Table of contents
- Why is AML training a legal duty?
- Who must complete AML training?
- How often must training be carried out?
- What must AML training include?
- How to keep training records correctly?
- What fine may apply for non-compliance?
- Who can provide AML training — must it be a specialist?
- E-learning vs. in-person training: what does the law allow?
Why is AML training a legal duty?
The duty to train employees in preventing money laundering follows directly from Section 23 of Act No. 253/2008 Coll. (the AML Act). It applies to all obliged entities without exception, including real estate agents, accountants, tax advisers, lawyers, notaries and other entities listed in Section 2 of the AML Act.
The purpose of training is not only to satisfy a formal requirement. A trained employee must be able to recognize a suspicious transaction and know what to do next. Without this, it is not possible to meet the reporting duty to the FAU or manage AML risks in practice. Training is also one of the key mitigating measures an obliged entity applies against the inherent money-laundering risks in its business.
Who must complete AML training?
The group of persons who must be trained is defined by Section 23(1) and (2) of the AML Act. Training applies to:
- employees of the obliged entity who may encounter suspicious transactions while performing their work
- persons outside a standard employment relationship, such as collaborators, self-employed contractors or subcontractors, if they may encounter suspicious transactions while working for the obliged entity
The obliged entity is responsible for ensuring that these persons complete the training, not the employees or collaborators themselves.
Note: The law does not treat a language barrier as an excusable reason. Under FAU Methodological Guideline No. 6, every employee who may encounter a suspicious transaction must be trained, regardless of whether they are a foreign national. If such an employee cannot follow the internal policies because of a language barrier, that is a problem with the obliged entity's overall setup.
How often must training be carried out?
Section 23(1) of the AML Act sets out two separate duties:
| Situation | When to train |
|---|---|
| Existing employees | At least once during every 12 calendar months |
| New employee / collaborator | Before assignment to a position where they may encounter suspicious transactions |
A new employee must not perform the position independently before completing the training. If they work the whole time under the direct supervision of another trained colleague, the training may be postponed, but always before the first independent work.
In Methodological Guideline No. 6, the FAU recommends adding training outside the statutory annual cycle in these situations:
- when introducing new products, services or technologies that create new AML risks
- when AML legislation changes significantly or the FAU issues new methodological guidance
Procedures for conducting training must be part of the obliged entity's system of internal policies.
Training as part of your AML system, not another task on top
In AML PROOF, the e-learning course is built directly into the platform. An employee logs in, completes the course, the certificate is generated automatically and the record is saved to your organization profile. When the law changes, the content is updated — you do not have to do anything.
What must AML training include?
The required training content is defined by Section 23(3) of the AML Act. Mandatory topics are:
- Typologies and signs of suspicious transactions — which situations are signals for reporting to the FAU.
- The obliged entity's requirements for client identification and due diligence — concrete internal procedures, not just general information.
- Procedures for identifying client risk factors — how to assess risk in practice.
- Procedure when a suspicious transaction is identified — what to do from the moment of suspicion through filing the suspicious transaction report.
The law also expressly requires training content to be continuously supplemented and updated. Static training from 2022 that has not been updated since then does not meet the statutory duty. It is recommended to include the current wording of the internal policies and the obliged entity's risk assessment so employees work with live internal procedures.
How to keep training records correctly?
Under Section 23(4) of the AML Act, the obliged entity must keep records of attendance and training content for at least 5 years from the date of the training.
The records must be immediately available during an FAU inspection. Acceptable forms of documentation include:
- an electronic e-learning record with the participant's name and date
- original attendance sheets signed by participants
- completion certificates with the date and topic
The records do not need to be physically stored at every branch. It is enough that they are centrally available and can be produced whenever the supervisory authority requests them.
What fine may apply for non-compliance?
If an obliged entity fails to ensure employee training under Section 23 of the AML Act, it commits an offence under Section 48(6) of the AML Act. Sanctions include:
- basic rate: a fine of up to CZK 5,000,000 (Section 48(8) of the AML Act)
- for serious, repeated or systematic breaches: up to CZK 30,000,000, and for financial institutions up to CZK 130,000,000 or 10% of annual turnover
At the same time, failure to train significantly increases the risk that employees will not recognize a suspicious transaction. This creates a secondary risk: an offence for failing to meet the reporting duty (Section 46 of the AML Act, fine up to CZK 5,000,000). Both sanctions may apply at the same time.
Who can provide AML training — must it be a lawyer or specialist?
The AML Act does not prescribe any qualification for the lecturer. The obliged entity may arrange training externally (a law firm or AML consultant), internally (its own trained employee) or through e-learning. The law evaluates the result — whether employees know the procedures needed to recognize and report a suspicious transaction — not who delivered the training.
Key requirements that must be met regardless of the form:
- the content matches Section 23(3) of the AML Act
- the training reflects the obliged entity's current internal policies and risk assessment
- attendance and content records are kept for at least 5 years
A practical trap of external training: a generic presentation from a lawyer that does not reflect your specific processes and internal policies meets the statutory duty only formally. During supervision, the FAU assesses whether employees actually know how to proceed in your organization, not in general.
E-learning vs. in-person training: what does the law allow and what works better in practice?
The law does not limit the form of training. In-person, online and hybrid formats are all lawful. The decisive factors are the content and the records.
In practice, e-learning has three major advantages:
- Scalability: a new employee can complete the course on their start date, without waiting for a group training session.
- Audit trail: the system automatically records who completed what and when, so FAU-ready evidence is created automatically.
- Current content: when the law or internal policies change, the course is updated centrally and everyone works with the valid version.
In-person training is strongest where you need interactive discussion of specific cases from your practice, for example during MLRO onboarding or when introducing a new type of business with higher ML/TF risk.
The ideal combination for most non-financial obliged entities: e-learning as the basis for annual periodic training and onboarding of new employees, plus an in-person workshop once a year for the MLRO and management.
AML training, records and client checks in one place
You do not need three different tools. AML PROOF combines employee training, client identification, PEP screening and internal policies in one connected platform.