Market Guide for Anti-Money Laundering

5 August 2025 - ID G00836468 - 33 min read
By Pete Redshaw
Money laundering is a highly profitable criminal enterprise, and AI tools in the wrong hands have made it both more scalable and sophisticated. Bank CIOs should use this Market Guide to understand the market trends and sample vendors in the continuing fight against illicit money movements.

Overview

Key Findings

  • In order to better combat money laundering, vendors are moving to support the shift in balance away from consumer privacy and toward enabling more sharing of crucial data.
  • Vendors are caught between banks and regulators that both wish, out of an abundance of caution, to go a little slower with deployments of GenAI, compared to the need for faster adoption to keep up with accelerating financial crime.
  • Vendors are being asked to assist a growing number of banks and public agencies that risk being overwhelmed by the increasing volume and sophistication of money laundering and — because of skills shortages with which to fight it at end users — this has led to backlogs and staff burnout.
  • Banks want to reduce the number of AML vendors they work with to simplify their technology stacks, and vendors are trying to meet this need by offering more holistic product sets (including FRAML). This shift has led to vendors with very different heritages competing in the AML market.

Recommendations

CIOs responsible for selecting and deploying AML systems at banks should:
  • Anticipate demand for IT participation in public-private partnerships (such as Article 75 of the EU’s AML Directive) that aim to allow greater sharing of data to combat financial crime. Expect requests for IT to offer resources in data science and AI, create shared utilities with public bodies, and analyze GenAI tools from AML vendors.
  • Reconcile the pros and cons of faster GenAI adoption by seeking deeper public-private partnerships that can leverage the synergies between private-sector entities (with more extensive resources in data science and AI) and public bodies (with shared utilities such as sandboxes). Vendors are most likely to have developed best practices here over the course of multiple deployments.
  • Boost the productivity, effectiveness and consistency of AML case investigation by prioritizing AI assistants and AI agents by AML vendors when selecting a new provider or working with an existing vendor.
  • Accelerate deployment and improve production support by paying deep attention to client references from vendors that can prove they have a successful record in these areas at “a bank like me.”

Strategic Planning Assumption

By 2030, 70% of AML cases will be investigated, reported and handled by machine-to-machine interactions between AI agents at banks and at regulators.1

Market Definition

Gartner defines the anti-money-laundering (AML) solutions market as the IT systems used to comply with the set of regulations, policies, and procedures designed to detect, prevent, and report those financial crimes that are associated with money laundering. Money laundering is the process used by criminals and criminal organizations to disguise illicitly obtained funds as legitimate revenue through the use of payments and funds transfers that exploit “money mules” and shell/holding companies. AML tools aim to prevent bad actors gaining benefits from their illegal activities and to combat crimes such as drug trafficking, tax evasion and human slavery.
AML is a crucial aspect of financial regulation for ensuring the integrity of the financial system and protecting it from misuse. Financial institutions are required to vet customers, monitor deposits and money movements, and to report any suspicious activity to the relevant authority. AML extends beyond financial institutions to various sectors, including real estate, casinos and even online platforms, as they can be used to facilitate money laundering. Noncompliance with AML regulations, which require banks to identify and report suspected money laundering, can result in an offending bank attracting swingeing fines (for example, see the BBC’s article, TD Bank Fined $3bn in Historic Money Laundering Settlement, for breaches of the Bank Secrecy Act [BSA] in the U.S.). AML often overlaps with counter-financing of terrorism (CFT), as both address the movements of illicit funds, but CFT is more focused on its one, specific objective.
Money laundering is the processing of criminal proceeds to disguise their illegal origin in order to legitimize the ill-gotten gains of crime. Money laundering generally involves three main steps:
  1. Placement: Introducing illegal money into the financial system (for example, depositing cash as smaller tranches into banks or purchasing assets).
  2. Layering: Moving the money around to obscure its origins, often through complex transactions, transfers between accounts or international transfers.
  3. Integration: The now “cleaned” money is reintroduced into the economy and made to look like it comes from a legitimate source (for example, investing in businesses or buying property).
Hence, AML tools work by monitoring transactions (such as deposits and transfers) and then combining the existing risk score for the customer or account with the calculated risk score for the transaction. Historically the risk score has been driven by a business rule engine (BRE) that checks the customer and the transaction against a set of predefined business rules. However, modern AML tools will often supplement the BRE with some form of machine learning (ML) model in an effort to improve accuracy and adapt to new criminal strategies, thereby reducing the number of false positives. The business rules often map to specific clauses and requirements in the appropriate AML regulations for the relevant jurisdiction. Typically, they are trying to spot events such as:
  • Unusually high or frequent movements of money (using transaction monitoring)
  • Suspicious geographic origins or destinations (using location intelligence)
  • High-risk payers and payees (using know your customer [KYC] and customer due diligence [CDD])
They will also check routinely for:
  • Sanctioned individuals and countries
  • Watchlists for suspicious individuals/companies (for example, those that have been prosecuted in criminal proceedings previously)
  • Adverse media (such as reports of ongoing investigations)
  • Politically exposed persons, aka “PEP” (for example, customers that may be more liable to blackmail)
A high-risk score for a particular case will usually prompt a case investigation to be conducted to determine if this is, in fact, a true positive (TP — yes, it is money laundering) or a false positive (FP — no, this is a legitimate transaction). In most countries, TPs must then be reported to the relevant regulatory authority.

