What Related Party Lending Reveals About AML Compliance Workloads in Finnish Banks

Learn how FIN-FSA’s 2025 review links related party lending to growing AML workloads and investigation capacity challenges.

Lucinity
9 min

Related party lending is often treated as a governance issue. For banks, it is also an AML operations issue. Loans involving directors, executives, owners, affiliated entities, or close circle members require additional verification, documentation, and approval controls, increasing investigation workloads.

This pressure is becoming more relevant as Finland’s overall money laundering risk is assessed as significant (level 3 on a four-point scale), increasing focus on how institutions execute controls in practice.

FIN-FSA highlighted similar pressures in its 2025 review of related party and close circle lending in Finnish credit institutions, identifying weaknesses in information management, verification, reporting, governance, and ability to make decisions.

This article explores what related party lending reveals about AML workloads in Finnish banks and why investigation capacity is becoming a growing compliance challenge.

Read more about neobanks compliance challenges 

Related party lending refers to loans and transactions involving individuals or entities that maintain a defined relationship with the institution. Depending on jurisdiction and institutional structure, this may include board members, executives, major shareholders, affiliated companies, close family relationships, or entities connected through ownership and control.

Related party lending has long been subject to heightened scrutiny because standard credit controls are not always sufficient when personal, ownership, or governance relationships exist between the institution and the borrower. These arrangements are not inherently problematic. Many are entirely legitimate and commercially justified.

The regulatory concern emerges because relationship proximity can introduce additional risks that ordinary lending processes are not designed to address.

Examples include:

  • Conflicts of interest influencing decision-making
  • Reduced independence during approval processes
  • Incomplete challenge of credit assumptions
  • Limited transparency around ownership structures
  • Reputational exposure if governance controls appear weak

This is why regulators expect institutions to treat related party transactions differently from standard lending activity. In Finland, supervisory expectations are anchored in the Credit Institutions Act (610/2014), including provisions governing related party transactions and internal governance.

These requirements align with broader European expectations under the European Banking Authority (EBA) Guidelines on Internal Governance (EBA/GL/2021/05), which emphasize governance frameworks, clear accountability, appropriate documentation, internal controls, and ongoing monitoring.

When governance structures become fragmented, the consequences rarely remain confined to governance functions as they move into operations. The next question is what that operational reality looks like inside supervised Finnish banks and what recent supervisory findings reveal about where pressure points are emerging.

What FIN-FSA’s Last Year's Thematic Review Revealed About AML Compliance In Finland?

Last year, the Finnish Financial Supervisory Authority (FIN-FSA) examined procedures concerning related party and close circle lending across a sample of credit institutions under its direct supervision.

The review assessed compliance with Chapter 15, Section 13 and Chapter 5, Section 15 of the Finnish Credit Institutions Act (610/2014), together with expectations set under the European Banking Authority Guidelines on Internal Governance (EBA/GL/2021/05).

The review focused on three operational areas:

  • maintenance of related party information
  • procedures governing loans and other transactions involving related parties
  • effectiveness of internal governance and control structures

The findings provide a useful view into how governance expectations translate into day-to-day operational demands.

One of the clearest observations was inconsistency in how institutions maintained and governed related party information.

FIN-FSA found that internal guidelines for related party registers and related party lending were partially deficient or inconsistent. Weaknesses appeared particularly in conflict-of-interest management, lending procedures, and documentation of roles, responsibilities, and processes.

2.  Challenges in Relationship Verification   

FIN-FSA also identified gaps in how institutions verified related party information against external sources. This was especially visible when banks attempted to identify company affiliations connected to individuals within the close circle.

Relationship verification is one of the most time-intensive activities inside AML Compliance. Internal records alone rarely provide enough context to understand ownership structures, beneficial ownership links, external control relationships, or transaction rationale.

 3. Fragmented Systems and Manual Data Transfers   

The review also identified a structural challenge that directly affects investigation throughput. According to FIN-FSA, related party registers are generally maintained separately from core banking systems, with data transfers performed manually and often with delays.

When information sits outside operational workflows, investigators move between systems, compare records manually, validate timestamps, and confirm whether data remains current. Every additional hand-off increases investigation effort and introduces opportunities for inconsistency.

 4. Gaps in Risk Assessment Approaches   

Another important observation concerned risk assessment. FIN-FSA noted that loans granted to related parties generally followed standard credit risk assessment processes without adequately considering factors specific to related party lending, including conflicts of interest, reputational exposure, and broader institutional impact.

Traditional credit assessment answers whether a customer should receive credit. Investigation processes answer whether institutions can explain and defend how decisions were reached. Those objectives overlap but are not identical.

