What banks did wrong in 2024: Critical AML failures and essential lessons

Financial institutions paid more than $3.2 billion in AML-related fines last year. From major banks to emerging FinTechs, the message from regulators was clear—poor AML controls carry serious consequences.

Of course, you’re probably wondering what’s driving these compliance failures. Based on our analysis of 2024’s major AML enforcement actions, several critical issues keep emerging: outdated monitoring systems, poor resource allocation, and significant gaps in governance frameworks.

Let’s examine what went wrong and, more importantly, what we can learn to ensure you’re better positioned to strengthen your own AML controls and avoid similar pitfalls.

The price of not learning: 2024 vs 2023

At first glance, 2024’s total AML fines of $3.2 billion might seem like an improvement from 2023’s staggering $6.6 billion. However, this apparent decline masks a troubling reality: financial institutions aren’t learning from past mistakes.

Just look at the numbers. While Binance’s record-breaking $4.3 billion fine drove up 2023’s total, 2024 brought its own landmark case with TD Bank’s $3 billion penalty. The root causes remain disturbingly similar—inadequate monitoring systems, poor resource allocation, and weak governance frameworks.

2023 major AML cases

2024 major AML cases

The message is clear: despite increasing regulatory scrutiny and escalating penalties, financial institutions continue to struggle with basic AML compliance. 

With so many cases, why aren’t lessons being learnt? Here’s why…

The two major AML failures of 2024

TD Bank: A $3 billion wake-up call

TD Bank’s failures were pretty colossal in both scope and scale. Between 2014 and 2023, the bank left approximately $18.3 trillion in transactions unmonitored—that’s 92% of their total transaction volume. Naturally, this created massive vulnerabilities in their financial crime detection system.

The problems went beyond monitoring gaps. Internal auditors repeatedly flagged concerns about TD’s transaction monitoring programme, yet the bank maintained a “flat cost paradigm” that prevented necessary upgrades. This budget-first approach proved extremely costly in the long run.

The Department of Justice investigation revealed something even more troubling. Bank employees were actively involved in criminal activities, with one staff member facilitating narcotics proceeds laundering in exchange for bribes. Despite known risks, TD Bank failed to implement appropriate controls to detect this type of internal threat.

Starling Bank: When growth outpaces controls

Meanwhile in the UK, Starling Bank faced its own compliance crisis. The FCA handed down a £29 million fine after discovering the bank’s financial crime controls hadn’t kept pace with its rapid expansion.

The most concerning issue? Starling’s sanctions screening system was critically flawed. The bank’s senior management showed an “insufficient understanding” of sanctions compliance requirements—a fundamental weakness that exposed the entire organisation to risk.

📖Read more: Lessons from Starling Bank’s AML fine

The problems weren’t limited to traditional banks. Cryptocurrency firms paid more than £86 million in fines last year. One provider failed to detect £9 billion in suspicious payments due to inadequate transaction monitoring.

Payment providers weren’t far behind. A major FinTech faced a multi-million dollar penalty for significant weaknesses in their AML measures. The common thread? A failure to properly assess how their services could be exploited for money laundering.

By now, you’re probably seeing a pattern emerge. These weren’t isolated technical glitches—they represent systematic failures in how financial institutions approach AML compliance. 

Let’s look at why these failures keep happening… 

Common threads in AML failures

The 2024 enforcement actions reveal systemic issues that go deeper than isolated compliance failures. Looking at cases like TD Bank and Starling Bank, three patterns emerge:

#1. Growth without control

Financial institutions consistently struggle to scale their compliance capabilities alongside business growth. TD Bank’s “flat cost paradigm” exemplifies this problem. They maintained static compliance budgets while their risk exposure grew exponentially. The result? A $3 billion fine that far exceeded any short-term savings.

Similarly, Starling Bank’s rapid expansion wasn’t matched by corresponding investments in financial crime controls. Their outdated screening frequencies, which were designed for a much smaller operation, left significant vulnerabilities in their system.

#2. The leadership challenge

Perhaps most concerning is the persistent failure of senior management oversight. The FCA’s findings about Starling Bank’s leadership highlight a troubling trend: many senior teams lack the expertise to effectively oversee AML compliance.

TD Bank’s case reinforces this pattern. Despite internal auditors raising red flags, leadership failed to address known deficiencies. Different committees received inconsistent information, creating a fragmented view of compliance risks.

#3. Beyond technical solutions

While technology plays a major role, the evidence suggests the current approach to AML compliance needs fundamental rethinking. Isolated systems, working with limited data and insights, are proving inadequate against sophisticated financial crime.

Financial crime detection requires a fundamental shift in approach beyond purely technological solutions.

Ready to hear a solution? Here’s how new collaborative approaches might offer a way forward.

