AML Acronyms & Definitions A Reference Guide for UK Accountants
Accountants, Blog, Bookkeepers, Tax Advisers

AML Acronyms & Definitions: A Reference Guide for UK Accountants

Last Updated:Apr 22, 2026
12 Min Read
Start using FigsFlow today
  • Professional Proposals
  • Regulatory Compliant LOEs
  • Advanced Pricing Calculator
  • Automation & Integrations
  • Built-in E-Signature
  • AML & ID Verification
Start 30-day Free Trial

PEP, PSC, UBO, DAML, MRZ. AML guides throw a lot of shorthand around, and most of it lands without explanation.

This guide fixes that. Every key AML acronym and term, written in plain English, arranged across four categories: entities and ownership, supervision and regulation, risk and reporting, and process and due diligence. Scan the category you need, find the term, move on.

You can bookmark it, print it, or save it to your desktop and keep it to hand at all times.

How to use this guide

Use this as your practice’s one-stop reference for AML terminology. Instead of sending your team through countless guidance documents and regulatory PDFs to find what a term means, point them here.

  • New team member joining? Walk them through this before anything else.
  • Junior staff encountering a term during onboarding or a risk review? This is their first stop, not a Google search.
  • Refreshing your team’s AML awareness? Work through a category at a time.
  • Spotted a term in HMRC correspondence or a supervisory notice you don’t recognise? Find the category, scan down, done.

The four categories cover the full picture: who your clients are and who sits behind them, the bodies and laws that govern your obligations, how risk is assessed and escalated, and the practical checks your team carries out every day.

AML Acronyms: Entities and Ownership

These terms describe who your client is, who controls them, and what sits behind the structure.

AML Acronyms / TermsDefinition
BO (Beneficial Owner)The real person who ultimately owns or controls a client. Where a client is a company, you're looking for the individual or individuals who actually pull the strings, whether through shareholding, voting rights, or other means of control.
KCA (Known Close Associate)Someone with a close financial or business relationship with a Politically Exposed Person. This could mean jointly owning an entity with a PEP, or being the sole owner of an entity set up for a PEP's benefit.
NomineeA person who holds something, shares, assets, or a directorship on behalf of someone else. The nominee is the name on the register. The person behind them is the one you need to identify.
PEP (Politically Exposed Person)Someone who holds, or has held, a senior public position. This includes government ministers, senior judges, senior military officers, directors of state-owned companies, and heads of international organisations. The concern is that public roles can create opportunities for corruption, so PEPs always require Enhanced Due Diligence. The label also extends to their immediate family and known close associates.
PSC (Person with Significant Control)The individual or individuals who can meaningfully influence or control a UK company. Companies are required to keep a PSC register at Companies House. When your CDD turns up information that doesn't match what's on the register, you're required to report that discrepancy.
RCA (Relative or Close Associate)A family member or close associate of a PEP. The same enhanced due diligence requirements that apply to the PEP apply to their RCAs as well.
Shell CompanyA company that exists on paper but has no real operations, staff, or physical presence in the country where it's registered. Some legitimate holding structures use them, but they're also a common feature of money-laundering arrangements because they obscure who actually owns what.
UBO (Ultimate Beneficial Owner)The natural person at the very top of an ownership chain. When you peel back layers of corporate structure, the UBO is the human being who ultimately owns or controls the client. Your CDD obligation is to identify and verify this person, not just the entity you're directly dealing with.

AML Acronyms: Supervision and Regulation

These are the bodies, laws, and frameworks that set the rules your practice operates under.

