CAMS — ACAMS Certified Anti-Money Laundering Specialist Exam Blueprint
Independent exam blueprint for the ACAMS Certified Anti-Money Laundering Specialist (CAMS) exam, focused on AML readiness, scenario judgment, and final review.
How to use this CAMS exam blueprint
Use this checklist as an independent study map for the ACAMS Certified Anti-Money Laundering Specialist (CAMS) exam from ACAMS, exam code CAMS. It is designed to help you translate broad anti-money laundering and counter-terrorist financing concepts into practical readiness tasks.
Because exact exam weights are not provided here, treat the sections below as readiness areas, not as official section percentages. For each area, ask:
- Can I explain the concept in plain language?
- Can I apply it to a customer, transaction, product, or investigation scenario?
- Can I distinguish the best next action from a merely plausible action?
- Can I identify the documentation, escalation, or control expected in an AML/CFT program?
Use this scale while reviewing:
| Readiness mark | Meaning | What to do next |
|---|---|---|
| Green | You can answer scenario questions and explain why the answer is best. | Maintain with mixed practice. |
| Yellow | You recognize the topic but hesitate on application or exceptions. | Review examples and decision points. |
| Red | You rely on memorized terms but cannot apply them. | Rebuild from definitions, controls, and scenarios. |
Topic-area readiness map
| Readiness area | What to review | You are ready when you can… | Common exam-style cues |
|---|---|---|---|
| AML/CFT foundations | Money laundering stages, terrorist financing, proliferation financing, predicate offenses, financial crime typologies | Explain how illicit value moves through the financial system and why controls are placed at onboarding, monitoring, and reporting points | Placement, layering, integration; use of cash, shells, nominees, trade, wires, crypto or value transfer channels |
| International standards and cooperation | FATF-style risk-based expectations, FIUs, information sharing, supervisory bodies, cross-border cooperation | Identify the purpose of global standards and how local laws, regulators, and institutions interact | “International standard,” “financial intelligence unit,” “mutual assistance,” “high-risk jurisdiction” |
| Risk-based approach | Enterprise risk assessment, customer risk, product risk, geography risk, delivery channel risk, inherent and residual risk | Prioritize higher-risk activity without treating all customers or products the same | “Risk appetite,” “residual risk,” “control effectiveness,” “enhanced due diligence” |
| Customer due diligence | Customer identification, verification, beneficial ownership, purpose and nature of relationship, ongoing monitoring | Select appropriate onboarding and refresh actions based on customer type and risk | Complex ownership, PEP, legal entity, nominee, inconsistent source of funds |
| Enhanced due diligence | Higher-risk customers, high-risk geographies, PEPs, correspondent banking, private banking, nonresident customers | State what extra information or approval may be needed and why | Senior management approval, source of wealth, source of funds, adverse media |
| Sanctions and screening | Sanctions lists, name screening, false positives, potential matches, escalation, blocking/freezing concepts where applicable | Distinguish AML monitoring from sanctions screening and know when escalation is needed | Similar names, aliases, ownership/control, hit disposition, restricted country |
| Transaction monitoring | Rules, scenarios, alerts, red flags, tuning, escalation, investigations | Evaluate unusual activity using customer profile, expected activity, and supporting facts | Rapid movement of funds, structuring, funnel activity, unexplained wires, trade anomalies |
| Investigations and reporting | Alert triage, case building, documentation, suspicious activity reporting, tipping-off controls | Build a defensible case narrative and decide whether activity should be escalated or reported under applicable rules | “No apparent lawful purpose,” “inconsistent with profile,” “customer explanation unsupported” |
| AML compliance program | Governance, policies, procedures, internal controls, training, independent testing, designated responsibility | Identify program components and how weaknesses create regulatory and operational risk | Audit finding, stale policy, missing training, weak escalation, ineffective monitoring |
| Enforcement, ethics, and accountability | Regulatory expectations, individual conduct, conflicts, confidentiality, recordkeeping | Recognize prohibited conduct, weak governance, and improper handling of sensitive information | Tipping off, ignoring red flags, backdating, inadequate documentation |
| Exam judgment | Best next step, most appropriate control, strongest red flag, most relevant document | Choose practical AML actions, not generic compliance slogans | “What should the compliance officer do next?” “Which factor is most concerning?” |
Core AML/CFT concepts to know cold
Can you explain these without notes?
- Money laundering as a process for disguising illicit origin, ownership, movement, or control of funds.
