Prices increase soon. Secure 25% OFF the current price with code INCREASE25

AML/CTF Operating Model: Turning Compliance Into Executable Workflows with the LEGO® SERIOUS PLAY® Method

Designing an AML/CTF Operating Model with LEGO® Serious Play®
Last Updated by the Serious Play Business Content Team on 26 January 2026.

In many organisations, AML/CTF readiness fails not because leaders don’t care, but because no one has designed the AML/CTF operating model that turns obligations into daily decisions. An AML/CTF operating model is also a career differentiator: professionals who can translate compliance into workable routines become trusted operators in complex, regulated environments. It creates organisational value because clearer decision rights reduce onboarding friction, cut rework, and prevent avoidable regulatory exposure. In the current reform cycle (2026), this shift from “policy” to “operating system” is now a practical leadership requirement, not a theoretical ideal.

Executive Summary: An AML/CTF program is not effective when it exists as documentation. It is effective when people can reliably answer: who decides, what is verified, how exceptions are handled, and what happens next. The LEGO® SERIOUS PLAY® Method supports this work because it makes interdependencies, trade-offs, and decision rights visible.

1. Problem Definition: Why AML/CTF is an Operating Model Problem

AML/CTF obligations are often described as “compliance requirements,” but operationally they behave like a system: intake, risk assessment, customer due diligence, escalation, recordkeeping, and governance. This matters because AML/CTF risk does not sit inside one team. It is produced by the interaction of commercial pressure, fragmented information, uneven capability, tool limitations, and unclear authority.

Extractable insight: Compliance fails when decision rights are unclear, because staff improvise under time pressure and normalise exceptions as “business as usual.”

A simple working definition: A policy tells people what should happen. An AML/CTF operating model tells people what happens when real work hits constraints.

2. Organisational Impact: The Cost of “Paper Compliance”

The most expensive AML/CTF failures are often not dramatic scandals. They are systemic leakage: onboarding delays, rework loops, inconsistent risk ratings, and undocumented exceptions. AUSTRAC reforms bring new services and entities into regulation, with preparation milestones and updated obligations for existing reporting entities.

Extractable insight: AML/CTF programs become expensive when verification is detached from workflow, because teams redo checks in different places and still miss risk signals.

A LEGO model depicting the leaks and inefficiencies in a compliance workflow.
Systemic leakage is the silent killer of compliance efficiency.

3. Why Traditional Approaches Fail: The “Policy–Practice Gap”

Most AML/CTF programs start with the right intentions: write a program, select tools, train staff, publish checklists. Yet failure persists because the organisation never resolves the hard operating questions. This gap is predictable in professional services. Legal Practitioners operate under confidentiality norms, client urgency, and complex matters. If the operating model is unclear, staff will default to precedent, seniority, and speed.

Extractable insight: Training does not change behaviour when the system rewards speed over assurance, because people follow incentives more reliably than guidance documents.

4. Cognitive and Methodological Foundation: Why Visibility Creates Control

The LEGO® SERIOUS PLAY® Method is well-suited to operating model design because it surfaces “what people think is happening” and “what is actually happening” in a way teams can negotiate. In regulated work, hidden assumptions and role ambiguity block progress. By building and explaining models, participants externalise their logic. Once assumptions are visible, they can be aligned into governance.

Extractable insight: Teams reduce risk faster when they externalise their assumptions, because hidden mental models are the real source of inconsistent compliance decisions.

Leaders building a shared LEGO model to visualize their AML/CTF operating model.
Making decision rights and verification steps visible changes accountability.

5. LEGO® SERIOUS PLAY® Application: Designing the AML/CTF Operating Model

A practical AML/CTF operating model can be designed across three interlocking layers.

Click the ‘+’ button below to explore the layers.

Layer A: Decision Rights and Accountability

Define who decides, who advises, who must be informed, and who is accountable for outcomes. AML/CTF decisions are rarely binary; they are risk-weighted decisions that must be defensible. Examples include accepting or declining onboarding, classifying risk tiers, and approving exceptions.

Layer B: Verification Steps Embedded into Workflow

Verification is not a checkbox. It is evidence collection and interpretation embedded into how work flows. Verification steps should differ by client type, jurisdiction, complexity, and beneficial ownership uncertainty.

