Anti-money laundering (AML) compliance is not just a check-the-box requirement. For fintech companies operating across borders, it is a make-or-break capability that directly impacts onboarding speed, operational efficiency, sustainability and regulatory trust. STARKS, a trade-finance-driven fintech operating in more than ten jurisdictions, understands this better than most.
Their Head of Compliance, Kehinde Bamidele, shares what it really takes to stay compliant in a world where regulatory frameworks are shifting constantly. Her team navigates changes by localizing policies, automating screening and reporting, and leaning on a well-structured internal rulebook. But they also know when to rely on people—whether through legal advisors, external AML consultants, internal training, or manual reviews.
From Canada's sweeping RPAA reforms to verifying UBOs in Africa, Bamidele's team handles jurisdictional complexity with precision and discipline. This behind-the-scenes look at STARKS's compliance operation reveals how regulation can be managed, even at scale, without compromising efficiency.
This article breaks down STARKS’s approach into seven key focus areas, providing a practical, real-world example of how to build scalable AML governance in a fast-growing organization.
Waiting for official regulatory notices is not enough when you’re managing compliance in over ten countries. According to Bamidele, regulators don’t always send updates in time. In fact, her team often discovers new rules via LinkedIn, where compliance professionals break the news ahead of the regulator itself.
To stay ahead, STARKS relies on multiple information streams:
This information is then fed into a central compliance rulebook, which maps out each country’s regulatory bodies, their contact details, and the key regulations that apply. Every compliance officer is expected to use this as a reference point, subscribing to local sources and escalating any regulatory change that impacts operations.
Bamidele emphasizes the importance of internal awareness. “The first thing is to know your regulators,” she says. “From there, everyone goes to the rulebook and subscribes to the relevant sites and newsletters.”
Even with this system in place, the team has to stay vigilant. AML advisors might miss updates, particularly when they concern niche financial intelligence units. That’s why STARKS takes a decentralized yet disciplined approach to information gathering.
Operating in multiple jurisdictions means facing a wide range of regulatory nuances. STARKS manages this complexity through a tiered compliance structure. At the top level, there are general rules that apply across all markets. Below that, there are specific sections that address the local laws of each jurisdiction.
This model allows the company to scale without sacrificing accuracy.
Take Canada’s updated FINTRACreporting requirements, for example. Once the new rules were announced, the team conducted an internal review, identified areas that needed change, and localized the Canadian section of their AML policy. They also rolled out jurisdiction-specific training for the compliance officers affected.
According to Bamidele, the process is all about asking the right questions: “What is new? What do we already have? What’s applicable only to one jurisdiction, and what can we apply company-wide?”
Another area where localization matters is in the verification of Ultimate Beneficial Owners (UBOs). While many regulators use a 25 percent ownership threshold, others have stricter requirements:
To simplify this, STARKS categorized its internal rules into two broad risk tiers. High-risk jurisdictions and those with specific local requirements are treated with lower verification thresholds like 5 or 10 percent. Others default to 25 percent.
This strategy reduces confusion during onboarding. As Bamidele explains, “You don’t need to memorize every country’s rules. The dashboard shows you what applies, based on the jurisdiction.”
When a new rule drops, compliance doesn’t stop. STARKS follows a structured process to ensure regulatory changes are not only understood but embedded.
This includes:
Canada’s Retail Payment Activities Act (RPAA) is a clear example. The act was large and dense, so the team hired external legal counsel in Canada to simplify the document. They then attended webinars hosted by industry bodies like AdvoPay and collected official guidelines from the Bank of Canada. All of this was synthesized into a training process and rolled out internally.
The final step? Preparing a board report to secure approval before implementation.
“Only after getting board approval did we begin,” says Bamidele. “And even after that, we had to monitor the new SOPs because people tend to forget there’s a new rule.”
STARKS’s compliance tech stack is broad and designed for automation. It includes:
Through these systems, STARKS has automated:
However, the tools are not perfect. Refinitiv, for instance, cannot verify national ID cards from certain countries. As a workaround, clients are often asked to obtain passports, or STARKS subscribes to local services like Nigeria’s NIBSS for identity verification.
This patchwork approach can create friction. “That’s why we’re looking for a more unified platform,” says Bamidele. “Ideally, one that can localize better and reduce vendor switching.”
Despite multiple tools, everything is API-connected. The goal is to consolidate functions in the future without compromising flexibility.
Even with automation, there’s no escaping the human element. Certain cases require manual escalation, especially when dealing with high-risk entities or complex ownership structures.
This includes:
The onboarding hub helps by enabling communication, reminders, and document requests without leaving the platform. But in many cases, decisions still come down to human judgment.
Bamidele notes that entities with layered ownership can be particularly taxing. “Sometimes you’re chasing 10 documents to reach the final UBO,” she explains. “That complexity can’t always be automated.”
She credits STARKS’s relationship managers for helping manage client frustration. “Clients get tired easily. Relationship managers help maintain trust while we do our due diligence.”
To ensure consistency, STARKS invests heavily in internal training. Topics range from high-level AML updates to local SOP walkthroughs.
Depending on the complexity, sessions may be led by internal officers or supported by AMLadvisors. All trainings are recorded, and attendance is tracked via the onboarding hub. Quizzes and reminders help reinforce learning.
Other elements of their governance process include:
These systems help STARKS prepare not just for current compliance needs but for what’s coming next.
Looking ahead, Bamidele expects two simultaneous trends. Regulation will become more harmonized globally but also more demanding.
She points to emerging similarities between Canada and the UK, particularly around safeguarding and customer fund protection. Even post-Brexit, the UK’s policies remain closely aligned with the EU.
This trend is largely driven by the FATF, whose recommendations are being mirrored by regulators in multiple jurisdictions.
“Regulators are seeking input before implementing rules, which is encouraging,” Bamidele says. “But we still expect stricter standards.”
To prepare, STARKS is:
At STARKS, compliance is viewed not as an administrative burden but as a core business function that protects the company and enables growth.
The formula is clear: a clear internal structure, deep jurisdictional knowledge, sharp legal/AML support, and automation wherever it makes sense.
“Compliance doesn’t bring in money,” Bamidele concludes, “but it makes sure you don’t lose it.”