 5. Governance Execution and Reporting Weaknesses   

The review further identified inconsistencies in governance execution. Authority to make decisions for related party transactions was sometimes delegated below board level based on transaction characteristics, yet thresholds governing delegation were not always clearly defined.

Reporting to boards was also found to be partially insufficient. In some cases, reporting lacked enough detail regarding transaction amounts, conditions, and approval levels. In other cases, reporting expectations were not comprehensively defined in internal instructions.

The findings from FIN-FSA’s thematic review point to a broader operational reality inside banks. Governance weaknesses rarely remain governance problems. When related party information is incomplete, relationship verification is inconsistent, or reporting structures lack clarity, the additional effort required does not disappear.

Moreover, it moves into AML operations, where investigators and compliance teams absorb the complexity. This is where related party lending becomes relevant beyond governance and credit monitoring.

To understand that impact, it helps to look at how additional relationship complexity changes day-to-day AML work and why investigation capacity increasingly becomes the limiting factor.

Investigations Become More Difficult Due To Layers

Every relationship that requires additional validation introduces additional investigative steps. Analysts may need to confirm beneficial ownership structures, identify affiliated entities, verify external company relationships, review approval history, and understand how transactions fit into broader customer activity.

Even lending arrangements that appear straightforward can evolve into multi-stage reviews. A customer relationship may require:

  • Beneficial ownership verification
  • Relationship mapping across entities and individuals
  • Enhanced due diligence
  • Transaction history analysis
  • Reconstruction of approval pathways
  • Preparation of investigation narratives
  • Audit-ready documentation and evidence collection

None of these activities are unusual in AML Compliance. The challenge is accumulation. Investigators rarely process one multiplex relationship at a time.

They manage multiple cases simultaneously while balancing governance requirements, documentation standards, internal controls, and service expectations.That creates an investigation lifecycle that increasingly defines AML operations:

Detection → Investigation → Documentation → Decision

Identifying an alert is often the shortest part of the process. Most of the operational effort begins after a case enters investigation. Investigators gather information across systems, validate ownership and affiliations, document reasoning, prepare narratives, and ensure decisions remain explainable and defensible.

Related party lending increases pressure across each stage, verification takes longer, Documentation expands. Approvals become more involved. Decision-making slows.

Capacity Constraints Results In Backlogs

Due to the above is why operational capacity has become increasingly important in AML Compliance. Across financial institutions, detection capabilities continue to improve through stronger monitoring scenarios, broader datasets, and more mature controls.

Yet stronger detection does not automatically produce stronger outcomes. Higher visibility often creates more work. More investigations require more documentation. More documentation increases review time. The result is that operational throughput becomes a barrier. This challenge becomes especially visible when institutions rely on fragmented processes.

Manual data transfers, disconnected registers, repeated information requests, and duplicated review activity reduce the amount of work teams can complete without improving control quality. At that point, staffing alone becomes an incomplete solution.

Institutions can still experience delayed investigations, inconsistent documentation, and growing backlogs despite larger teams. This is why many compliance leaders increasingly distinguish between detection capability and execution capability.

Detection capability determines how effectively institutions identify risk. Execution capability determines whether institutions can investigate, document, and close work to regulatory standards. Related party lending makes that distinction visible.

What appears externally as a governance issue often reveals an internal operational challenge as institutions are being asked to process greater complexity while preserving decision quality, oversight, and audit defensibility.

Read more to learn about behavior detection in AML compliance

The Solution: How Banks Can Strengthen AML Surveillance Capacity?

If related party lending reveals anything about modern AML operations, it is that stronger controls do not automatically create stronger outcomes. Policies can be comprehensive, governance structures can be well designed and detection capabilities can be improved.

Infographic on AML Compliance showing six operational capabilities that improve AML surveillance capacity using simple icons and multi-color compliance visuals.

But if investigations take too long to complete or documentation requirements exceed operational capacity, institutions eventually experience growing workload, slower decisions, and reduced ability to maintain consistent monitoring.

That is why many institutions are moving there focus from adding controls toward improving how investigative work is executed. The objective is not to reduce governance. It is to make governance sustainable at an operational scale.

1.  Building Better Investigation Foundations   

One of the clearest lessons from FIN-FSA’s observations is that investigation quality depends heavily on information quality. When related party information is fragmented across systems, relationship verification becomes repetitive and investigations slow down.

Institutions increasingly need stronger operational foundations that allow investigators to move from gathering information to evaluating it. Several capabilities become particularly important.

