Latest white paper on evolving regulations and emerging technologies

  • Industry perspective: The key forces driving AML reform in 2025 and beyond.

  • Operational insight: How automation is reshaping onboarding and accuracy.

  • Strategic value: Where collaboration is unlocking the next era of compliance.

Access White Paper
relycomply whitepaper

Get updates that matter

Stay connected with:

  • Industry insights - Reports on trends, threats, and regulatory shifts shaping the financial services world.

  • Customer highlights - See how businesses like yours are closing AML gaps and protecting their customers.

  • Feature releases - Discover the latest products and AI-powered capabilities in our platform.

relycomply whitepaper

Investigating ISO 20022 AML compliance for secure, scalable cross-border payments

Scaling cross-border payments with ISO 20022

Given the growing need for instant payments worldwide, ISO 20022 AML compliance is rising as a priority that no financial services company can ignore. Seemingly, the industry is responding. Almost 95% of financial businesses are actively modernising their payment infrastructure (or planning to), now the only way to facilitate real-time AML monitoring for regulatory purposes, and also to appease customer bases that demand more from the banks and fintechs they trust with their money.

ISO 20022 marks another step up from ISO 27001 – which provides governance to secure sensitive transaction monitoring data – and while the former’s been a preferred standard on the compliance scene for two decades, its true rewards are only reaped by today’s institutions enabling strong AML and fraud controls. Legacy systems cannot house structured payments data adept for real-time AML monitoring, nor maintain security for their loyal customers in a peak age of cybercrime.

There’s hope on the horizon, however. Businesses displaying full accreditation for ISO/IEC 27001:2022 (RelyComply included) are able to demonstrate commitments to safeguarding and using personal data accordingly for financial crime risk mitigation, yet also to enable fintech growth within the parameters of ever-stricter cross-border compliance. It can become the key to innovating at pace, and not letting data compliance tasks hinder progress. 

Modernise your structured payments data with ISO 20022

Why ISO 20022 standards matter

Fragmented systems, shifting regulations and lax attitudes to fincrime risk only allow criminals to grow their bases of operations and technological capabilities, leaving financial institutions vulnerable. This is especially true within payment services that need to account for novel digital assets amongst cross-border transactions from one institution to another, and to ensure customers can be onboarded and conduct their payments with ease amid the threat of laundered funds. And while greater interoperability is an ideal force for positive AML change, G20 notes that the lack of standardised financial messaging is an enduring sticking point for cross-border transactions.

Truly, the controlled enforcement of structured payments data has long been necessary for payment instructions and reporting to remain consistent, and ultimately what ISO 20022 has been building towards. This shift toward structured, interoperable messaging also lays the groundwork for ISO 20022 AML compliance, strengthening how financial institutions monitor, analyse and report cross-border transactions. Unlike traditional formats, ISO 20022 ensures that advanced remittance details, intended senders, recipients and purpose codes – four-letter codes for a payment’s underlying reason – are embedded directly into the message structure.

Adopting SWIFT ISO 20022 has become more pressing recently. 22 November 2025 marked the end of the SWIFT MT/ISO 20022 coexistence period – where the set standard became the default cross-border payment format on the SWIFT network, all over the globe.

ISO 20022 benefits for AML data quality

Payment Service Providers (PSPs), international banks and fintechs are all united in needing to display oversight over rich, structured data. When customer and transaction monitoring data is siloed or outdated and data management is fraught with errors, this creates major holes in an end-to-end AML process that should be built to withstand hugely sporadic data formats and volumes. ISO 20022 instead supports compliance due to information being tagged accordingly for accurate AML analytics, and to improve risk detection (even within digital cross-border transactions).

What structured data enables

Now following mandated rules for real-time payments – including the EU’s Instant Payments Regulation, and around 80 instant payment schemes implemented worldwide – automated compliance screening is becoming a base-level requirement for all areas of the financial ecosystem. When ISO 20022’s standard removes manual reviews of payment data, AI-driven RegTech platforms can help run AML checks more efficiently, working with detailed and correctly formatted data for more accurate investigations as and when they occur. This is where ISO 20022 AML compliance becomes operational rather than theoretical, enabling structured data to directly power faster, more reliable monitoring workflows.


Similarly, by leveraging structured sanctions screening data, holistic risk profiles can be created per entity. This is vital for entity resolution – gathering all the necessary contextual information around a person or payment (such as involved parties and the aforementioned purpose codes) against real-time sanctions lists. 

In this way, the AML data quality supplied by the ISO 20022 standard removes any ambiguity around anomalous payments, downtime and false positives associated with legacy compliance checks, speeding up any required due diligence and reporting to cut out instances of real crime amid complex fund flows.