AML Acronyms / TermsDefinition
MLR 2017 RegulationsThe main rulebook for AML compliance in the UK. Sets out what regulated businesses, including accountants, bookkeepers, and tax advisers, must do to prevent money laundering and terrorist financing.
AAT (Association of Accounting Technicians)A professional body and approved AML supervisor for accounting technicians in the UK. If you're an AAT member, AAT is responsible for overseeing your AML compliance.
ACCA (Association of Chartered Certified Accountants)A global accountancy body and one of the approved AML supervisors for UK accountants. ACCA members follow ACCA's AML guidance, which sits within the broader CCAB framework.
ATT (Association of Taxation Technicians)An approved AML supervisor for tax practitioners in the UK.
CCAB (Consultative Committee of Accountancy Bodies)The collective voice of the UK's main accountancy bodies. CCAB publishes the Anti-Money Laundering, Counter-Terrorist and Counter-Proliferation Financing Guidance for the Accountancy Sector, the primary practical guidance document for UK accounting practices.
CIMA (Chartered Institute of Management Accountants)A professional body and approved AML supervisor for management accountants.
CIPFA (Chartered Institute of Public Finance and Accountancy)A professional body focused on public finance and an approved AML supervisor within the CCAB framework.
FATF (Financial Action Task Force)The international body that sets the global standards for fighting money laundering, terrorist financing, and proliferation financing. Most national AML legislation, including the UK's, is built around FATF's framework. FATF also maintains lists of countries with weak AML controls, which directly affects how you assess risk for clients with connections to those jurisdictions.
FCA (Financial Conduct Authority)The UK's financial services regulator. Not the primary AML supervisor for most accountancy practices, but relevant where your firm carries out regulated financial activities.
HMRC (HM Revenue and Customs)Acts as the AML supervisor for accountants and tax advisers who aren't supervised by a professional body. If you're not a member of an approved body like ICAEW or ACCA, HMRC is the body you answer to for AML compliance.
ICAEW (Institute of Chartered Accountants in England and Wales)One of the UK's main chartered accountancy bodies and a primary approved AML supervisor. ICAEW members are subject to ICAEW's AML monitoring and are expected to follow the CCAB guidance.
ICAS (Institute of Chartered Accountants of Scotland)The professional body for chartered accountants in Scotland, and an approved AML supervisor within the CCAB framework.
OFSI (Office of Financial Sanctions Implementation)The HM Treasury body responsible for making sure UK financial sanctions are actually applied. If a client appears on a sanctions list, OFSI is the body that governs what you can and can't do. Every UK business, not just regulated ones, has obligations here.
OPBAS (Office for Professional Body Anti-Money Laundering Supervision)Sits within the FCA and keeps an eye on the professional body supervisors, ICAEW, ACCA, AAT, and the rest, to make sure they're supervising their members consistently.
POCA (Proceeds of Crime Act 2002)The law that defines money laundering offences in the UK. Three main offences are relevant to accountants: concealing or disguising criminal property; becoming involved in an arrangement that facilitates money laundering; and acquiring or using criminal property. POCA also creates the obligation to report suspicions and the offence of tipping off.
TA 2000 (Terrorism Act 2000)The legislation that creates terrorist financing offences in the UK. Sits alongside POCA in the MLTPF framework. As a regulated practice, your reporting obligations extend to suspected terrorist financing, not just money laundering.

AML Acronyms: Risk and Reporting

These terms cover how you assess, classify, and escalate risk within your practice.

AML Acronyms / TermsDefinition
CPF (Counter-Proliferation Financing)The obligation to make sure your services aren't being used to help fund the development or acquisition of weapons of mass destruction. Sits alongside counter-terrorist financing as part of the broader MLTPF framework, and has become more prominent in UK AML guidance in recent years.
CRR (Client Risk Rating)The risk level you assign to a client after completing your risk assessment. Usually expressed as low, medium, or high. The rating determines how much due diligence you apply, how frequently you review the client, and whether EDD is needed.
CTF (Counter-Terrorist Financing)The obligation on regulated businesses to prevent their services being used to fund terrorist activity. A parallel obligation to AML, governed by TA 2000 alongside the 2017 Regulations.
DAML (Defence Against Money Laundering)Previously called Consent. If you know or suspect that continuing to act for a client would make you complicit in a money laundering offence, you can apply to the NCA for a DAML before proceeding. You do this by filing a SAR and flagging that consent is required. Work on the relevant activity must stop while you wait for a decision. If the NCA doesn't refuse within 7 working days, the DAML is deemed granted.
High-Risk Third CountryA country that HM Treasury has identified as having significant weaknesses in its AML and counter-terrorist financing controls. Any client with a connection to one of these countries automatically triggers EDD, regardless of anything else about their profile.
MLTPF (Money Laundering, Terrorist and Proliferation Financing)The umbrella term covering all three financing offences your practice is required to guard against. Used throughout the CCAB guidance to capture AML, CTF, and CPF together.
Moratorium PeriodIf the NCA refuses a DAML request, you have a 31-day moratorium period during which the relevant activity must stop. Law enforcement can use this window to take action. Courts can extend it up to 186 days.
NRA (National Risk Assessment)The government's periodic assessment of money laundering and terrorist financing risks across different sectors of the UK economy. As a regulated practice, you're expected to be aware of the risks the NRA identifies for the accountancy sector and to reflect them in your own risk approach.
SAR (Suspicious Activity Report)The formal report you submit to the NCA when you know or suspect a client or transaction is connected to money laundering or terrorist financing. Filing a SAR as soon as suspicion arises is a legal obligation. Not filing one when you should is a criminal offence.
STR (Suspicious Transaction Report)An alternative term for SAR, more commonly used in international FATF guidance. In the UK, the correct term is SAR, but you'll encounter STR in cross-border or global compliance contexts.
TFS (Targeted Financial Sanctions)Sanctions aimed at specific named individuals or entities, requiring you to freeze their assets and refuse to make funds or services available to them. TFS obligations apply to all UK businesses, not just regulated ones, and are administered by OFSI.
Tipping OffTipping off is the offence of disclosing to a client, or anyone connected to them, that a SAR has been filed or that a money laundering investigation is underway. Even an accidental disclosure counts. If a DAML has been requested and a client asks why work has paused, that conversation needs very careful handling.