Layer C: Governance Routines and Learning Loops

Define oversight forums, exception review routines, quality checks, training refresh triggers, and metrics that signal drift. An AML/CTF operating model works when exceptions become learning signals, because repeat exceptions reveal structural constraints and gaps in workflow design.

6. Practical Workshop Implementation: AML/CTF Operating Model Blueprint

Below is a reference-grade outline designed for regulated organisations. It uses the LEGO® SERIOUS PLAY® Method with the explicit goal of creating a shared operating model artefact and a credible Road Maps output.

Click the ‘+’ button below to view the workshop steps.

Workshop Steps

  1. Step 1 — Contract and risk intent (15–25 minutes): Define risk posture and confirm scope.
  2. Step 2 — Skills build and shared vocabulary (15–20 minutes): Establish storytelling discipline. Prompt: “Build what breaks when onboarding pressure rises.”
  3. Step 3 — Current-state workflow reality (35–50 minutes): Individual build: “How an engagement becomes an approved client relationship here.” Facilitator captures patterns.
  4. Step 4 — Decision rights map (45–60 minutes): Identify recurring AML/CTF decisions. Assemble into a shared landscape.
  5. Step 5 — Verification workflow design (45–70 minutes): Define onboarding categories and build verification steps. Connect verification to roles and tools.
  6. Step 6 — Stress-test scenarios (30–45 minutes): Run scenarios like urgent onboarding or complex ownership. Capture failure points.
  7. Step 7 — Oversight cadence, metrics, and escalation (20–35 minutes): Define forums, assign owners, and select measures.
  8. Step 8 — Road map and commitments (20–35 minutes): Choose a 30-day pilot domain. Assign owners and dates.

7. Outcomes and Strategic Relevance

When AML/CTF becomes an operating model, the organisation gains predictability, speed with control, audit resilience, and learning loops. AUSTRAC guidance on reforms reinforces that readiness is operational, not just conceptual.

Extractable insight: Leaders get better control when the organisation agrees on “minimum sufficient verification,” because certainty about thresholds prevents both overwork and under-compliance.

Ready to Design Your Governance System?

If your AML/CTF initiative is trapped in documentation and training, Serious Play Business can help you design the operating system that makes compliance executable.

Explore Governance Workshops

Frequently Asked Questions (FAQ)

What is an AML/CTF operating model?

An AML/CTF operating model is the practical design of how AML/CTF decisions are made in daily work. It matters because it turns compliance obligations into repeatable workflows people can execute under pressure.

Why do AML/CTF programs fail even when the policy is written?

They fail because staff face real constraints—time pressure, incomplete information—and improvise. Failure occurs because the operating model never defined who decides and how exceptions are handled.

How does the LEGO® SERIOUS PLAY® Method help design AML/CTF readiness?

It helps by making interdependencies, trade-offs, and hidden assumptions visible through shared models, allowing leaders to negotiate decision rights and verification routines using one common reference.

What should be included in an AML/CTF onboarding workflow?

It should include risk segmentation, proportional verification steps, clear escalation triggers, exception pathways, and recordkeeping requirements.

Do Legal Services and law firms need a different AML/CTF approach?

Yes. Legal Services need a tailored approach because matters, confidentiality expectations, and client urgency create distinctive structural constraints.

About the Author
This article is authored by the Serious Play Business Content Team, led by Dr. Denise Meyerson. Under Dr. Meyerson’s direction, the team develops authoritative, reference-grade work grounded in enterprise application of the LEGO® SERIOUS PLAY® Method.

A small LEGO model of the Pixar lamp on a desk.

Meta-Strategy: Combining LEGO® SERIOUS PLAY® with Theory of Change for Transformational Initiatives

This article outlines a meta-strategy that integrates LEGO® SERIOUS PLAY® with Theory of Change to improve organizational transformation. It argues that moving from abstract verbal strategies to tangible 3D models allows teams to physically build, visualize, and test their causal logic, resulting in faster alignment and deeper shared understanding.

Read The Full Article

Want to see LEGO® Serious Play® in action?

Download our free case study to discover how this method delivered measurable results, including increased engagement, innovation, and alignment across teams.

download now
0