What Is FRAML? Why Banks Are Converging Fraud and AML Compliance

For most of the past two decades, fraud and anti-money laundering operated as separate functions inside financial institutions. Separate teams, separate systems, separate data environments, separate reporting lines. The fraud team reported to operational risk. The AML team reported to compliance. They shared a building and occasionally shared a spreadsheet. They did not share data in real time.

That separation made administrative sense in an era when fraud was a consumer protection problem and AML was a regulatory compliance problem. It no longer reflects how financial crime actually works. The criminals connecting fraud schemes to money laundering networks are not respecting organisational boundaries. The compliance infrastructure designed to detect them increasingly cannot afford to either.

FRAML — the convergence of fraud and AML functions into a unified financial crime programme — is the operational and technological response to this shift.

Why Fraud and AML Are the Same Problem

The clearest illustration of why fraud and AML cannot be cleanly separated is the money mule. A money mule account is used to receive proceeds from a fraud scheme — authorised push payment fraud, investment scams, business email compromise — and immediately transfer those funds onward through a layering structure designed to obscure their origin. The account holder may be complicit, or may have been recruited unknowingly.

From the fraud team's perspective, the mule account is the exit point of a fraud typology. From the AML team's perspective, it is a transaction monitoring alert — rapid inflows followed by immediate outflows, often to multiple beneficiaries or across jurisdictions. Both teams are looking at the same account, the same transactions, and the same underlying criminal network. Without a shared data environment, neither team has the full picture.

The problem compounds at scale. A payment fraud ring operating across Singapore, Malaysia and the Philippines may involve dozens of mule accounts across multiple institutions. Each institution's fraud team sees its own slice of the pattern. Each institution's AML team runs its own monitoring rules. Without cross-function and cross-institution visibility, the pattern is invisible to everyone.

FATF has been explicit about this. FATF Recommendation 3 addresses money laundering predicate offences — fraud is among the most common. The 2023 FATF report on money mule networks specifically identified the separation of fraud and AML detection as a structural vulnerability that organised criminal networks exploit.

What FRAML Means in Practice

FRAML is not a product category or a regulatory term — it is a programme design approach. It describes the integration of fraud detection and AML/CFT compliance at three levels:

Data integration. Fraud signals and AML signals are drawn from the same customer data, transaction data, and behavioural profiles. A customer flagged by the fraud system for account takeover indicators is the same customer the AML system is monitoring for structuring. Keeping that data in separate silos means each system is working with an incomplete picture.

Detection integration. Monitoring scenarios are designed to detect cross-typology patterns that neither a standalone fraud system nor a standalone AML system would see in isolation. Rapid fund cycling that starts with a fraudulent inflow and ends with an outbound wire transfer is one pattern, not two separate events for two separate teams to investigate independently.

Case management integration. Alerts are worked in a unified case management environment where the investigator can see the fraud history and the AML history of the same customer simultaneously. The SAR or SMR narrative incorporates both dimensions. The investigation does not stop at the boundary of one department's jurisdiction.

The Operational Case for Convergence

False positive reduction. When fraud signals and AML signals are evaluated separately, an alert that scores below the threshold in both systems may generate no response — even though the combination of indicators is clearly suspicious. Conversely, a transaction that looks unusual from a fraud perspective but is entirely consistent with the customer's AML profile may generate a fraud alert that wastes investigation time. Unified scoring reduces both types of noise.

Alert deduplication. Institutions with separate fraud and AML systems frequently generate multiple alerts on the same customer for the same transaction — the fraud system flags it for one reason, the AML system flags it for another. Analysts in both teams work the same case from their respective angles. The FRAML model generates one alert with full context, one case, one investigation record.

Regulatory examination readiness. Supervisors in Singapore, Australia, Malaysia and the Philippines are increasingly examining institutions on the coherence of their financial crime programme — not just whether individual components are present. An institution that can produce an integrated financial crime risk assessment, unified monitoring documentation, and a single audit trail across fraud and AML functions is demonstrably better positioned for examination than one that produces two separate compliance binders.

Efficiency at scale. The compliance talent market in APAC is tight. Building and maintaining two parallel financial crime operations — separate analyst teams, separate technology stacks, separate training programmes — is expensive. Convergence allows institutions to apply the same investigative resource across both typologies, informed by a richer data set.

The Challenges of Getting FRAML Right

Convergence is not straightforward. Three obstacles recur across institutions attempting it:

Organisational silos that predate the technology. Fraud and AML have separate reporting lines, separate performance metrics, and in many institutions, separate P&Ls. The compliance officer and the fraud operations manager may agree that convergence is correct in principle while both defending their team's autonomy in practice. Technology integration is easier to achieve than organisational alignment.

Regulatory boundary complexity. AML reporting obligations (STR, SAR, CTR, TTR) are governed by specific legislation in each jurisdiction. Fraud reporting obligations — where they exist — often sit under different regulators. A unified case management system must produce correctly formatted reports for each regulatory destination without conflating the two frameworks.

Data governance and attribution. When fraud signals and AML signals are combined to produce a unified risk score, the institution must be able to explain to an examiner exactly which signals contributed to which outcome. Black-box scoring models that combine fraud and AML inputs without audit-trail transparency fail regulatory explainability requirements — even if the detection performance is good.

What to Look for in a FRAML Platform

Not all technology marketed as FRAML achieves genuine convergence. The meaningful questions to ask when evaluating a platform:

Single data layer, not data sharing. A platform that syncs data between a separate fraud system and a separate AML system is integration, not convergence. A genuine FRAML platform works from a single customer and transaction data layer — both fraud and AML detection draw from the same source of truth.

Cross-typology scenario design. The platform must support monitoring scenarios that span fraud and AML typologies simultaneously — not just two sets of separate rules running in parallel. Mule account detection that incorporates both fraud inflow patterns and AML outbound layering patterns is a cross-typology scenario. Two separate rules that happen to flag the same account are not.

Unified case management with dual-track reporting. Investigation workflow must support both fraud and AML case types from a single interface, with the ability to generate jurisdiction-specific regulatory reports (SMR for Australia, STR for Singapore and Malaysia, SAR for New Zealand and the Philippines) from the same underlying case record.

Explainability for each output. When a case is escalated for regulatory reporting, the system must be able to show which inputs — fraud indicators, AML indicators, or both — drove the decision. This is required for regulatory examination in all five APAC jurisdictions.

Community intelligence across both typologies. The most effective FRAML platforms draw on shared typology intelligence across institutions — patterns identified at one institution become available to others. Tookitaki's Anti-Money Laundering Suite (AMLS) operates this way across APAC financial institutions, with typologies covering both fraud and AML financial crime patterns.

Where FRAML Fits in the Compliance Programme

FRAML does not replace the AML compliance programme. It extends it. The AML/CFT programme required by MAS, AUSTRAC, BNM, BSP and the FMA remains the regulatory baseline — risk assessment, CDD, transaction monitoring, STR/CTR reporting, record keeping, training, independent audit. FRAML adds fraud detection coverage to the same monitoring and case management infrastructure, rather than running it as a parallel operation.

For institutions at the evaluation stage — assessing whether their current transaction monitoring system can support FRAML convergence, or whether a new platform is required — the starting point is the transaction monitoring layer. See our Transaction Monitoring Software Buyer's Guide for an evaluation framework.

To discuss how Tookitaki's FRAML platform is deployed in APAC financial institutions, book a demo with our compliance team.