- The difference between money laundering, terrorist financing, and proliferation financing.
- Why terrorist financing may involve smaller amounts and legitimate-source funds.
- The classic stages of money laundering:
- Placement
- Layering
- Integration
- Why real cases may not follow the stages neatly.
- What a predicate offense is and why it matters to AML analysis.
- How shell companies, nominees, intermediaries, and professional facilitators can obscure ownership.
- Why cross-border activity, cash intensity, complex structures, and secrecy jurisdictions increase risk.
- How AML controls reduce risk but do not eliminate it.
Key vocabulary readiness
| Term | Be able to define | Be able to apply in a scenario |
|---|---|---|
| Customer due diligence | Understanding who the customer is and the expected relationship | Identify what information is missing from a customer file |
| Enhanced due diligence | Additional scrutiny for higher-risk relationships | Decide when source of wealth, source of funds, or senior approval is relevant |
| Beneficial owner | Natural person or persons who ultimately own or control a customer under applicable rules | Look through legal entities, nominees, and control arrangements |
| Suspicious activity | Activity that may indicate illicit conduct, evasion, or lack of legitimate purpose | Decide whether an alert should become a case or report |
| Tipping off | Improperly revealing an investigation or report to a customer or unauthorized party | Recognize unsafe customer communications |
| Risk-based approach | Applying stronger controls where risk is higher | Avoid one-size-fits-all decisions |
| Residual risk | Risk remaining after controls | Explain why a high-risk product may be acceptable only with strong controls |
| Politically exposed person | Person with prominent public function or related exposure, depending on applicable definitions | Identify corruption, bribery, and influence-risk concerns |
| Sanctions match | Potential or confirmed link to a sanctioned person, entity, vessel, country, or restriction | Escalate rather than treat it as a normal AML alert |
| Financial intelligence unit | Government body that receives and analyzes financial intelligence reports | Understand reporting and information-sharing roles |
Risk-based approach checklist
The CAMS exam often rewards candidates who can think like an AML professional: identify risk, apply proportionate controls, document the rationale, and escalate when required.
| Risk factor | What to assess | Strong readiness looks like | Weak-area warning |
|---|---|---|---|
| Customer type | Individual, legal entity, trust, nonprofit, MSB, professional intermediary, cash-intensive business | You can explain why some customer types require more scrutiny | Treating customer type alone as proof of suspicious activity |
| Geography | Residence, incorporation, operations, transaction corridors, counterparties | You can connect geography to sanctions, corruption, terrorism, secrecy, or weak AML controls | Assuming every foreign transaction is suspicious |
| Product or service | Deposits, wires, trade finance, private banking, correspondent banking, prepaid access, virtual asset exposure | You know how each product can be misused | Memorizing products without understanding abuse methods |
| Delivery channel | In-person, non-face-to-face, intermediated, digital | You can identify verification and impersonation risks | Ignoring non-face-to-face onboarding risk |
| Transaction behavior | Volume, velocity, purpose, counterparties, round-dollar patterns, reversals | You compare behavior to expected activity | Looking at transactions in isolation |
| Ownership and control | Beneficial owners, controllers, nominees, layered entities | You know when ownership complexity increases risk | Stopping at the first legal entity name |
| Source of funds and wealth | Origin of transaction funds and overall wealth | You can distinguish source of funds from source of wealth | Treating a bank statement as full source-of-wealth evidence |
| Controls | Screening, monitoring, approvals, limits, audits, training | You can explain how controls reduce inherent risk | Confusing control existence with control effectiveness |
Inherent risk vs. residual risk
Be ready to explain this concept in plain words:
- Inherent risk: risk before controls are considered.
- Control effectiveness: how well policies, systems, people, and oversight reduce risk.
- Residual risk: risk that remains after controls.
A common exam trap is assuming a high-risk customer or product must always be rejected. A risk-based approach may allow the relationship if the institution can understand, monitor, document, and control the risk within its risk appetite.
Customer due diligence and onboarding readiness
Minimum reasoning tasks
Can you do the following?
- Identify the customer and understand whether the customer is an individual, legal entity, trust, intermediary, or regulated institution.
- Determine what information is needed to understand the customer’s purpose and expected account activity.
- Recognize when beneficial ownership or control information is incomplete.
- Compare customer-provided information to independent or reliable evidence where required.
- Identify when enhanced due diligence is appropriate.
