Lessons Learned from 15+ Years in AML and Financial Crime Prevention

What I have learned

• Controls fail where ownership is unclear, not where technology is missing.
• Most false positives are data problems disguised as model problems.
• The best AML programmes are run by people who understand both operations and law.
• Real-estate AML is where the biggest practical gains in Spain are still available.
• Supervisors reward institutions that are honest about their gaps.

What the next decade demands

• Higher-quality data, not more alerts.
• Reusable digital identity as the default for KYC.
• ISO 20022-grade payment context for monitoring.
• A genuine shift from compliance as paperwork to compliance as engineering.
• More cross-sector collaboration between banks, FinTechs, real estate and regulators.