Skip to content

KYC and AML for payments PM interviews: what to expect and how to prepare

A guide to KYC and AML for payments product manager interviews, covering the core concepts, the tradeoffs interviewers probe, and how recent regulation shapes the questions.

On 15 July 2026, the UK Financial Conduct Authority begins regulating buy now, pay later products as deferred payment credit. For years these installment plans sat outside formal lending rules, and now they fall under the Consumer Duty, affordability checks, and complaints handling. If you interview for a payments product manager role this year, this change is a useful lens. Compliance is no longer a back-office function that a PM can hand to a legal team. It shapes the product, the onboarding flow, and the roadmap.

Why interviewers ask about compliance

Payments companies move money, and moving money brings obligations. Know your customer (KYC) rules require a business to verify who its users are before it opens an account. Anti-money laundering (AML) rules require the same business to watch how money flows and to report activity that resembles laundering. A product manager who ignores these rules can ship a feature that later triggers a regulatory shutdown. So interviewers want to see that you treat compliance as a core part of the product design.

There is a second reason. Compliance sits on the critical path for launch, so a PM who understands it can plan realistic timelines. A PM who treats it as an afterthought often promises a date that becomes a missed deadline.

Concepts to have ready

Start with the customer identification program, the set of steps a firm uses to confirm identity. For a consumer this usually means a name, a date of birth, an address, and a government identification number. For a business it extends to beneficial ownership, the real people who own or control the company. Customer due diligence (CDD) is the risk rating you assign after identification, and higher-risk customers receive enhanced due diligence. Transaction monitoring is the ongoing system that flags patterns like structuring, where a user breaks a large sum into smaller amounts. When a pattern looks suspicious, a compliance officer files a suspicious activity report with the financial intelligence unit. Sanctions screening checks users and payments against government lists such as the OFAC list.

You should also know the Travel Rule, which requires firms to pass sender and recipient information along with certain transfers. Regulators now apply this rule to many crypto transfers, so it comes up in interviews at digital asset companies.

One idea ties all of this together: the risk-based approach. Regulators expect a firm to spend more effort on higher-risk users and less on lower-risk ones, rather than applying one heavy process to the entire user base. In an interview you can use this idea to justify a tiered onboarding flow, where a small first transaction needs light verification and a larger limit needs more documents.

How compliance shows up in interviews

A product sense question might ask you to design onboarding for a new checking account. A complete answer covers identity verification, document capture, and the moment you screen a user against sanctions lists. You would also name the tradeoff between friction and conversion, because every extra field costs you sign-ups. A system design question might ask you to build transaction monitoring for a payments app. Here you would describe rules engines, machine learning models, case management for analysts, and the feedback loop that tunes false positives. An execution question might ask how you would cut onboarding drop-off without weakening controls. The answer that lands connects a metric, like completion rate, to a specific change, like reordering steps or adding document autofill.

The tradeoffs you should discuss

Every compliance decision has a cost, and the interview rewards candidates who name both sides. Tighter KYC lowers fraud and regulatory risk, and it also raises abandonment during sign-up. Looser screening improves conversion, and it raises the chance of a fine or a consent order. A useful framing is risk appetite, the level of exposure a company accepts on purpose. You can tie this to money by weighing the cost of a false decline against the cost of a missed laundering case. Naming that math shows the interviewer that you think like an owner.

False positives deserve special attention. A monitoring system that flags too much buries analysts in low-value alerts, and a system that flags too little lets real crime through the door. The PM job is to tune that balance and to measure it with numbers like alert precision and case resolution time.

Regulation keeps moving

The July change in the UK is one example of a wider pattern. The FCA now requires affordability assessments and clear disclosures for deferred payment credit, and firms had a temporary permissions window in the spring. In the European Union, the Authority for Anti-Money Laundering and Countering the Financing of Terrorism started operations in July 2025 and is building a single rulebook across member states. That authority plans to finalize its risk assessment methodology in 2026, with direct supervision of the highest-risk firms arriving toward the end of the decade. You do not need to memorize every rule, and you should show that you follow the direction of policy.

How to prepare

Pick two payments companies and read their compliance and trust pages. Learn the difference between KYC at onboarding and ongoing monitoring, because interviewers probe that boundary. Practice one onboarding design and one monitoring design out loud, and hold each answer to about six minutes. Keep a short glossary of terms like CDD, EDD, SAR, and beneficial ownership. Prepare one story where you balanced a control against growth, since behavioral rounds reward that kind of experience.

Compliance work rewards product managers who make safety usable for real customers. Treat the interview as a chance to show that judgment. Teams hire the candidate who moves money safely and still respects the customer's time.

Back to Live Blog