AMLC Philippines: What It Is and What Covered Persons Must Do
AMLC stands for Anti-Money Laundering Council, the Philippines’ primary financial intelligence unit (FIU) responsible for enforcing the Anti-Money Laundering Act (AMLA). Banks, fintechs, e-wallets, insurance companies, and other covered persons are legally required to register with the AMLC, report covered and suspicious transactions, and comply with its directives. Non-compliance exposes institutions to fines, license suspension, and criminal prosecution. The AMLC’s enforcement reach was demonstrated publicly through the Alice Guo asset freeze in 2024 and the 87 money laundering charges tied to POGO networks.
What Does AMLC Mean? Definition and Role
AMLC stands for Anti-Money Laundering Council. It is the agency of the Philippine government established under Republic Act No. 9160 (the Anti-Money Laundering Act of 2001, or AMLA) to implement and enforce the country’s anti-money laundering and counter-terrorism financing (AML/CTF) framework.
The AMLC has three distinct functions that make it unusual among Philippine regulatory bodies: it acts simultaneously as a financial intelligence unit, an AML/CTF regulator and supervisor, and a primary law enforcement agency. Most countries separate these functions. But in the Philippines, the AMLC holds all three.
| AMLC Function | What It Means in Practice |
|---|---|
| Financial Intelligence Unit (FIU) | Receives, analyzes, and acts on CTR and STR reports from covered persons. Shares financial intelligence with law enforcement agencies. |
| AML/CTF Regulator | Issues implementing rules, circulars, and guidelines. Supervises compliance of designated non-financial businesses and professions (DNFBPs). |
| Law Enforcement Agency | Investigates money laundering and terrorism financing cases. Files petitions for freeze orders and asset forfeiture. Has prosecutorial powers. |
The AMLC is headed by a Council composed of the Governor of the Bangko Sentral ng Pilipinas (BSP) as Chairman, the Commissioner of the Insurance Commission (IC), and the Chairman of the Securities and Exchange Commission (SEC). Day-to-day operations are run by an Executive Director and a permanent Secretariat based at the BSP Complex in Malate, Manila.
AMLC vs. AMLA: What Is the Difference?
These two terms are consistently confused. AMLA is the law. AMLC is the council that enforces it.
AMLA (Anti-Money Laundering Act, Republic Act No. 9160) is the primary Philippine legislation criminalizing money laundering and establishing the compliance framework for financial institutions. It has been amended multiple times: RA 9194 (2003), RA 10167 (2012), RA 10365 (2013), RA 10927 (2017, covering casinos), and RA 11521 (2021, covering VASPs and strengthening FATF alignment).
AMLC is the government body created by AMLA to implement and enforce it. When a business says it needs to “comply with AMLC requirements,” they mean complying with the regulations the AMLC issues under AMLA’s mandate. The two terms point to the same compliance universe from different directions: AMLA is the source of authority, AMLC is the enforcement mechanism.
Who Must Register with the AMLC? Covered Persons in the Philippines
Under AMLA, any entity classified as a “covered person” must register with the AMLC through its Online Registration System (ORS) and comply with all AMLC reporting and compliance obligations. Non-registration is itself a violation.
Covered persons include:
- Banks, quasi-banks, trust entities, and non-stock savings and loan associations supervised by BSP
- Insurance companies, pre-need companies, and HMOs supervised by the Insurance Commission
- Securities dealers, brokers, investment houses, and other capital market entities supervised by SEC
- Money service businesses: remittance agents, money changers, foreign exchange dealers
- Virtual asset service providers (VASPs), including crypto exchanges operating in the Philippines
- Financing companies and lending companies
- Real estate developers and brokers for transactions above the applicable threshold
- Casinos, including online and ship-based casinos
- Jewelry dealers, dealers in precious metals and stones, for transactions above PHP 1 million
- Company service providers, lawyers, and accountants in specific circumstances
For fintech companies and digital banks seeking eKYC compliance in the Philippines, AMLC registration is a prerequisite. Businesses operating digital wallets, lending apps, or payment platforms that fall under any of the above categories must register before commencing operations. For those onboarding corporate clients, KYB for corporate clients is part of the same CDD obligation.
