AML Checks in the Supply Chain: prevention, compliance, and innovation for a resilient ecosystem.

Introduction

Supply chain management has become a strategic pillar for corporate sustainability and reputation—particularly in regulated sectors or those exposed to the risk of criminal infiltration. By nature, global supply chains are fragmented and multi-layered, making them especially vulnerable to illicit activities such as money laundering, fraud, undeclared labour, and corporate opacity, which may infiltrate silently yet systematically.

In this context, embedding anti-money laundering (AML) and counter-terrorism financing (CFT) principles within procurement processes and third-party due diligence is no longer a mere formality. It is now an operational, regulatory, and cultural necessity—a path towards building a healthy, transparent, and genuinely competitive corporate ecosystem.

Supply Chains and criminal infiltration: why a new approach is needed

Investigative and judicial experience highlights that criminal infiltration in production chains is not a remote risk—it is a tangible reality. From underpaid labour and coerced suppliers to the creation of fictitious consortia, red flags are frequently overlooked or underestimated. This is due to several factors:

• a limited perception of risk, often restricted to financial or reputational aspects;
• a lack of corporate culture that encourages the reporting of anomalies as a form of oversight rather than conflict;
• and the absence of adequate technological and methodological tools to effectively map and monitor the full supply chain.

As emphasised at the conference “Assessing Risks in Supply Chains” (original title “Valutare i rischi nelle supply chain“), organised by Transcrime and Università Cattolica del Sacro Cuore, a paradigm shift is needed—one built on four essential pillars:

• a widespread and shared risk culture that extends due diligence to sub-suppliers;
• the adoption of advanced technologies integrated into business processes to transform data into actionable insights;
• the implementation of robust regulatory and procedural safeguards, as outlined by Legislative Decree 231/2001;
• and collaboration between internal functions and public/private stakeholders to foster a virtuous circle of controls and synergies.

Read more: “Organized crime: adapting due diligence to evolving threats.”

Due Diligence and the Risk-Based Approach: beyond document checks

In an evolving regulatory environment—shaped by the 6th AML Directive and EBA guidelines—document-based checks alone are insufficient. Verifying a supplier requires a structured, dynamic due diligence process aimed at risk mitigation. This includes:

• the identification and ongoing monitoring of key individuals (such as beneficial owners and directors);
• systematic checks against blacklists, watchlists, and sanctions;
• and thorough analysis of adverse media sources to detect early warning signals.

Access to adverse media is vital for effective due diligence, but equally crucial is selecting data providers with proven expertise and deep, structured coverage. SGR Compliance stands out for its ability to identify and document criminal organisations, related individuals, and patterns of mafia infiltration—thanks to ongoing data collection and qualification, including at a local level.

This approach enables timely identification of high-risk entities and supports businesses in excluding or flagging them during onboarding or supplier selection processes. It also requires assessing tax and contribution history, corporate structure, and the presence of opaque links.

In addition to ex-ante due diligence—where procurement teams play a pivotal role—establishing an ex-post monitoring cycle is increasingly strategic. This allows timely detection of corporate changes, emerging risks, or behavioural anomalies. It means applying AML checks prior to engaging with third parties, screening both companies and their connected individuals, and implementing automated continuous monitoring for ongoing relationships.

Technology and oversight: a hybrid and effective Model

Technology is an indispensable ally in building a robust AML framework within the supply chain—but its effectiveness hinges on data quality and integration into company processes. Advanced screening and monitoring systems must be:

• reliable, powered by verified, structured, and up-to-date data;
• free from bias and scientifically validated;
• transparent and auditable, providing traceability of analyses and decisions;
• predictive, capable of identifying hidden patterns and links;
• and scalable, able to support complex global chains with automation features and AI-powered prioritisation tools.

Nonetheless, even the most sophisticated systems cannot replace human analysis. Expert oversight is essential to validate system-generated alerts, manage false positives, and contextualise risks based on industry knowledge and local dynamics.

Best practices and real-world cases: a cross-sector perspective

Several sectors have already embraced an integrated compliance approach in their supply chains, achieving tangible results in prevention and operational resilience. Key examples from the aforementioned conference include:

• Fashion: Kering has implemented robust audits and in-depth knowledge of first-tier suppliers, extending due diligence to logistics providers.
• Pharmaceuticals: Menarini Group oversees global chains with a strong focus on preventing corruption across intermediaries, leveraging internal process knowledge.
• Infrastructure: M4 S.p.A. developed the SILEG M4 platform—a virtuous model of preventive legality shared between public and private actors in public procurement.
• Finance: Banco BPM enhances the role of local branches as “strategic observation points”, training staff to detect early warning signs.
• Industry: Fincantieri manages complex global supply chains, using protocols with authorities as tangible tools for prevention, audits, and cross-checks.

In all these cases, the common denominator is integration between corporate functions—Compliance, Audit, Legal, Procurement, and Security—and the synergistic use of data, technology, and human expertise.

Towards a healthy and competitive ecosystem: the role of collaboration

Combating criminal infiltration in supply chains cannot fall on a single function or sector. A convergence of public, private, and academic actors is required to strengthen the culture of prevention, promote early or ongoing reporting, and encourage the sharing of best practices and continuous dialogue.

It is essential to promote shared tools for monitoring and reporting, such as legality protocols, and to develop custom “red flags” based on sector-specific risk indicators.

SGR Compliance supports businesses along this path, offering AML solutions for supply chains based on qualified and updated data, with a strong local focus, advanced screening and monitoring technologies, and a data infrastructure deep and structured enough to enable integration with partners specialising in sector-specific risk models and anomaly detection indicators. This offer is complemented by training and direct support to key internal functions.

Key Takeaways

• AML compliance in the supply chain is a strategic lever—not just a regulatory obligation. It safeguards operational resilience, business continuity, and corporate reputation.
• Access to regulated markets and qualified partnerships requires a transparent, verifiable, and well-controlled supply chain.
• Criminal threats navigate global chains with speed and sophistication: intercepting them early is essential to avoid exposure.
• Corporate resilience stems from a systemic approach combining due diligence, continuous monitoring, and cross-functional collaboration.
• True supply chain security cannot be improvised: it requires planning, shared commitment, and the implementation of advanced AML frameworks supported by qualified data and scalable technologies.