- Explain why onboarding is not a one-time event; customer information must remain reasonably current.
- Recognize when refusal to provide information is itself a risk indicator.
- Document the rationale for onboarding, escalation, approval, or exit.
CDD file review checklist
| File element | Review question | Possible concern |
|---|---|---|
| Customer identity | Is the customer clearly identified and verified according to applicable procedures? | Missing or inconsistent identity information |
| Business purpose | Is there a plausible reason for the account or relationship? | Vague purpose, inconsistent business description |
| Expected activity | Are expected volumes, products, geographies, and counterparties documented? | Monitoring cannot compare activity to baseline |
| Beneficial ownership | Are ultimate owners/controllers understood where required? | Layered entities, nominees, bearer-like control, unexplained ownership |
| Source of funds | Is the origin of funds for transactions understood when risk warrants? | Third-party funding, unexplained cash, circular transfers |
| Source of wealth | Is the customer’s overall wealth origin understood when risk warrants? | PEP wealth inconsistent with known income |
| Screening results | Are sanctions, PEP, and adverse media results reviewed and dispositioned? | Unresolved potential match |
| Risk rating | Does the rating reflect facts, not assumptions? | High-risk indicators overridden without rationale |
| Approvals | Were required approvals obtained before activity? | Backdated or missing approval |
| Ongoing monitoring | Is refresh or review frequency appropriate for risk? | Stale information for a higher-risk relationship |
Enhanced due diligence readiness
Enhanced due diligence is not just “collect more documents.” It is a risk-focused effort to understand the relationship well enough to decide whether to accept, continue, restrict, or exit it.
| Higher-risk scenario | What you should consider | Exam-ready decision cue |
|---|---|---|
| PEP or close associate | Role, jurisdiction, source of wealth, source of funds, adverse media, corruption exposure | Higher risk does not automatically mean suspicious, but it requires deeper review |
| Complex legal entity | Ownership chain, control persons, business purpose, jurisdictions, nominee arrangements | Complexity without business rationale is a red flag |
| Correspondent banking | Respondent bank controls, regulatory environment, nested relationships, payable-through risks | Understand who has access through the relationship |
| Private banking | Wealth origin, relationship manager influence, high-value transactions, secrecy concerns | Strong controls must counter relationship pressure |
| Nonprofit or charity | Purpose, donors, beneficiaries, geographies, fund flow, governance | Legitimate activity can be abused for terrorist financing |
| Trade finance customer | Goods, pricing, shipping route, counterparties, documents, sanctions exposure | Documents and transaction economics must make sense |
| Virtual asset exposure | Source/destination, wallet or exchange risk, anonymity tools, blockchain analytics where used | Technology changes the evidence, not the need for risk understanding |
| Cash-intensive business | Cash volume vs. expected operations, location, seasonality, deposits | Cash alone is not suspicious; unexplained cash is |
Transaction monitoring and alert investigation
From unusual activity to decision
flowchart TD
A[Alert or unusual activity identified] --> B[Compare to customer profile and expected activity]
B --> C{Is there a reasonable explanation?}
C -->|Yes, supported| D[Document disposition and close or monitor]
C -->|Unclear or unsupported| E[Gather more information and review related activity]
E --> F{Does activity indicate suspicion or unresolved risk?}
F -->|Yes| G[Escalate according to procedures]
G --> H[Consider report filing under applicable rules]
F -->|No| I[Document rationale and any monitoring changes]
H --> J[Maintain confidentiality and avoid tipping off]
Alert review checklist
- What triggered the alert?
- Is the activity unusual for this customer, or only unusual in general?
- What is the customer’s known business, occupation, source of funds, and expected activity?
- Are there related accounts, counterparties, addresses, devices, beneficial owners, or employees?
- Is activity structured, circular, rapid, unexplained, or inconsistent?
- Are there sanctions, PEP, adverse media, or law enforcement concerns?
- Has the customer provided a plausible and supported explanation?
- Does the explanation match documents and transaction behavior?
- Is escalation required under policy?
- Is a suspicious activity report or similar report required under applicable rules?
- Has the rationale been documented clearly enough for review by audit, regulators, or law enforcement?