Mandatory Features

  1. Transaction monitoring (TM): This module is capable of ingesting data for financial events in the form of deposits and transfers (both internal and external). It must have links to the payments hub (or payment systems) at the bank and also its core banking system.
  2. Decision engine (DE): This module is used to calculate risk scores and it must include a BRE and it is usually augmented by an ML model. The DE will process banking data accessed via the TM module. It will also need a set of API connectors for ingesting additional data from security systems such as device ID, location intel and behavioral biometrics. Some of these APIs will be standard off-the-shelf connectors for common systems and others will be custom-made for a specific deployment. The combination of BRE and ML is used to highlight suspected money laundering activity by calculating and then integrating the risk scores for:
    • The transaction — For example, is it an unusually large amount of money, or unusually frequent, or to/from a high-risk country that may be subject to sanctions?
    • The customer or account — For example, is this someone (or a business) that is on a watchlist, or liable to be blackmailed, or the subject of a criminal investigation/prosecution?
    • Note that the ML may be imported from the bank (if it has a preexisting model) or it may be supplied off-the-shelf by the vendor and then tuned for the specific bank it is deployed at.
  3. Case investigation (CI): Transactions highlighted by the DE as high risk need to be assessed by human case investigators. Bank staff will use the CI module to make an informed judgment about whether a particular transaction is a TP or a FP. The CI module will give access to additional data sources such as KYC, adverse media and watchlists to help make the judgment. To increase productivity and accuracy, modern case investigation modules typically include such capabilities as step-by-step automated workflow, AI assistants, agentic AI, smart allocation, triage for urgency/importance and suggestions for data source prioritization. Advanced CI will handle the simplest, most common and most certain cases entirely by machine (straight-through processing [STP]) with minimal or zero inclusion of a human analyst.
  4. Reporting: There is always a capability for generating a report (such as a suspicious activity report [SAR] for the regulator) that states the judgment with an audit trail for how that decision was determined. Modern systems will include some kind of automation or AI to prepopulate the report as much as possible.
  5. Orchestration: This applies to both data and processes. There must be a means of importing the right data, from the right systems and sources, at the right time, and then processing them in the right order. This is the “glue” that integrates the preceding four modules. Most vendors will have built their own orchestration capability, or else they will have adapted a standard business process management (BPM) tool for this specific purpose.

