Hilko van Rooijen

Hilko van Rooijen, Head of AML/CFT Compliance at Adyen, thank you so much for speaking to us in the lead up to the Leaders in Finance AML event on the 2nd October 2025. To begin, could you please introduce yourself and tell us a little about your background?

Of course, I’m Hilko van Rooijen, Head of AML/CFT Compliance at Adyen, I’ve been doing this for one and a half years, after working for quite some time as a consultant in the field of financial crime, with a background in data and technology. I then joined our AML Compliance team. From a second-line perspective, we’re responsible for managing the AML Compliance framework in all the jurisdictions where Adyen is licensed. That includes the Netherlands and Europe, but also for example the UK, US, Brazil, India, Singapore, and Australia – so, on a global scale.

This year will be the fifth edition of the AML event. You were there at the first one. Looking back over those five years, what do you see as the most positive shift in the AML ecosystem?

We’ve seen the discussion progressing, and I remember the first edition in 2020 very well. Back then, it was still a bit sensitive to talk about the risk-based approach. I think that’s the most important advancement we’ve made. Especially since DNB launched the report ‘From recovery to balance’, we’ve really shifted the dialogue in the industry in a new direction. The approach has always been risk-based – we can trace it back to the original FATF recommendations in the early stages of AML, where it was already clearly stated. But I think recalibrating what that means is crucial. In the aftermath of those reports, the roundtables, and the work that NVB did in the Netherlands, there’s been a major shift.

In my personal view, this is absolutely the right direction: finding a balance between the impact on customers and addressing financial crime, moving the focus away from technical compliance and toward risks – what truly matters, what the outcomes are, and how effective the work against financial crime is. Of course, many people would like to see faster progress, but that’s the nature of the process. ‘From recovery to balance’ has definitely been a game-changer in The Netherlands.

You work at a Payment Service Provider, some other speakers represent the Dutch banks. Compared to them, what are some of the main differences in your KYC approach?

A lot is the same, because the standards and regulations give you a framework. Moreover, Adyen is also having Banking licenses, with the strategic ambition to further develop as a full service Financial Technology Platform. But if I can highlight two things: first, we take a truly global approach. Much of our compliance framework is based on Dutch regulations, but we also have to meet the requirements of other jurisdictions. We try to do this as much as possible at a global level. That means the same procedures, the same processes, and the same type of execution are available everywhere. Many of the operations are also centralized. And because that has been the company’s growth strategy overall, it’s something we can really leverage. Scalability is very important, also from a compliance perspective.

The second difference is that Adyen is a growth company – quite dynamic – constantly introducing new products and services. I’m not saying Dutch banks don’t do that, but for us, it’s our bread and butter. The whole company is about change, more than about stability. That’s very interesting, because there is a continuous launch of new types of products and setups, and our teams are continuously assessing: how could financial crime potentially occur with these products, and how can we build frameworks and controls around them.

That’s a huge challenge. So, at Adyen, what achievements in the KYC compliance process are you most proud of, either personally or as an organization?

That’s a difficult question. And that’s maybe the irony in our field – it can be hard to claim successes. If you’ve carried out a very good investigation, and I’ve seen quite a few impactful ones at Adyen where law enforcement gave feedback that it really made a difference, that’s great. But often that doesn’t happen. Even if you think you’ve done a good job, you don’t always know the outcome. If you make the difficult decision to terminate a customer relationship because of financial crime compliance, that’s also not something we celebrate in the office. And in the most impactful cases, we can’t share details publicly because they need to remain confidential.

The main area where our teams feel most rewarded, I think, is when we as a financial institution are at the starting point of strong law enforcement action, and we see our work being picked up. That’s ultimately where our anti-financial crime purpose should lie. Those are the cases we’re most proud of. Looking at it more strategically, I think our key challenge is developing our AML program in a way that is proportionate to the size and complexity of our business. That’s our key challenge, and something we work on every day, and in that journey, I’m proud of many achievements and the people that made that possible.

What do you see as the biggest challenges in the next five years for the AML ecosystem?

I appreciate the question. It’s maybe a bit unfortunate, but I’m going to mention AMLR and the EU AML package here. It’s still somewhat open, even though it started almost two years ago. The original intent of this framework was about harmonization, strengthening the EU system, and protecting EU citizens. That’s very understandable, and in my personal opinion, still very positive.

