An FAU inspection can come unannounced. And at that point, it's too late to catch up. We've prepared a practical AML questionnaire for you — 14 key questions that show whether you actually have your AML obligations fulfilled. If you answer 'no' or 'I don't know' to any of them, it's time to make a change.
Table of contents
Why do you need an AML questionnaire?
Most fines from the FAU are not related to money laundering. They're related to formal deficiencies — missing internal policies, unperformed client identification, inadequate archiving. These are exactly the problems that can be prevented with regular self-audits.
The AML questionnaire works as your internal control tool. Answer each question honestly, and for every 'no', note what needs to be fixed. The goal is to have 'yes' for all 14 questions.
The Financial Intelligence Unit (FIU) assesses not only whether documents exist, but also their quality and currency. An internal AML policy written three years ago and never updated may be deemed insufficient even though it physically exists. Similarly, identification records with no evidence of sanctions-list screening or PEP-register checks are unacceptable to the FIU.
What does the FAU inspect most frequently?
Based on publicly available FAU decisions, the most frequently inspected areas are:
- Existence and currency of internal policies (SVZ) — the most common reason for fines
- Client identification (KYC) — must be documentable
- Customer due diligence (CDD) — assessing the purpose and source of funds
- Screening against sanctions lists and PEP registers
- Record retention — archiving for the legally required 10 years
If you're falling short in any of these areas, it's a direct risk of a fine.
FIU inspectors arrive prepared — they have access to public registers, the commercial register, and the beneficial ownership register. If your internal records do not match publicly available data, that is an immediate trigger for a deeper investigation. It is therefore essential not only to carry out client identification, but to correctly record the outcome of the beneficial-ownership verification and the screening result.
14 control questions of the AML questionnaire
Go through each question. If you answer 'yes', you're fine. If 'no' or 'I don't know' — that's an area for improvement.
📋 Documentation
- Do you have a current, up-to-date internal policies document (SVZ)?
- Does your SVZ include a risk assessment specific to your industry?
- Have you notified the FAU of your contact person for ongoing communication within 30 days of becoming an obliged entity (§ 22 of Act No. 253/2008 Coll.)?
- Have you designated a responsible person (§ 22a) and notified the FAU of your contact person (§ 22)?
🔍 Client identification and due diligence
- Do you perform identification (KYC) for every client before starting a business relationship?
- Do you determine the ultimate beneficial owner (UBO) for legal entities?
- Do you assess the purpose of the transaction and the source of the client's funds (CDD)?
- Do you perform enhanced identification and customer due diligence (Section 9a) for high-risk clients?
🛡️ Screening and monitoring
- Do you screen clients against EU and UN sanctions lists (Act No. 69/2006 Coll.)?
- Do you check whether the client is a politically exposed person (PEP)?
- Do you continuously monitor business relationships and update risk assessments?
📁 Archiving and reporting
- Do you archive all AML documentation for 10 years?
- Do you know how and when to submit a suspicious transaction report (OPO) to the FAU?
- Do you train your employees and persons in a comparable position in AML at least once a year?
Ready for inspection?
Find out if your business meets all AML obligations — before the FAU comes knocking.
How to evaluate the results?
Count how many questions you answered 'yes' to:
- 14/14 — Excellent. You're ready for an FAU inspection. Maintain this state.
- 10–12 — Good, but you have gaps. Focus on the missing areas as soon as possible.
- 7–9 — Risky. We recommend urgently filling in the missing measures.
- Less than 7 — Critical. You face a high risk of a fine. Act immediately.
What to do when you find gaps?
If you identify gaps while working through the checklist, do not panic. The FIU takes into account whether an obliged entity is actively working to remedy deficiencies. The key is to document the shortcomings, set a remediation deadline, and record the action plan. Inaction is worse than imperfection.
The most common remediation steps are: updating the internal AML policy, filling in missing identification records, running retrospective screening of existing clients, and training staff. All of these steps can be completed within AML PROOF without the need to hire an external consultant.
Most common mistakes during FAU inspections
From practice, we know that businesses most often fail in these areas:
- Missing or outdated SVZ — the most common reason for fines, often hundreds of thousands of CZK
- Formal identification without real checks — a copy of an ID is not enough, you must assess the risk
- No sanctions list screening — often overlooked by smaller businesses
The FAU doesn't just check whether documents exist. It evaluates whether they're current, relevant, and whether you actually work with them.
Pay particular attention to clients with a high-risk profile — politically exposed persons (PEPs) and clients from high-risk jurisdictions. These are precisely the clients for whom the FIU most frequently finds inadequate documentation of the origin of assets and sources of funds. enhanced identification and customer due diligence (Section 9a) for such clients is not optional — it is a statutory obligation under Section 13 of Act No. 253/2008 Coll.
Another common issue is tipping-off — or rather, breaching the tipping-off prohibition. Section 38 of the Act prohibits informing a client or third parties that a suspicious transaction report has been filed or that an investigation is under way. Breaching this obligation can result in a fine of up to CZK 1,000,000 and, in extreme cases, may jeopardise the seizure of proceeds of crime.
How AML PROOF helps with inspection preparation?
AML PROOF covers all 14 areas from our questionnaire in one tool:
- Automatically generates SVZ and risk assessment tailored to your industry
- Performs client identification and determines the beneficial owner
- Connected to EU, UN sanctions lists and PEP registers — real-time screening
- Assigns a risk score to each client and transaction
- Archives all documentation in one place for the legally required period
The result? When the FAU inspection comes, everything is prepared and traceable.
By automating compliance tasks you eliminate human error — the most common cause of FIU fines. The system will alert you to upcoming document expiry, clients who have not been re-verified within the statutory period, or discrepancies in the beneficial ownership register. Everything is recorded with a timestamp and digital signature — exactly as the FIU requires.
Conclusion
An AML questionnaire is not a one-off task. We recommend going through it at least once every 6 months and always when changing your business model, adding a new type of client, or when legislation changes. Prevention is always cheaper than a fine.
Do you want to have your documentation ready for an FAU inspection? Start AML PROOF and keep all your obligations under control.