Common Features

  • AML is often used as an umbrella term that includes not just the mandatory features above (TM, DE, CI, reporting and orchestration), but also a host of other, often independent, systems that contribute to identifying and verifying the illicit activities associated with money laundering. These supplementary systems may already be present at the bank (in which case they must be connected) or they may be preintegrated and supplied by the main AML vendor. The AML vendor may have designed and built the supplementary system itself, or it may have acquired it, or it may have a preferred partner and “white label” this third-party solution. These supplementary systems can include:
    • Know your customer/business (KYC/KYB): A system for verifying at onboarding a customer’s identity and assessing the risks associated with their financial activities
    • Customer due diligence (CDD): An ongoing process for checking at regular and appropriate points that a customer’s financial behavior matches the profile that was captured at onboarding
    • Enhanced due diligence (EDD): A system used subsequent to CDD for a deeper assessment of high-risk customers
    • Entity resolution: A system used to match multiple records that may be linked to the same entity; especially important for unravelling complex corporate holding structures and shell companies that may be used to obscure the ultimate common source (or beneficiary) of a transaction
    • Sanction screening: A system used for checking customers, businesses and transactions to see if they are in contravention of international sanctions and watchlists (in which case the bank must not facilitate them)
    • Adverse media: A system that searches for negative information that could indicate that the customer/business may be involved in, or associated with, illicit or corrupt activities that could pose a risk to the bank
    • Politically exposed persons (PEP): A system for identifying those customers who hold high public office and, thereby, may be at greater risk of bribery, blackmail or corruption
  • AI assistant for CI: Case investigators are often new to the job and can be greatly assisted (and made more productive, accurate and consistent) if there is an AI assistant alongside to help them through the CI process. An AI assistant can help with steps and tasks such as: what is the next step (task or decision); which is the best data source to use; prepopulating the bulk of the report which has to be submitted.
  • Agentic AI: Whereas AI assistants usually augment and collaborate with human investigators and analysts, agentic AI is more often used to replace the human in a subset of CI instances. Typically, the agent is used to add rapid STP for the simplest, most common and most certain cases in the AML queue. These cases can be processed by the machine, leaving humans to focus on the more complex and more ambiguous cases. Agents can also be used to perform a triage on which cases should be prioritized (most urgent/most important) for humans, who is best equipped to deal with them (smart allocation) and calculating performance metrics.
  • Fraud detection and anti-money-laundering (FRAML): Increasingly, AML systems are sold in conjunction with fraud detection systems as “FRAML.” This may be either (i) a bundle of two separate products or (ii) an actual single instance of code. In either case, if the end user only needs one half active, the other half can lie dormant and will not be charged for on-a-usage basis until it is activated. In most cases, users will be provided with different user interfaces and can have separate queues for fraud versus AML. Both AML and fraud detection may share the basics of the TM, DE and CI modules, but they will be configured and tuned differently and use customized models and algorithms for the two distinct purposes.
  • Graph networks (visualization): In order to see the “big picture” for AML, graph network technology can be used to aggregate the data from many systems and then visualize the relationships and nodes between transactions and entities. This enables the user to see where patterns, spikes and clusters emerge for money laundering activities that otherwise are hard to see when a user is confined to the detail of a single system.
  • Managed services: Smaller banks often lack internal resources, such as data scientists, to manage all aspects of an AML platform. Hence, many vendors will augment their software with a variety of managed services. The three most common services are: (i) hosting the platform in the cloud on behalf of the client; (ii) maintaining the ML model on behalf of the client; (iii) handling case investigations on behalf of the client.
  • Third-party TM: Most vendors use their own, in-house created, TM module. So much so that the overall fraud system and the TM module often become synonymous with each other. But this is not necessarily always the case. Some banks will insist on retaining their own TM module, either built by the bank itself or acquired from a third party. In these cases, many AML systems are flexible enough to link to a third-party TM module.
  • Access to communities and exchanges: However sophisticated and powerful a fraud detection platform is, it cannot do all the work itself. Increasingly, banks are collaborating to share and exchange information about new kinds of money laundering. Such networks and exchanges may be run by the vendor, or by a consortium of banks, or by a central party such as a regulator or a central bank. Modern AML systems may benefit from interacting with such communities and exchanges.

