The Wwft places clear obligations on Dutch banks, payment institutions, electronic money institutions, fintechs and crypto-asset service providers: a risk-based approach, sound client due diligence, a current business-wide risk assessment (the SIRA), effective transaction monitoring, and prompt reporting of unusual transactions to FIU-Nederland. A Wwft compliance audit gives your board, your audit committee and DNB independent confirmation that these controls are not just documented, but actually operate. It is an evidence-based assessment of how your AML framework is designed and whether it works in practice.
Alsina Advisory delivers this Wwft independent audit as a focused, senior-led boutique rooted in the Netherlands. We are independent of any software vendor or remediation provider, so our findings are objective and carry weight with your board and with DNB. We know the Dutch specificities, including the duty to report unusual transactions rather than suspicious ones, and we frame every finding against the Wwft as it stands today and the EU AML package that will reshape it from 2027.
What a Wwft audit covers
We test the whole control chain, not isolated components, because DNB examines how the parts work together. A typical engagement covers six areas, scoped to your business model and risk profile.
Client due diligence
Onboarding, standard and enhanced due diligence, and ongoing monitoring, tested at file level against the Wwft's risk-based approach and your own client acceptance policy.
UBO and PEP handling
Whether ultimate beneficial owners are identified and verified to the required standard, and whether politically exposed persons trigger the right senior approval, source-of-wealth checks and enhanced monitoring.
The SIRA
Whether your systematic integrity risk analysis is complete, current and methodologically sound, and whether your controls genuinely map to the money laundering and terrorist financing risks it identifies.
Transaction monitoring
Monitoring coverage, scenario and threshold design, tuning, alert handling and case quality, tested against the typologies that apply to your products and client base.
Reporting unusual transactions
Whether unusual transactions are recognised, escalated and reported to FIU-Nederland on time, in line with the Dutch regime's reporting of ongebruikelijke transacties rather than suspicious ones.
Training and governance
Board and senior-management oversight, the role of the compliance function, the three lines of defence, and whether training reaches and changes the behaviour of the people who carry the risk.
How the audit works
Scoping
We start with a short scoping conversation about your business model, DNB supervisory context and objectives, then agree the scope, timeline and a fixed fee or day rate in writing up front.
Evidence and testing
We review your policies, SIRA and procedures, interview the first, second and third lines, and test real client files, alerts and FIU-Nederland reporting rather than relying on self-assessment.
Assessment against the Wwft
We benchmark what we find against the Wwft, DNB's published expectations and good industry practice, rating each area on design and operating effectiveness.
Reporting
You receive a clear, prioritised report that any board member or DNB examiner can follow: findings, root causes, risk ratings and pragmatic, proportionate recommendations.
Independent re-testing
Where you need it, we re-test remediated areas and provide independent confirmation that the gaps have been closed.
What you get
Why an independent Wwft audit
Independence is the point. A Wwft DNB audit only reassures a board or a supervisor if the people performing it have nothing to sell you afterwards. We are not a software vendor, a managed-service provider or a remediation shop, so we have no incentive to find work for ourselves, and our conclusions on your Dutch AML controls stand on the evidence alone.
As a senior-led boutique, your engagement is run by an experienced financial crime auditor who knows the Wwft and the Dutch regime, not handed to a bench of juniors. That means sharper findings, fewer people in your environment, and a report you can stand behind. We frame our work so it prepares you for DNB today and AMLA tomorrow, because most of the EU AML Regulation applies from 10 July 2027 and AMLA begins direct supervision of selected cross-border firms from 2028.
Whether you need a one-off Wwft independent audit, pre-examination readiness, or a recurring assurance programme, we can usually scope and start within weeks.