Investigation evidence to recognize
| Evidence type | What it can show | Caution |
|---|---|---|
| Customer profile | Expected activity and risk context | Profiles can become stale |
| Transaction history | Patterns, velocity, counterparties, changes over time | One transaction rarely tells the full story |
| Account opening documents | Stated purpose, occupation, ownership, control | Customer-provided data may be incomplete |
| Public records | Business status, litigation, licenses, addresses | Data may be outdated or mismatched |
| Adverse media | Allegations, criminal links, reputational risk | Verify relevance and identity match |
| Trade documents | Goods, route, price, parties, shipping details | Documents can be falsified or inconsistent |
| Screening results | Sanctions, PEP, watchlist, negative news | False positives need documented disposition |
| Internal referrals | Front-line concerns or relationship manager observations | Pressure to retain customer can bias judgment |
| Law enforcement requests | External investigative interest | Handle through authorized channels only |
Suspicious activity reporting readiness
You do not need to memorize a single universal reporting process for every jurisdiction unless your official study materials require it. You do need to understand the logic of suspicious activity reporting.
| Task | Readiness check |
|---|---|
| Identify suspicion | Can you distinguish unusual activity from suspicious activity? |
| Escalate internally | Do you know when a matter should move from alert review to investigation or compliance escalation? |
| Document rationale | Can you write why activity is or is not suspicious using facts, not conclusions? |
| Preserve confidentiality | Can you identify tipping-off risk? |
| Meet applicable obligations | Can you recognize that reporting format, timing, and recipient depend on jurisdiction and procedure? |
| Continue monitoring | Can you explain why filing a report may not end the risk management process? |
| Consider exit or restriction | Can you identify when the relationship may need restriction, closure, or enhanced monitoring? |
Report narrative quality prompts
A strong suspicious activity narrative usually answers:
- Who is involved?
- What happened?
- When did it occur?
- Where did funds come from and go?
- How was the activity conducted?
- Why is it suspicious?
- What supporting facts or documents exist?
- What action did the institution take?
Avoid vague conclusions such as “customer appears suspicious” without explaining the facts that support the concern.
AML compliance program checklist
A CAMS candidate should be able to evaluate whether an AML program is designed and operating effectively.
| Program component | What to review | Ready when you can identify… |
|---|---|---|
| Governance | Board or senior management oversight, risk appetite, accountability | Weak oversight, unclear ownership, unsupported risk acceptance |
| Policies and procedures | Written standards and operational steps | Policy that says what to do but procedures do not explain how |
| Risk assessment | Enterprise, customer, product, geography, channel risk | Missing methodology, outdated data, unsupported ratings |
| Customer due diligence | Identification, verification, beneficial ownership, expected activity | Files that do not support monitoring or risk rating |
| Monitoring and screening | Rules, alerts, sanctions screening, list management, tuning | Unreviewed alerts, excessive false positives, poor escalation |
| Reporting | Suspicious activity escalation and filing process | Late, incomplete, or undocumented decisions |
| Training | Role-based training, frequency, attendance, comprehension | Generic training that misses high-risk roles |
| Independent testing | Audit or review of design and operating effectiveness | Repeat findings, weak remediation, no root-cause analysis |
| Recordkeeping | Retention of required AML records and investigation documentation | Missing evidence for key decisions |
| Third-party oversight | Vendor, correspondent, agent, or intermediary controls | Outsourced task without retained accountability |
| Management information | Metrics, trends, backlogs, quality, emerging risks | Reports that list activity but do not support decisions |
Internal control failure cues
- Alerts are closed with boilerplate language.
- High-risk customers are not reviewed more closely than low-risk customers.
- Sanctions potential matches are resolved by untrained staff.
- Policies are current but business procedures are outdated.
- Independent testing repeats the same findings year after year.
- Relationship managers can override compliance decisions without documented approval.
- Training completion is tracked, but effectiveness is not assessed.
- Risk ratings are changed without evidence.
- Backlogs are hidden by closing alerts without adequate review.
- Customer exits are delayed despite unresolved high-risk concerns.