Market Description

This Market Guide provides Gartner’s initial coverage of the AML market (see Note 1). The key elements of an AML system are the modules for (see Figure 1):
  • Transaction monitoring (including a transaction database)
  • Decision engine (for risk scoring)
  • Case investigation
  • Reporting
  • Orchestration (data ingestion and process workflow)
Figure 1: Anti-Money Laundering Overview
This figure shows the key use cases and key features for anti-money laundering software. Key use cases are deposits and money movements. They flow down into transaction monitoring and then to a decision engine. Orchestration ties all these features together with risk signals from numerous cybersecurity and other systems.
AML systems are typically procured and used by the head of compliance (sometimes the chief risk officer or the chief operating officer) at a bank. However, the bank CIO is responsible for ensuring that everything runs smoothly. They are not usually run by the fraud department or the cybersecurity department, although collaboration is increasing as barriers between these departments are being eroded gradually (see Emerging Tech: The Future of Online Fraud Prevention). Vendors also have relationships with other interested parties at banks, such as internal audit teams and the board of directors.
Although AML systems have the same set of fundamental modules as fraud detection systems (see Market Guide for Fraud Detection in Banking Payments), they are configured very differently. Vendors will configure them to use different business rules, a different ML model, different thresholds, queues, data sources, connections and access rights. However, there are obvious synergies and efficiencies that mean that banks may prefer vendors that can supply FRAML (fraud detection + AML) packages as a strategic choice for the future and avoid duplicated efforts. Like fraud detection systems, AML systems also import data from a similar set of supplementary risk signals, such as:
  • Transactional data from core banking systems (CBS) and payments systems (for deposits and money movements).
  • Cybersecurity systems, including identity verification, device ID, behavioral biometrics and location intel.
  • CRM systems for capabilities such as know your customer (KYC).
  • External sources such as sanctions and watchlists.
However, the way that vendors position and market their AML systems is aligned with the motivation for the deployment of an AML system and its primary objective, which is also very different from fraud detection. From the point of view of a bank, AML is chiefly about remaining compliant with regulations and, thereby, avoiding punitive fines. Banks are also keen, of course, to help combat crimes such as drug trafficking, tax evasion and human slavery. In this way, AML is very different from fraud detection — it is not about stopping money being stolen from the bank or its customers.
CIOs and IT leaders at banks should expect to:
  • Be consulted as part of the selection process, when compliance is procuring a new AML system, to ensure that:
    • It is compatible with the bank’s technical architecture.
    • It can perform at the level required for volume and accuracy.
  • Deploy the chosen AML system in conjunction with the vendor: integration with core banking and payments systems, integration with cybersecurity systems, configuration, supply a clean dataset, and training the ML model.
  • Maintain the AML system so that its performance is optimized (such as adding new business rules or retraining of the ML model), and ensure that its KPIs are reported to the head of compliance and other interested parties.

