managed-service provider or a remediation shop, so we have no incentive to find work for ourselves.
As a senior-led boutique, your engagement is run by an experienced financial crime auditor, not handed to a bench of juniors. That means sharper findings, fewer people in your environment, and a report you can stand behind. Our work is built around the EU AML framework and recognised audit standards, so it aligns with how AMLA and your national supervisor will examine you.
Whether you need a one-off independent audit, pre-examination readiness, or a recurring assurance programme, we can usually scope and start within weeks.