Typologies and red-flag scenario cues
Money laundering typologies
| Typology | What it may look like | What to ask |
|---|---|---|
| Structuring or smurfing | Multiple smaller transactions designed to avoid attention or reporting | Is there a pattern inconsistent with legitimate need? |
| Funnel activity | Deposits in multiple locations followed by rapid movement elsewhere | Why are funds collected and moved this way? |
| Rapid movement of funds | Incoming and outgoing transfers with little account purpose | Does the customer have a legitimate business reason? |
| Shell company misuse | Legal entity with no clear business, employees, website, or operations | Who benefits and controls the entity? |
| Nominee arrangements | Accounts or entities controlled by someone other than the named party | Is the apparent owner acting for another person? |
| Trade-based money laundering | Over/under-invoicing, false goods, unusual routes, mismatch between goods and business | Do documents, prices, and shipping details make commercial sense? |
| Real estate laundering | High-value purchase, opaque ownership, third-party funds, unusual urgency | Are source of funds and beneficial ownership understood? |
| Casino or gaming misuse | Buy-ins and cash-outs with little play, third-party funding | Is value being converted rather than gambled? |
| Professional facilitator misuse | Lawyers, accountants, agents, or formation companies obscure ownership | Is professional involvement legitimate or shielding the customer? |
| Virtual asset misuse | Use of mixers, high-risk exchanges, darknet exposure, rapid conversion | Can source, destination, and ownership be reasonably understood? |
Terrorist financing and proliferation financing cues
| Risk area | Scenario cue | Key distinction |
|---|---|---|
| Terrorist financing | Small transfers, nonprofit misuse, conflict-zone corridors, many donors, informal value transfer | Funds may be from legal or illegal sources |
| Proliferation financing | Front companies, dual-use goods, complex shipping, sanctioned networks, evasive routing | Focus on weapons-related procurement and sanctions evasion risk |
| Sanctions evasion | Intermediaries, altered payment fields, vessel changes, ownership opacity | Screening alone may not detect all evasion |
| Nonprofit abuse | Funds diverted from stated charitable purpose | Legitimate sector risk does not mean all nonprofits are suspicious |
Sanctions, PEPs, and adverse media
Sanctions readiness
Be able to distinguish these concepts:
| Concept | AML exam relevance |
|---|---|
| Sanctions screening | Identifies potential prohibited or restricted parties, countries, vessels, or activity |
| Transaction monitoring | Detects unusual or suspicious transaction behavior |
| False positive | Potential match determined not to be the listed party after review |
| Confirmed or likely match | Requires escalation and action under applicable law and procedure |
| List management | Ensures screening uses current and appropriate sanctions data |
| Evasion | Attempts to hide sanctioned involvement through intermediaries, ownership changes, or altered information |
Checklist:
- Can you explain why sanctions screening may occur at onboarding and during transactions?
- Can you identify when a name match requires escalation rather than routine closure?
- Can you evaluate aliases, date of birth, addresses, ownership, and identifiers?
- Can you recognize sanctions evasion through third parties or shell companies?
- Can you avoid treating sanctions review as the same process as suspicious activity investigation?
- Can you explain why confidentiality and escalation procedures matter?
PEP and corruption-risk readiness
- Know that PEP status is a risk factor, not automatic proof of wrongdoing.
- Review source of wealth and source of funds logic.
- Watch for public salary inconsistent with wealth or transaction volume.
- Consider relatives, close associates, controlled entities, and intermediaries.
- Connect PEP risk to bribery, corruption, procurement fraud, embezzlement, and sanctions exposure.
- Understand why senior approval and ongoing monitoring may be relevant for higher-risk PEP relationships.
Product, service, and channel checks
| Product or channel | Main AML/CFT concerns | Controls to recognize |
|---|---|---|
| Retail banking | Cash deposits, wires, structuring, mule activity | CDD, transaction monitoring, branch referrals |
| Correspondent banking | Nested relationships, foreign respondent risk, payable-through exposure | EDD, respondent bank review, activity monitoring |
| Private banking | High-net-worth opacity, PEPs, relationship pressure | Source of wealth, senior approval, enhanced review |
| Trade finance | Document manipulation, dual-use goods, sanctions, price anomalies | Document review, sanctions screening, trade expertise |
| Money services and value transfer | High velocity, cross-border transfers, agent risk | Agent oversight, transaction monitoring, licensing awareness where applicable |
| Securities and investments | Market manipulation proceeds, layering through accounts, beneficial ownership opacity | Customer risk review, surveillance coordination |
| Insurance | Early surrender, third-party premium payments, policy loans | Beneficial owner and payment review |
| Real estate finance | Opaque ownership, third-party payments, high-value assets | Source of funds, beneficial ownership, professional intermediary review |
| Digital and non-face-to-face channels | Identity fraud, synthetic identity, account takeover, mule networks | Strong verification, device/IP analytics where used, monitoring |
| Virtual asset exposure | Anonymity-enhancing tools, high-risk exchanges, rapid conversion | Wallet risk review, blockchain analytics where used, enhanced monitoring |
International standards and cooperation
CAMS candidates should understand the purpose of international AML/CFT coordination without confusing global standards with one jurisdiction’s local rulebook.