Market Direction

The market direction for vendors will mainly be dictated by the fact that money launderers are winning the financial crime battle, and illicit financial flows are projected to hit USD 4.5 trillion to 6 trillion by 2030.2 AI and GenAI tools mean that money launderers can:
  • Ramp up the volume of financial crime by automating the whole process and using their own AI agents.
  • Evolve their methods used on a daily basis so that they mutate in ways that are harder to detect using yesterday’s defenses.
  • Make their tactics more sophisticated (e.g., using deepfakes) so that they are more difficult to spot.
So there is more money laundering to prevent; the events are harder to spot; and the cases take longer to resolve.
The consequence is that banks, regulators and law enforcement agencies are being overwhelmed by financial crime in general and money laundering in particular. Gartner has heard from banks of numerous instances in 2025 where their case investigators are burning out under an excessive workload and the pressure to resolve it quickly. Public-sector bodies, such as financial regulators and law enforcement agencies, are in an even worse position than banks in the private sector. They struggle to recruit sufficient numbers of data scientists and forensic accountants, so their backlogs are even longer, and their effectiveness (that is, determining true positives, seizing assets, launching prosecutions) is even lower than at banks.
Such developments are forcing the vendor market to evolve in the following directions:
  • AML vendors will facilitate greater data sharing: There is a general perception across banks, regulators, vendors and law enforcement agencies that there has been an excessive regulatory focus on data privacy, and this is hindering efforts to protect lawful customers. Regulators are starting to shift the balance slightly away from consumer privacy and slightly toward enabling more sharing of crucial data. This shift is reflected in developments, such as Article 75 of the EU’s AML Directive, that are intended to allow greater sharing of data to combat financial crime. Vendors will need to adapt to this change by facilitating this sharing and monitoring its compliance with new policies.
  • AML vendors will join public-private partnerships (PPPs): The dearth of skilled talent (data scientists, AI experts, forensic accountants, etc.) — especially severe in the public sector — can be alleviated to some extent by adding and deepening the PPPs in this sector. This can foster greater collaboration and more effective sharing of limited resources for a common purpose. Vendors will engage with banks and regulators to cement their importance and relevance in terms of technology, resources and best practices.
  • AML vendors will help to foster a GenAI consensus: There is a tension between banks and regulators that wish to go a little slower with deployments of GenAI (out of an abundance of caution regarding explainability, accuracy, security and resilience) and vendors that exhort its faster adoption (to keep up with accelerating financial crime). This tension needs to be resolved, and vendors will have to abide by the policies formulated by banks. Vendors will help by actively participating in PPPs that can reconcile the pros and cons of faster GenAI adoption by leveraging synergies between private-sector entities (with more extensive resources in data science and AI) and public bodies (with shared utilities such as sandboxes). This will accelerate the formation of a “Goldilocks” consensus (not too much; not too little) around how GenAI can be used responsibly yet effectively to fight money laundering.
  • AML vendors will mitigate vulnerability: Neobanks and fintechs (those providing financial services in their own right) are generally recognized as more vulnerable to money laundering than traditional banks because their defenses are less mature and less robust, their operations are often purely digital, and their scope is global.3 Digital onboarding makes it easier to create accounts owned by fake identities, and the relative lack of staff at neobanks has made it difficult for them to investigate suspected money movements. Hence, they have been targeted by money launderers who include them in the chain of money movements as part of their efforts to disguise the ultimate origins and beneficiaries. Vendors will increasingly target these newer entrants by helping them to deploy comprehensive AML solutions that address these shortcomings.
  • AML vendors will make cryptocurrency capability a standard component of their solutions: As the AML processes and solutions at banks have matured for the most heavily used channels (such as digital payments and transfers), criminals have shifted their tactics to focus on the two extreme ends of the banking spectrum: paper checks and cryptocurrencies. This polarization reflects where criminals believe that a bank’s defenses are weakest. The fastest growth in criminal activity is around cryptocurrencies and, in particular, stablecoins that can be hosted by anonymous wallets, thereby making money laundering easier.4 Vendors will help banks upgrade their AML systems to cope with this change in tactics.
  • AML vendors will add regtech capabilities: Money laundering is a global phenomenon with a high usage of cross-border money movements to hide criminal activities. But AML regulations are almost always enacted at a national level with limited consistency, varying rigor and patchy collaboration. This situation has been exacerbated recently by global conflicts (leading to more sanctions) and changes of administration that impact regulators and central banks. The consequence is that existing AML regulations are changing rapidly — some become more rigorous, others become more lenient. Banks are having to redouble their efforts to adapt to this increased volatility and achieve compliance more quickly and reliably. Vendors will add regtech capabilities, either their own or in partnership with third parties, that can react quickly and efficiently to regain compliance.
  • AML vendors will continue to reposition themselves as “one-stop shops” for financial crime: Over many years, banks have accreted a set of “best-of-breed” solutions for cybersecurity, KYC and AML that are individually good but poorly integrated. In response, vendors are incorporating all financial crime capabilities in one platform. Money launderers can exploit the gaps between existing, disparate systems. Banks struggle to spot this activity because their data is siloed, and that makes it hard to see the “big picture.” Banks have recognized this problem, and their strategy is to consolidate on fewer vendors for more solutions. Their assumption is that buying more solutions from the same vendor will ensure better integration. Banks often ask which AML solutions the core banking system of the payment hub is certified to work with, as there can be preconfigured integration that helps here. The corresponding shift is that vendors will continue on their journey to converge on a holistic product set so that they can act as a “one-stop shop” for all things connected to financial crime.

Market Analysis

Vendors of AML systems are differentiating themselves from rivals in the following ways:
  • GenAI progress: Since the middle of 2023, AML vendors have made rapid progress with deployments of GenAI technology (especially AI assistants and AI agents) at many banks. At least 25% of AML vendors now supply some sort of GenAI capability. Prior to that, the usage of GenAI was very rare or even nonexistent at many banks. The past two years have seen an astonishingly fast evolution, which has led to the tension already described about the speed of adoption between banks (go slower) and vendors (go faster). The two most popular use cases for GenAI within AML are (i) to detect anomalous events and behavior and (ii) to assist (or even replace, for the simplest cases) analysts with case investigations.