📖Read more: It’s time to look beyond traditional transaction monitoring for AML

Rethinking AML technology: beyond traditional solutions

Looking at the fines across 2023 and 2024, a clear pattern emerges. The financial sector’s current approach to AML compliance isn’t working. Traditional transaction monitoring systems fail to detect sophisticated criminal behavior, with TD Bank’s case showing how 92% of transactions can slip through the cracks.

The root of the problem

The data reveals three persistent challenges:

1. Poor data sharing and insights leave institutions working in isolation. When TD Bank failed to detect $670 million in suspicious transfers between 2019 and 2023, they were working with limited behavioral insights that could have flagged these patterns earlier.

2. Current monitoring systems remain static and inflexible. Both Binance and Starling Bank’s cases highlight how traditional systems struggle to adapt to changing risk patterns and business growth. Financial crime isn’t static—why should our detection systems be?

3. Scale continues to challenge effectiveness. With financial institutions processing trillions in transactions annually, traditional approaches to AML monitoring are struggling to maintain accuracy while managing volume.

A better approach for AML detection

The solution lies in more collaborative, intelligent approaches to financial crime detection. Federated learning technology, for instance, allows institutions to share behavioral insights without compromising data privacy—addressing one of the key barriers to effective AML compliance.

Early adopters of federated learning solutions are seeing promising results. Some institutions report three times greater efficiency in their AML processes while detecting 10% more suspicious cases than traditional single-institution models.

This type of technology enables what the industry desperately needs: systematic, continuous review of customer behavior, improved risk identification, and standardized management across different divisions and geographies.

📖Read more: AML risk management reimagined: The Consilient approach

Of course, technology alone isn’t the answer. But when combined with proper governance and oversight, these advanced approaches to AML compliance offer a genuine path forward.

How to build better AML defences: Essential lessons and action points

First things first. Your compliance framework needs to grow with your business. The evidence from 2024’s enforcement actions shows that static budgets and fixed resources don’t work. Start by assessing your current compliance spending against your growth trajectory.

Consider creating a dynamic resource model that automatically scales compliance resources with key business metrics. For example, when transaction volumes increase by a certain percentage, trigger a corresponding review of monitoring capabilities and staffing needs.

After that, it’s important to build effective governance. Strong governance starts with clear accountability. Senior management needs both the expertise to understand AML risks and the authority to act on them. 

Coupled with this is speed of decision making and implementation of new approaches. Organizations are stuck in the slow lane. Decision making going through numerous committees and functions taking months, if not years, to make urgent changes.

Start by establishing:

▪️Regular board-level reviews of AML effectiveness

▪️Clear reporting lines for compliance concerns

▪️Empower Risk/AML to move at speed, unencumber stogy and slow processes.

▪️Consistent management information across all committees

▪️Direct channels between compliance teams and senior decision-makers

The power of collaboration

Traditional approaches to AML compliance often create silos, with each institution, and even divisions of the same businesses, working in isolation. This fragmented approach limits our ability to detect sophisticated criminal behavior that spans multiple institutions.

Collaborative solutions, like federated learning networks, offer a new way forward. They enable:

   ☑️Shared behavioral insights without compromising data privacy

   ☑️Improved pattern detection across institutions

   ☑️Standardized risk management across different jurisdictions

   ☑️More efficient resource allocation through shared learning

Start by assessing your current system’s effectiveness, identifying gaps in your detection capabilities, evaluating opportunities for cross-institutional cooperation, and building internal support for collaborative solutions.

Build stronger AML defences with Consilient

The lessons from 2024’s AML failures point to a clear conclusion: financial institutions need to fundamentally rethink their approach to compliance. The cost of poor AML controls extends far beyond regulatory fines.

Consider the numbers: financial crime compliance costs reached $61 billion in North America alone last year. Yet this investment pales in comparison to the estimated $2 trillion in illicit transactions laundered through the financial system annually.

What’s next for your institution?

Start by examining your current AML framework. Are you allocating sufficient resources to match your growth? Do your senior leaders understand and actively engage with compliance issues? Is your technology capable of meeting current and future challenges?

Regulations continue to evolve. The EU’s new Anti-Money Laundering Authority starts work in July 2025. Meanwhile, FinCEN is tightening obligations for various sectors, and the UK’s Economic Crime Act brings new requirements for financial institutions.

Banks will be forced to make changes to existing AML defenses. 

Take action now

You don’t need to wait for a regulatory investigation to improve your AML controls. Begin with these practical steps:

   ▪️Review your transaction monitoring coverage

   ▪️Assess your sanctions screening effectiveness

   ▪️Evaluate your compliance resource allocation

   ▪️Strengthen senior management oversight

Ready to level up your AML controls? 

👉 Kickstart a conversation today

👉Follow us on LinkedIn for more