| Area | What to know |
|---|---|
| FATF-style standards | Promote risk-based AML/CFT controls, beneficial ownership transparency, suspicious transaction reporting, sanctions-related controls, and international cooperation |
| FIUs | Receive, analyze, and disseminate financial intelligence reports according to jurisdictional frameworks |
| Supervisors and regulators | Examine institutions, enforce compliance, and set expectations within their authority |
| Law enforcement | Investigates crimes and may request information through authorized channels |
| Cross-border cooperation | Helps trace funds, share intelligence, and coordinate enforcement |
| Public-private information sharing | Can improve detection but must follow legal and confidentiality constraints |
| High-risk jurisdictions | May require enhanced scrutiny, risk mitigation, or restrictions depending on applicable guidance |
Readiness prompts:
- Can you explain why AML/CFT is coordinated internationally?
- Can you distinguish a standard-setting body from a regulator, FIU, or law enforcement agency?
- Can you identify why beneficial ownership transparency is important?
- Can you explain how information sharing helps detect networks rather than isolated transactions?
- Can you avoid assuming every country uses the same reports, deadlines, or thresholds?
Documentation and artifact checklist
For scenario questions, know what document or artifact supports the decision.
| Artifact | What it supports | Exam scenario use |
|---|---|---|
| Customer risk assessment | Initial and ongoing customer risk rating | Decide if EDD or monitoring changes are needed |
| Enterprise risk assessment | Institution-wide risk understanding | Identify program gaps or control priorities |
| CDD record | Customer identity, purpose, expected activity | Determine whether activity is inconsistent |
| Beneficial ownership record | Ownership and control transparency | Spot hidden control or nominee concerns |
| EDD memo | Higher-risk relationship rationale | Support acceptance, continuation, or exit |
| Alert disposition | Why an alert was closed or escalated | Evaluate documentation quality |
| Investigation case file | Facts, evidence, analysis, decisions | Support report filing or no-filing rationale |
| Suspicious activity narrative | Communicates suspected conduct to authorities | Assess completeness and clarity |
| Sanctions hit disposition | Shows how potential match was resolved | Identify false-positive vs escalation handling |
| Training records | Demonstrate staff training completion and coverage | Assess program effectiveness |
| Independent testing report | Identifies control weaknesses | Determine remediation priorities |
| Remediation plan | Tracks corrective action | Evaluate whether findings are addressed |
“Can you do this?” applied skills checklist
Mark each item Green, Yellow, or Red.
AML analysis
- Identify the most important red flag in a fact pattern.
- Distinguish suspicious activity from merely unusual activity.
- Compare activity to the customer’s expected profile.
- Explain why a transaction pattern suggests placement, layering, or integration.
- Recognize when a customer explanation is plausible but unsupported.
- Identify the next investigative step.
- Decide when escalation is more appropriate than immediate closure.
- Recognize tipping-off risk in customer communications.
Customer and risk management
- Identify who the customer is in a layered ownership structure.
- Determine whether beneficial ownership information is adequate.
- Distinguish source of funds from source of wealth.
- Identify EDD triggers.
- Select appropriate controls for higher-risk customers.
- Explain when ongoing monitoring should be adjusted.
- Recognize when risk acceptance requires documented approval.
- Identify when exiting a relationship may be appropriate.
Program and governance
- Identify the core elements of an AML compliance program.
- Recognize the difference between policy, procedure, and control.
- Evaluate whether independent testing is effective.
- Identify root causes behind repeated audit findings.
- Explain why training should be role-based.
- Assess whether monitoring rules align with risk assessment results.
- Recognize vendor or third-party oversight risk.
- Determine what management information would help senior leadership.
International and regulatory concepts
- Explain the role of FIUs.
- Describe why FATF-style standards matter.
- Distinguish sanctions screening from AML transaction monitoring.
- Recognize high-risk jurisdiction concerns.
- Understand cross-border information-sharing constraints.
- Apply confidentiality expectations in investigations and reporting.