    Vendors have gained traction by adding pragmatic use cases for GenAI that are both feasible (they can actually build the software for this use case) and valuable (it makes a positive impact on the bank’s bottom line). These are the criteria that form the two axes in Gartner’s evaluation of GenAI use cases for banking and the “sweet spot” where use cases are both feasible and valuable. See Generative AI Use-Case Comparison for Banking. The FS Leaders’ Priorities and AI Survey for 1Q25 shows that banks’ adoption of GenAI confirms these expectations — 22% of banks have already deployed GenAI for anomaly detection in transactions, and 16% have used GenAI to implement fraud assistants (that is, to assist case investigators). It is also being used for KYC assistants (6% live), AML reporting (5%) and regulatory compliance (3%). The low percentage for reporting is perhaps because GenAI may be overkill for the prepopulation of AML reports like SARs — more conventional AI, or even RPA, can be used in this context.
  • Productivity (case investigations): To help reduce the burden on human case investigators, vendors are adding a number of features that can increase productivity, effectiveness and consistency in case investigations. Standard automation has a big part to play here, but more progressive vendors are also adding GenAI for case investigations. GenAI deployments are less controversial here because (i) they are not customer-facing and (ii) they are more explainable as they do not rely on any black-box techniques.
    • AI assistants can help to guide a human analyst through the sequence of steps for an investigation, making suggestions about which step to take next, which aspects to investigate and which data source to prioritize. This makes investigations both quicker and more consistent.
    • AI agents can automate the triage process (determining which cases are the most urgent or important), automate case allocation (sending it to the best person for the job), add straight-through processing (STP) capabilities and prepopulate reports at the end of an investigation.
  • Preemptive detection: Vendor moves to help increase the productivity of case investigators is good, but it is reactive and only addresses the actual instances of money laundering. Essentially, it’s like a game of “Whack-a-Mole” where you are eliminating the results of crimes faster and more accurately. Banks would prefer to eliminate the causes of money laundering (the central bad actors), much earlier in the life cycle, rather than the symptoms of money laundering (mules that assist specific money laundering transactions). Advanced vendors that can spot early indicators of potential money laundering, using preemptive detection techniques, will help banks be much more effective and efficient. Preemptive detection is the equivalent of finding a software bug at the unit-test stage rather than at system test or at user acceptance test. Key abilities here may include:
    • Spotting the presence and activation of dormant money mule accounts (especially those that have been created synthetically).
    • “Green-flagging” of behavior that is atypical but legitimate (for example, after events such as purchase of a new home, sale of a car, preparations for a wedding, etc.)
    • Detection of deepfakes and phishing attacks.
    • Large transaction models (LTMs) that try to predict the likely money movements for a customer and then compare that predicted set with what actually happens (is it in or out of pattern?). LTMs can be used to make these kinds of predictions, but they can also be used as an input to a positive feedback loop that helps to retrain the ML model.
  • Digital twins: The most advanced vendors are supplying digital twins (DTs) for financial crime compliance now that banks have at long last embraced DTs. A digital twin is a virtual representation of a physical object or system. Digital twins provide a detailed, real-time model of a physical asset, allowing for simulation, analysis and prediction of its behavior. For many years, the value of DTs for this industry was unclear but this attitude has now changed (see Predicts 2025: Bank CIOs Embrace Machine Customers, Digital Twins and Digital Currencies), but by applying them to systems, processes and people, DTs are being used to reduce false positives (often at 90% or higher for manual processes), optimize costs and improve efficiency. For instance, DTs can help raise levels of STP where financial crime is assessed, investigated and resolved by machine only. But DTs can also be used to capture and preserve human expertise, and they need experienced case investigators to train a DT. This is known as “human in the loop.”
  • ML training approach: Most of the more progressive vendors now use a hybrid of both supervised and unsupervised training approaches for machine learning to optimize both detection and accuracy. The most advanced will add self-supervised to the mix. In the past, all training of ML models was done using the supervised approach that depends on a large dataset of transactions that are definitively labeled as money laundering or not-money laundering. This approach is good for accuracy, but it suffers from being backward-looking, and it does not take into account the rapid mutation of money laundering tactics. The alternative approach is unsupervised, which uses new data that is unlabelled. It has to learn the patterns and relationships for anomalies and clustering. It is better at spotting new kinds of money laundering, but it may be less accurate, such as generating more false positives. There is also a third approach, self-supervised, that uses the raw data to generate the new labels (see Hype Cycle for Fraud and Financial Crime Prevention, 2025).
  • Autosuggest: Some vendors have now added the capability for their system to proactively suggest changes or additions to the ML features or the business rules. This autosuggest capability has been driven by the rate of change in financial crime attack types. To keep up with the money laundering variations, ML models need to be retrained weekly, or even daily, based on the most recent transactional and behavioral data. This cadence is too fast and frequent for human data scientists to keep up on their own. Humans need the system to suggest possible changes. They then test those changes (using “A vs. B” or “Champion vs. Challenger” testing utilities); see if they make a positive improvement to performance; and deploy them quickly at the touch of a button.
  • Heritage: Vendors positioning themselves as a “one-stop shop” for all things related to financial crime (AML, fraud, cybersecurity) is a dominant trend in this market, but not all vendors are converging from the same starting point. While the majority have a heritage in transaction monitoring and risk scoring, this is not universally the case. Increasingly, there are vendors for AML that started in a very different area and have a very distinct heritage. For example, vendors with a heritage in behavioral biometrics, identity verification or case investigation are now expanding into the mainstream AML market and building or acquiring additional capabilities. This makes sense as they try to grow their presence in this market (more capabilities mean more opportunities) and remain relevant (avoid getting relegated to niche supplier status). CIOs need to be aware that the strengths and weaknesses of these alternative vendors, where they have relatively long or short experience, may lie in different areas compared to vendors with a more conventional heritage.
  • Next-generation regtech: Some vendors are taking a more proactive approach by diversifying into regulatory technology, aka regtech. Regtech used to be just an intelligence service (“this has changed — you may need to do something about it”) or a project management tool (the Gantt charts, workstreams, deadlines, critical paths, etc., for becoming compliant with a specific regulation). There is a synergy here. The catalyst for a bank acquiring a new AML system is often the realization that its old AML system is no longer fit for purpose because it is no longer compliant with new or modified regulations. Banks that use vendors that also sell regtech tools gain an advantage by accelerating the identification of noncompliance. But AI and GenAI are revolutionizing what can be achieved via “next generation” regtech, and it breaks down into four stages:
    • Using LLMs and NLP to translate complex legal documents into plainer and simpler language that can be used to specify requirements.
    • Automating the process for conducting gap analysis — where is the bank today, and where does it need to be for compliance.
    • Determining the options available to close the gaps that were identified in stage two: what are the positive actions that can be taken.
    • Informing the specific bank employees who are responsible and accountable for ensuring compliance about what they need to do and the possible ways to achieve those goals.