Where I think the challenge lies is that, as we move towards implementation, we see a big risk of the financial sector being drawn into bureaucracy. We just talked about the progress we’ve been making in the Netherlands around the risk-based approach, and I believe we run the risk of loosing momentum. Because if you look at the EU AML package, there’s a strong focus on rules. It’s not very clear to me how that translates into better outcomes in fighting financial crime. Essentially, you just get more rules and guidelines. From our perspective as a financial institution, that’s not necessarily what we need to be more effective against financial crime.

Instead of more rules, we would hope to see a stronger focus on outcomes and on better collaboration across the sector and with the public sector. I’m concerned it will be difficult to drive a risk-based approach in this context, and I fear we’ll end up talking more about technical compliance again.

You mentioned AMLA and AMLR. From your perspective, what are the key opportunities the AMLR and AMLA create for international cooperation – especially given your international footprint and focus on scalable compliance?

That is also where we hope to see benefits from AMLR and AMLA for ourselves as financial institutions, because the rulebook is becoming more harmonized. That consistency will be a clear advantage for financial institutions. I also have high hopes for how these reforms can strengthen cooperation among FIUs. They already collaborate, and the Dutch FIU, for example, has been a strong driver of international efforts. But if AMLA can further support this – through better information sharing and clearer priority setting – then both FIUs and law enforcement will be able to collaborate even more effectively at the international level.

What skills do you think will be essential for AML professionals over the next 5 to 10 years? I noticed on your LinkedIn that you’ve been posting vacancies in areas like AML analytics and transaction monitoring – what kinds of skills are you focusing on when hiring?

Maybe I can pick just one, because our teams cover a wide range of skill sets. We need investigators, architects to design new frameworks, counselors or lawyers, tech and data experts, and highly trained “special forces” who can dive into the most complex cases. So we need many different types of professionals working together – and just as important, they need to collaborate.

If I had to highlight one skill, it would be risk-based thinking. We talk about that a lot with our teams, because it’s essential to maintain our framework and keep the balance healthy and strong. In every policy, risk assessment, investigation, or client review, we encourage our people to think critically about risks and adapt their approach.

That’s not easy. It requires a solid understanding of financial products, how they work, the risks of financial crime, and how criminals could exploit them. But above all, it requires critical thinking. I want AML analysts to develop their own perspective, not just follow procedures or instructions mechanically. Looking ahead, critical thinking is what we’ll continue to need most. And I know – that’s not for people who just want to execute tasks without thinking.

I’m sure many people have asked you about AI and its role at Adyen. I’d like to ask you specifically about AI in relation to the AML professionals. How do you think the dynamic between professional skills and technological innovation will evolve?

It’s top of mind for all organizations, including ours. At the core, I’ve always described AML as the domain of “the lawyer and the nerd,” because you need both: regulatory awareness – understanding what the law requires – and technical advancement – understanding data and technology. Going forward, I believe that will remain true, even in a more AI-enabled world.

Every institution is now developing or experimenting with AI programs for AML, and for good reason. We should be doing that. It may change the day-to-day work of our teams: hopefully less time spent on data gathering and processing, and more on making sound judgments. That’s the goal. But employees will still need to understand the regulatory framework – ChatGPT will not take over that part. So I believe we’ll continue to need both skill sets. The AML professional of the future will still need to be part lawyer and part nerd. Ideally, we need both qualities in the same person.

This year we’ll be speaking on one of the panels at the event. I think many people will be looking forward to hearing your perspective, given your experience at Adyen. You’re bringing a lot of insights and knowledge to the audience. But on the other side, what do you personally get out of it  – of visiting and being at our event?

What I like about the Leaders in Finance event is that the content is always strong. There are many relevant speakers who can bring fresh perspectives – not only from peers in the industry, but also from the public sector and academia. It’s a great way to stay up to date. And secondly, we meet a lot of peers there. It’s a great opportunity to connect with people in the network as well.

Well, Hilko, thanks for taking the time to talk to us in the run-up to the Leaders in Finance AML event on the 2nd of October. I’m looking forward to speaking with you there.

Likewise, thank you.