Scenario decision-point checks
Use these mini-prompts to test judgment. For each one, decide the best next action and the reason.
| Scenario cue | Best-thinking direction |
|---|---|
| A long-time low-risk customer suddenly receives large wires from unrelated foreign companies and transfers funds out the same day. | Compare to expected profile, review counterparties and purpose, escalate if unsupported. |
| A customer refuses to provide beneficial ownership information for a complex legal entity. | Treat as a significant onboarding or continuation concern; follow escalation procedures. |
| A PEP has wealth inconsistent with known public income and uses offshore entities. | Conduct EDD focused on source of wealth, source of funds, ownership, adverse media, and approvals. |
| A sanctions screening alert has a similar name but different date of birth and country. | Disposition as false positive only if documented evidence supports it. |
| A branch employee reports that a customer asked how much cash can be deposited without a report. | Consider structuring intent and escalate according to procedures. |
| Trade documents show goods inconsistent with the customer’s business and an unusual shipping route. | Investigate trade-based money laundering and sanctions/proliferation concerns. |
| An investigator finds suspicious activity but a relationship manager asks to delay escalation to preserve the relationship. | Follow AML procedures, document facts, and avoid improper influence. |
| A monitoring rule creates many false positives and analysts close alerts mechanically. | Review tuning, data quality, risk coverage, and quality assurance. |
| A nonprofit sends funds to a conflict-zone region consistent with its mission but documentation is weak. | Do not assume wrongdoing; assess governance, beneficiaries, fund flow, and supporting evidence. |
| A customer asks whether the bank filed a suspicious activity report. | Avoid tipping off; follow approved communication procedures. |
Common weak areas and traps
| Trap | Why it is wrong | Better approach |
|---|---|---|
| Treating every high-risk customer as automatically suspicious | Risk is not the same as suspicion | Apply EDD and monitor based on facts |
| Memorizing red flags without context | Red flags require customer and transaction context | Ask whether activity is inconsistent, unexplained, or evasive |
| Confusing source of funds and source of wealth | They answer different questions | Funds: where transaction money came from; wealth: how overall wealth was generated |
| Assuming sanctions and AML alerts are handled the same way | Sanctions may require immediate specific action under applicable rules | Escalate potential sanctions matches according to procedure |
| Closing alerts because the customer gave an explanation | Explanations must be plausible and supported | Verify against documents, profile, and transaction behavior |
| Overlooking beneficial ownership | Legal ownership may hide real control | Look for ultimate natural-person ownership or control under applicable rules |
| Ignoring geography | Country risk can affect customer, product, and transaction risk | Consider residence, incorporation, operation, counterparties, and routes |
| Believing policy equals control effectiveness | A policy may exist but not operate effectively | Look for evidence of implementation, testing, and remediation |
| Missing tipping-off risk | Disclosure can compromise investigations and violate rules | Use approved internal and external communication channels |
| Looking at one transaction only | Laundering often appears as a pattern | Review related accounts, counterparties, and time periods |
Final-week CAMS review checklist
Content review
- Re-read your official ACAMS CAMS study materials for areas marked Red or Yellow.
- Review AML/CFT definitions until you can apply them without memorized wording.
- Drill CDD, EDD, beneficial ownership, and risk-based approach scenarios.
- Review suspicious activity investigation steps and documentation expectations.
- Review sanctions, PEP, adverse media, and high-risk geography distinctions.
- Revisit program governance: policies, controls, training, independent testing, and remediation.
- Confirm any jurisdiction-specific reporting terms, deadlines, forms, or thresholds included in your assigned materials.
Practice review
- Complete mixed practice sets rather than studying only one topic at a time.
- For every missed question, write the reason:
- Missed definition
- Misread scenario
- Chose a generic answer instead of the best AML action
- Confused risk with suspicion
- Ignored documentation or escalation
- Re-answer missed questions after a delay.
- Practice explaining why the correct answer is better than the second-best answer.
- Build a one-page list of recurring weak terms, typologies, and decision rules.
Exam-readiness check
You are closer to ready when you can consistently:
- Identify the AML risk in a short scenario within seconds.
- Choose the best next step without overreacting or underreacting.
- Explain how CDD supports monitoring and investigations.
- Recognize when EDD, escalation, or reporting analysis is needed.
- Distinguish sanctions, AML, fraud, and general compliance concerns.
- Apply the risk-based approach instead of relying on absolutes.
- Support decisions with documentation and confidentiality awareness.
Practical next step
Mark each section of this CAMS Exam Blueprint as Green, Yellow, or Red. Then use your Red and Yellow areas to guide targeted review, followed by timed mixed practice. Focus especially on scenario judgment: what the AML professional should do next, what evidence matters, and how the decision should be documented.