AMLC Compliance Obligations: What Covered Persons Must Do
AMLC registration is just the start. Once registered, covered persons carry ongoing obligations across four areas.
1. Customer Due Diligence (CDD)
CDD is the foundation everything else rests on. Covered persons must verify the identity of all customers at onboarding, maintain records of verification, and update customer information on a risk-based schedule. CDD includes collecting and verifying source of funds verification documentation for high-risk customers and transactions. For PEPs and other elevated-risk customers, Enhanced Due Diligence (EDD) applies.
2. Transaction Reporting via GoTRACS
According to AMLC Regulatory Issuance No. 2, Series of 2024 (GoTRACS), covered persons must submit two types of reports to the AMLC within five working days of the triggering transaction:
- Covered Transaction Reports (CTRs): For single cash or equivalent transactions exceeding PHP 500,000 in one banking day
- Suspicious Transaction Reports (STRs): For any transaction, regardless of amount, that is inconsistent with a customer’s profile, has no apparent lawful purpose, or shows red flags such as smurfing and structuring patterns
GoTRACS introduced a fully digital submission framework replacing earlier manual and email-based reporting. All covered persons must submit CTRs and STRs through the AMLC’s online platform. Tipping off a customer that an STR has been filed is a criminal offense under AMLA.
3. Risk Assessment and AML Program
Each covered person must conduct an institutional risk assessment to identify, evaluate, and understand their specific money laundering and terrorism financing risks. Based on this assessment, they must maintain a written AML/CTF compliance program covering internal policies, controls, training, and audit procedures. The program must be reviewed and updated regularly.
4. Record Keeping
Record keeping is the least glamorous obligation, and the one most often deprioritized until an inspection. Covered persons must retain customer identification documents and transaction records for a minimum of five years from the date of the transaction or the termination of the business relationship. Records must be available for AMLC inspection without delay when requested.
AMLC Powers: Freeze Orders, Bank Inquiries, and Asset Forfeiture
The AMLC’s enforcement tools are substantial. Understanding them matters both for compliance officers and for businesses evaluating the real consequences of non-compliance.
Freeze orders. The AMLC can issue an ex parte freeze order on bank accounts and assets linked to suspected money laundering without prior notice to the account holder, valid for an initial period. The AMLC then petitions the Court of Appeals to extend the freeze for up to six months, renewable. In the Alice Guo case in 2024, the AMLC secured a Court of Appeals freeze order covering 90 bank accounts linked to POGO-connected entities and individuals, following financial intelligence analysis that traced PHP billions in suspicious transactions.
Bank inquiries. For predicate offenses listed under AMLA (such as drug trafficking, kidnapping, and terrorism), the AMLC can inquire into bank deposits without a court order. For all other cases, it requires judicial authorization. This power allows the AMLC to obtain transaction records directly from financial institutions during investigations.
Asset forfeiture. Where money laundering is proven, AMLA provides for civil forfeiture of assets linked to the offense. The AMLC coordinates with the Office of the Solicitor General for civil forfeiture proceedings independent of criminal prosecution, meaning assets can be forfeited even if the criminal case is still ongoing.
Prosecution. The AMLC has authority to file money laundering complaints directly with the Department of Justice. According to Sumsub’s AML/KYC Philippines Guide 2026, prosecutors filed 87 money laundering counts tied to Alice Guo and 35 others for illicit financial flows through POGO networks, with the AMLC flagging more than 600 bank transactions worth approximately PHP 6.7 billion linked to those operations.
The FATF Grey List Exit and What It Means for AMLC-Regulated Businesses
In February 2025, the Financial Action Task Force (FATF) removed the Philippines from its grey list (Jurisdictions Under Increased Monitoring) after the country completed all 18 required reforms under its action plan. Before that, the Philippines had been grey-listed since June 2021.