Representative Vendors

The vendors listed in this Market Guide do not imply an exhaustive list. This section is intended to provide more understanding of the market and its offerings.

Vendor Selection

Table 1 features the AML vendors that Gartner sees most often in discussions with banks for either their current solution or for a proposed replacement (for example, in an RFP). Vendors in this table provide all five of the foundational modules for AML (transaction monitoring, decision engine, case investigation, reporting and orchestration). There are many other vendors with solutions that do not appear in this list of representative vendors because:
  • They only rarely appear on RFIs or in discussions, or
  • They may have only three or four of these modules (for example, they may be agnostic regarding which TM or case investigation solution they work with), but they can be effectively combined with other solutions for the full AML package.
Often, the five foundation modules are augmented by options to add, or connect to, additional modules for capabilities such as KYC, Sanctions Screening, Adverse Media, Politically Exposed Persons (PEP), Watchlists and Behavioral Biometrics.

Representative Vendors in AML

Vendor
Product Name
AdvanThink
Amadea
Computime
ComplyRadar
Clari5
Clari5 Real-time Anti-Money Laundering
DataVisor
DataVisor AML Platform
Eastnets
SafeWatch AML
Featurespace
ARIC for FRAML
Feedzai
Feedzai RiskOps Platform
Fiserv
AML Transaction Monitoring
Flagright
Flagright
FraudNet
Enterprise Risk Management Platform
GFT
Smaragd Compliance Suite
Hawk
Hawk
IMTF
Siron One
INETCO
INETCO BullzAI
KiyaAI
KiyaAI Anti-Money Laundering Solution
LexisNexis Risk Solutions
RiskNarrative
Lucinity
Lucinity
Lynx
Lynx AML
Mastercard
Omni-Channel Fraud and Compliance
Moody’s
Compliance and Third-Party Risk Management
Mozn
FOCAL
Napier AI
Napier AI Continuum
Nasdaq Verafin
AML/CFT Compliance and Management
NICE Actimize
Suspicious Activity Monitoring (SAM)
AML Essentials
Oracle
Oracle Financial Crime and Compliance Management (FCCM)
Plus TI
Monitor Plus ACRM+ (Advanced Compliance Risk Manager)
Quantexa
Contextual Monitoring for AML/CFT
RaptorX.ai
RaptorX
RelyComply
RelyComply
Sanction Scanner
Sanction Scanner
Sardine
Sardine AML Compliance
SAS
SAS Anti-Money Laundering
SAS Financial Crimes Analytics
SEON
SEON AML Screening & Monitoring
SEON Advanced Case Management
Silent Eight
Iris 6
Softronic
CM1
Sumsub
Sumsub AML Transaction Monitoring
SymphonyAI
Sensa AI for AML
Tookitaki
FinCense
Unit21
Unit21
XTN Cognitive Security
Cognitive Security Platform (CSP)
Source: Gartner (August 2025)