AML Acronyms: Process and Due Diligence

These are the practical checks and procedures your practice carries out when taking on and managing clients.

AML Acronyms / TermsDefinition
AML CheckScreening a client against sanctions lists, PEP databases, and other relevant sources to identify any red flags before or during a business relationship. An AML check is one part of the broader CDD process.
CDD (Customer Due Diligence)The process of finding out who your client is, verifying that identity, and understanding what they do and why they want your services.
EDD (Enhanced Due Diligence)A more thorough version of CDD applied to higher-risk clients. Where standard CDD establishes who a client is, EDD goes further: examining the background of the engagement, the source of their funds, and the purpose of specific transactions. It's mandatory for PEPs, clients linked to high-risk third countries, and any client or transaction flagged as elevated risk.
IDV (Identity Document Verification)The process of confirming that a client's identity documents are genuine and actually belong to them. Can be done manually or through electronic tools. Electronic IDV is faster and increasingly the norm, but the obligation to properly verify identity remains the same either way.
KYC (Know Your Client)The overall process of building a clear picture of who your client is before and throughout the relationship. KYC covers identity, the nature of their business, their source of funds, and why they need your services. It's the foundation that CDD is built on.
MRZ (Machine-Readable Zone)The two lines of text at the bottom of a passport that contain the holder's details in a format machines can read. Electronic ID verification tools use the MRZ to check document authenticity and extract identity data accurately, reducing the risk of human error in manual checks.
Ongoing MonitoringThe requirement to keep a watching brief on your client relationship throughout its life. You're looking for transactions or behaviour that doesn't fit what you know about the client. How often and how deeply you monitor should reflect the client's risk rating.
Risk AssessmentThe structured process of evaluating how much MLTPF risk a client presents. You consider things like who they are, where they're based, what industry they're in, and what services you're providing. The outcome feeds directly into the CDD approach you take. Separately, your practice also needs to carry out a firm-wide risk assessment each year.
SDD (Simplified Due Diligence)A lighter-touch version of CDD for clients assessed as genuinely low risk. The checks are still required; it's the depth and timing that can be adjusted. If suspicion arises at any point, SDD provisions fall away immediately, and full CDD or EDD applies instead.

The definitions in this guide are plain-English explanations intended for everyday reference. They’re not substitutes for the legal definitions.

Helpful Resources 

Conclusion

AML compliance isn’t going anywhere, and neither is the language that comes with it. The terms in this guide sit behind almost every client you take on, every risk decision you make, and every obligation your practice carries under the 2017 Regulations.

You can print this page, pin it up, and share it with your team. The next time a term comes up in a client file, a supervisory notice, or a piece of HMRC correspondence, you’ll know exactly where to look.

Don’t forget to share this post!

The Future of Proposals, Pricing & Engagement is Here!
Sign Up
Book a Demo
figsflow demo & trial

Related Articles

Log In
Book a Demo
Start 30-day free trial