2. Integrated Relationship Visibility  

Investigators need access to relationship context without manually reconstructing ownership structures, approval chains, and affiliated entities across disconnected environments.

Related party information, customer records, approvals, transaction history, and supporting evidence should support a single investigative process rather than separate administrative workflows. This reduces duplicated effort and improves consistency.

3. Faster Evidence Collection  

Evidence collection remains one of the largest contributors to investigation time. Investigators should spend less time locating information and more time evaluating whether activity aligns with governance expectations and customer behavior.

Faster evidence preparation supports both investigation throughput and audit readiness.

4. Standardized Investigation Preparation  

As workloads increase, consistency becomes increasingly important. Structured investigation preparation reduces variation across analysts and creates clearer documentation standards.

Standardization does not replace judgment. Instead, it creates stronger conditions for investigators to apply judgment consistently.

5. Explainability and Governance Retention  

As institutions improve operational capacity, governance expectations become even more important. AML Compliance requires more than faster processing. Investigators and decision-makers must be able to explain how conclusions were reached, what evidence was considered, and which approvals supported outcomes.

While explainability supports audit defensibility, governance remains institutional responsibility. Operational improvements should strengthen oversight rather than reduce it.

6. Better Board Visibility  

FIN-FSA’s review highlighted reporting limitations as an area requiring attention. Board reporting becomes more valuable when it provides operational insight.

Institutions increasingly benefit from reporting that demonstrates:

  • Investigation throughput
  • Unresolved workload trends
  • Approval patterns
  • Decision timelines
  • Quality indicators
  • Governance exceptions

This allows boards to assess whether controls exist and whether operations can execute them consistently.

Read more to learn about the Human AI model in AML compliance

Human AI: The Improved Response to Growing AML Workloads  

As AML workloads become multiplex, many institutions are looking for ways to increase investigation capacity without relying solely on hiring. One approach is separating operational execution from regulatory accountability.

Under this model, institutions retain governance, decision-making, and regulatory responsibility while operational work is completed more efficiently. Lucinity follows this approach through its Human AI operating model.

Rather than acting as traditional software or outsourcing, Lucinity operates AML and KYC workloads inside existing client systems under SLA. Institutions maintain ownership of governance, approvals, escalations, and SAR outcomes while investigations are accelerated through explainable AI and human investigators.

Human AI supports investigations rather than replacing judgment. Luci prepares cases by gathering evidence, organizing information, and producing structured case preparation for investigator review. Human analysts remain responsible for oversight and final decisions.

To explore how Human AI model helps institutions increase AML and KYC capacity under SLA while keeping governance, visit Lucinity today!

Conclusion  

Related party lending is often viewed as a governance issue, but FIN-FSA’s 2025 thematic review a bigger challenge. The findings around incomplete verification, fragmented information, manual processes, and inconsistent governance show how operational workload accumulates inside AML functions.

Related party lending makes that challenge visible because it concentrates many of the activities that consume investigative effort. Strengthening AML Compliance therefore depends on adding controls and on improving execution capacity while preserving governance and monitoring.

  • Related party lending creates operational workload in addition to governance obligations.
  • FIN-FSA’s 2025 thematic review highlighted deficiencies in information governance, verification practices, reporting, and execution procedures.
  • Manual registers and fragmented processes increase investigation effort and slow case completion.
  • AML Compliance performance increasingly depends on execution capacity, not just detection capability.
  • Platforms like Lucinity support AML teams by reducing manual investigation effort, improving workflow efficiency, and maintain governance with Human AI model

FAQs  

1. What is related party lending in banking?  
Related party lending refers to loans involving individuals or entities connected to a financial institution, such as executives, board members, shareholders, or affiliated companies.

2. Why does related party lending increase AML investigation workload?  
Related party lending often requires extra verification and documentation. Investigators may need to confirm ownership structures, map relationships, perform enhanced due diligence, and collect additional evidence before closing cases.

3. What did FIN-FSA’s 2025 thematic review identify?  
FIN-FSA identified weaknesses in governance, data verification, reporting, and related party risk management across sampled institutions.

4. Why is operational capacity becoming more important in AML Compliance?  
Better detection creates more investigation work. Institutions increasingly need operational capacity to review cases efficiently while maintaining governance and audit readiness.

5. How does Lucinity support AML and KYC operations?  
Lucinity supports AML and KYC execution inside clients’ existing systems while institutions retain monitoring and authority to make decisions. Its Human AI approach helps prepare investigative work so teams can spend more time on analysis and judgment.

Sign up for insights from Lucinity

Recent Posts