Market Recommendations

Whether selecting a new vendor or monitoring your existing AML vendor, bank CIOs should:
  • Ensure IT stays current with necessary AML platform enhancements by expecting regular updates from your legal department on regulatory developments, such as Article 75 of the EU’s AML Directive, which aims to allow greater data sharing to combat financial crime.
  • Anticipate requests for IT participation in public-private partnerships on GenAI adoption from inside the bank or from AML vendors. Banks in the private sector often have more extensive resources in data science and AI that can explore and develop new and better ways of utilizing GenAI. Whereas public bodies, such as regulators and central banks, can help coordinate the inter-bank testing of such developments using shared utilities they have created, such as sandboxes. As well as testing the functionality and ensuring that it works across multiple banks, IT can also advise in parallel whether such developments are explainable, compliant and ethical, rather than waiting until the end of a project before delivering a verdict.
  • Create a short initiative for participants in legal, fraud operations and IT to analyze vendor-supplied AI assistants and AI agents. AI assistants give case investigators step-by-step guidance to make suggestions about which aspects to investigate and which data source to prioritize. AI agents automate the triage process and the case allocation to add STP capabilities and to prepopulate reports at the end of an investigation.
  • Monitor deployments at similar banks. Find out where a vendor has deployed their AML system with a bank like yours: same size, same country, same business mix. Ideally, they should also be running the same core banking system and/or the same payment hub, so you can be sure about compatibility. Follow up on those client references and check in detail how satisfied each end user was with all aspects of the deployment after the sale was made. For example, how long did it take to get the large set of labeled transactions needed to train the ML model? How long did it take to train the ML model? How long did it take to connect the system to other systems from which it ingests data? Did it need to be customized for the bank’s unique needs? How long did it take to create or adapt the set of business rules needed? How long did it take to train the staff? How long did testing take? How long did tuning take to get the optimal balance of detection versus accuracy? What results did it deliver — what was the improvement (pre- vs. postdeployment) in key KPIs such as detection rates, accuracy and time to resolve the average case investigation?

Acronym Key and Glossary Terms

AML
Anti-Money Laundering
CBS
Core Banking System
CRM
Customer Relationship Management
FP
False Positive
FRAML
FRaud detection and Anti-Money Laundering
GenAI
Generative Artificial Intelligence
KPI
Key Performance Indicator
KYC
Know Your Customer
LLM
Large Language Model
LTM
Large Transaction Model
ML
Machine Learning
NLP
Natural Language Processing
PPP
Public-Private Partnership
SaaS
Software as a Service
SAR
Suspicious Activity Report
STP
Straight Through Processing
TCO
Total Cost of Ownership
TM
Transaction Monitoring
TP
True Positive

Evidence

1 EU Article 75 — Pan EU Information Sharing Is Coming, But Will It Be Enough?, Financial Crime News.
2 Global Financial and Economic Crime Outlook 2025, Secretariat.
3 FCA Fines Starling Bank £29M for Failings in Their Financial Crime Systems and Controls, Financial Conduct Authority.
4 Stablecoin Surge: Here’s Why Reserve-Backed Cryptocurrencies Are on the Rise, World Economic Forum.

Note 1: Gartner’s Initial Market Coverage

This guide to the AML market focuses on the market definition, the direction that the market is headed in and an analysis of the market dynamics that looks into vendor differentiators.