The grey list exit reflects the cumulative effect of AMLC-led enforcement actions and regulatory reforms over four years, including expanded VASP supervision under RA 11521, casino AML integration under RA 10927, GoTRACS digital reporting rollout, and sustained enforcement actions against high-profile cases. For covered persons, the exit signals that the AMLC’s regulatory posture is now operating at a higher baseline than it was before 2021. Enforcement actions that were inconsistent under heightened FATF scrutiny are now standard operating procedure.
AMLC Penalties for Non-Compliance
The penalties for AMLA violations are substantial and multi-tiered.
| Violation | Penalty |
|---|---|
| Money laundering conviction | 7 to 14 years imprisonment plus fine of PHP 3 million to twice the value of the laundered proceeds |
| Failure to report covered/suspicious transactions | Administrative fines; possible criminal liability for willful non-reporting |
| Tipping off (informing customer of STR filing) | Criminal offense: imprisonment and fines |
| Failure to register with AMLC | Administrative sanctions; operating without AMLC compliance is a regulatory violation |
| Inadequate CDD / AML program | Regulatory sanctions from primary supervisor (BSP, SEC, IC) plus AMLC administrative penalties |
Frequently Asked Questions About AMLC in the Philippines
What does AMLC stand for in the Philippines?
- AMLC stands for Anti-Money Laundering Council. It is the Philippine government’s financial intelligence unit established under Republic Act No. 9160 (AMLA) to implement and enforce anti-money laundering and counter-terrorism financing laws.
What is the difference between AMLC and AMLA?
- AMLA (Anti-Money Laundering Act, RA 9160) is the law. AMLC is the council created by that law to enforce it. AMLA establishes what is prohibited and what institutions must do. AMLC has the authority and tools to ensure institutions comply and to investigate and prosecute violations.
Who needs to register with the AMLC?
- All covered persons under AMLA must register with the AMLC through its Online Registration System. This includes banks, fintechs, e-wallets, insurance companies, securities dealers, money service businesses, VASPs, real estate developers, casinos, and other designated non-financial businesses and professions.
What is GoTRACS?
- GoTRACS (Guidelines on Transaction Reporting and Compliance Submissions) is the AMLC’s digital reporting framework introduced through Regulatory Issuance No. 2, Series of 2024. It requires covered persons to submit Covered Transaction Reports (CTRs) and Suspicious Transaction Reports (STRs) electronically within five working days of the triggering transaction.
Can AMLC freeze accounts without a court order?
- Yes, for an initial period. The AMLC can issue ex parte freeze orders on accounts suspected of holding laundered funds without prior notice to the account holder. It must then petition the Court of Appeals to extend the freeze. In the Alice Guo case (2024), this power was used to freeze 90 bank accounts linked to POGO-connected money laundering networks.
What are the penalties for violating AMLA in the Philippines?
- A money laundering conviction carries 7 to 14 years imprisonment and fines of at least PHP 3 million or up to twice the laundered amount. Additional administrative penalties apply for failure to report transactions, inadequate CDD programs, and failure to register with the AMLC.
AMLC Compliance Starts at Onboarding
What’s often missed in AMLC compliance audits is where the actual gap is. It is not usually in the STR filing process or the GoTRACS submission format. The most frequent point of AMLA failure for covered persons is not transaction monitoring after the fact. It is weak identity verification at customer onboarding. A CDD program is only as strong as the identity layer underneath it: if your institution cannot confirm who your customer is, none of the downstream SoF checks, transaction monitoring, or risk profiling produces reliable results.
Verihubs eKYC API gives Philippine covered persons the verified identity foundation that makes AMLC compliance executable. With support for 15+ Philippine government ID types, AI-powered biometric liveness detection, and deepfake prevention, Verihubs ensures that the person behind every account is who they claim to be, from the first interaction.
Talk to the Verihubs team about building AMLC-compliant eKYC into your onboarding workflow.