Navigating ISO 20022 AML compliance nuances

Even given the advantages of ISO 20022, AML compliance is not a silver bullet adept at keeping cross-border payments safe everywhere. The disparity between one PSPs’ AML system and another signifies where ISO 20022 implementation can falter. Such rich alternative data requires technologies able to interpret it, and act on it for real-time AML monitoring to be purposeful in identifying fraudulent behaviours. Without the right infrastructure in place, ISO 20022 AML compliance cannot deliver its full potential across fragmented payment ecosystems. Essentially, the true value of structured payment data cannot be gained without being facilitated by operationally-sound automations.

Likewise, despite the standard’s lengthy existence, the ending of the coexistence phase and with only 80% of Real Time Gross Settlement (RTGS) systems predicted to have implemented the standard by the end of last year, the goal to harmonise standards has not been met yet. It relies on every institution handling SWIFT ISO 20022 migration properly – a consistent wheel of progress on top of notoriously costly compliance bottlenecks. 

Meanwhile legacy systems are still being updated, chewing up around 60% of IT budgets at payment companies, threatening to lag further when more complex future cases requiring ISO 20022 standard increase post-2026. It is not enough to be reactive when this structured payments data standard exists to set a ‘bare minimum’ for firms to stay compliant in their payment messaging.

How standards apply to ISO 27001 and RegTech AML platforms

In order for PSPs to turn strategic compliance to their own advantage, ISO 20022 stands as another advantageous aspect of an end-to-end RegTech platform. Well-implemented systems can be attuned to both global and local data privacy standards, and complement top-tier information security coverage, including ISO 27001.

The two standards are distinct in that ISO 20022 provides greater detail, context and quality for AML insights, but ISO 27001 focuses on the management of the payments data––that it is audited and protected from misuse, breaches, and violations against recognised standards. They’re both essential components contributing to both identity verification and transaction monitoring tasks, providing a robust risk management structure. 

ISO 20022 benefits vs ISO 27001

When fraud prevention and AML is complicated by faster transaction volumes and new payment rails, RegTech partners that are ISO/IEC 27001:2022 certified instill confidence in a financial institution that their sanctions screening and reporting capabilities are set up in a way to detect and raise time-critical payments safely. RegTechs employ global standards to accommodate necessary factors into adaptive AML systems, all without creating payment friction for customers. Richer payment data processed in a centralised, certified system can therefore be a major revenue-driver for SMEs and corporates, where continued customer satisfaction counts heavily in today’s climate.

A major jump for cross-border cooperation

Legislation around worldwide payments is developing quickly, and ISO 20022 marks a seismic sea change in the way that businesses can make their AML controls actionable. Of course, this demands that all manner of institutions employ RegTech solutions able to facilitate and utilise structured payments data for the correct risk mitigation purposes. 

ISO 20022 AML compliance as a foundation for scalable AML

Beyond SWIFT ISO 20022 migration, managing anti-fincrime operations and payment complexity to scale is all possible via collaborative partnerships – deploying integrated monitoring solutions fit for dynamic shifts in payment types, and enabling future cross-border transactions to continue freely, and with confidence that they’re reaching their destination. 

RelyComply is embracing the move to payment data standardisation, recognising that ISO 20022 AML compliance will play a central role in strengthening structured monitoring, improving data integrity and supporting secure cross-border growth as the financial landscape adapts to this powerful framework.

Arrange a demo

More News and Resources

Blanket de-risking in AML

How de-risking can exclude those banks should protect

October 29, 2025

As usual with financial compliance, if you fail to spot real risk, there’s dire repercussions. In the case of blanket de-risking, there’s an even greater Pandora’s Box of implications beyond stalling financial access to low-risk entities &#8211; wrongly chasing the “ghost customers” who rely on those they bank with the most.&nbsp; There’s already been a &hellip; <a href="https://relycomply.com/aml-risks-with-de-risking-in-banks/">Continued</a>

Property AML weak link.

South Africa’s property market exposes AML risks

October 13, 2025

Luxury real estate has long been synonymous with risk. From purchasing offshore residences for tax avoidance to the seizure of properties from sanctioned individuals, housing is a hotbed of anti-money laundering (AML) focus, with criminals hiding in an industry integral to everyone, everywhere.&nbsp; The industry is complex even before cross-border activity is considered. Ownership structures &hellip; <a href="https://relycomply.com/property-market-aml/">Continued</a>

Cookie Settings

Manage your cookie preferences here.