Case study
AML Certification Centre — From Pilot Cohort to 14,000-Learner Platform
We took a 4-week rental MVP and turned it into a CPD-accredited platform serving 14,000+ compliance officers across 79 countries.
Public reference: amlcertification.com ↗
Summary
AML Certification Centre runs the CASS (Certified Anti-Money Laundering Senior Specialist) and CAPS programmes across the EU and MENA. We started on the rental tier to validate the business, then rolled out a custom exam engine when the certification body achieved CPD accreditation and needed audit-grade attempt logs. The platform serves 14,000+ active learners across banking, crypto, iGaming, EMIs, and gambling verticals.
Headline
93% learner satisfaction · CPD-accredited · sub-€2 cost-per-certificate
Industry
AML & Compliance
Engagement
Hybrid
The challenge
The team had subject-matter expertise from regulator backgrounds but no in-house engineering. Their existing tooling — a generic course platform plus a separate exam tool plus a manual certificate workflow — could not support the audit trail CPD accreditation demanded, and was bleeding operations time on every cohort.
How we approached it
- Phase 1: launched on rental tier with white-label theming, payment integration, and bilingual EN/ES UI in 4 weeks
- Phase 2: built a custom exam engine with item-response-theory scoring, randomised question banks, and webcam proctoring
- Phase 3: added per-vertical course tracks (Banking, Crypto/VASPs, EMIs, iGaming, Funds & Trading) with shared assessment infrastructure
- Phase 4: integrated certificate verification — public verifiable URL, immutable issue log, revocation support
- Migrated from rental to managed dedicated tenant once revenue justified the move; kept the platform on Bitloom infrastructure
Timeline
- 1
Phase 1 — Rental MVP
Weeks 1–4
- White-label theming on amlcertification.com domain
- EN + ES UI translations
- Stripe + SEPA payment routes with VAT handling
- Two pilot courses live (CASS Foundations, AML Banking)
- 2
Phase 2 — Custom exam engine
Weeks 5–10
- Item-response-theory scoring engine
- Randomised question banks per attempt with anti-cheat
- Webcam proctoring with AI flag review
- Manual review queue for written-answer items
- 3
Phase 3 — Vertical course tracks
Weeks 9–13
- Per-vertical learning paths (Banking, Crypto/VASPs, EMIs, iGaming, Funds & Trading)
- Shared assessment library, vertical-specific exam content
- Recertification windows by vertical
- 4
Phase 4 — Certificate trust layer
Weeks 12–16
- Public verifiable certificate URL (verify.amlcertification.com)
- Immutable certificate issue log (append-only)
- Revocation flow with reason codes
- CPD accreditation audit pack export
Outcomes
- 14,000+ learners onboarded across 79 countries since launch
- 93% learner satisfaction (NPS-derived) measured per cohort
- CPD accreditation achieved with audit-grade attempt logs
- Sub-€2 cost-per-certificate at scale (down from €11 on the previous toolset)
- Cohort operations time reduced by ~70% through automation of certificate issuance and learner onboarding
"Bitloom didn't sell us a platform. They sold us the same boring thing every cohort, which is exactly what an accredited certification body actually needs. Four years in, we still know who to call."
Background
AML Certification Centre was founded by a group of former regulators and bank compliance officers who had spent years frustrated with the gap between training and certification. Plenty of vendors sold AML courses; almost none issued credentials that survived a regulator audit. The founding team had the curriculum and the credibility — what they needed was a platform that could turn private-sector training into auditable, jurisdiction-aware certification.
When we met them, they had been running cohorts manually for six months. Course content lived in Teachable, exam attempts in Typeform, certificates went out as Word-document attachments hand-stamped by an operations lead. It worked at 50 learners per cohort. It was not going to work at 500, never mind 5,000.
Why we started on rental
There is a pattern we have seen enough times to be opinionated about: a brand-new certification body wants a custom-built platform on day one. The maths almost never work. The cohort flow has not yet stabilised, the curriculum is still iterating, and the founders do not yet have the data to defend specific platform decisions. We pitched the rental tier as a 12-month commercial experiment — if the cohorts grew, we would build custom; if they did not, the team had not blown a six-figure budget.
Four weeks after the kickoff call, the platform was live on amlcertification.com with two pilot courses, Stripe + SEPA payments, and full bilingual EN/ES support. The first cohort enrolled 87 learners, paid up front, and completed at a 92% rate. That was the signal.
When custom kicked in
CPD accreditation was the trigger. The Continuing Professional Development standard required a level of audit-trail granularity the rental tier was not designed for — every learner action immutably logged, every exam attempt reproducible from raw event data, every certificate issuance traceable to a specific scoring decision.
We ran a one-week paid discovery sprint with the operations lead, two subject-matter experts, and a senior engineer from our side. The output was a 32-page spec covering the new exam engine, the audit-log architecture, and the migration plan from rental tenant to dedicated managed instance. The discovery fee credited 100% against the build.
The build itself ran 12 weeks across three overlapping phases. The exam engine was the hardest piece — item-response-theory scoring is straightforward in theory, but reliability is hard when proctoring, randomisation, and partial credit interact. We shipped a deliberately simple version first, exposed it on staging to two early-adopter cohorts, and tightened the algorithm based on real attempt data before going to general availability.
What surprised us
Three things we did not predict at kickoff:
Certificate verification became the killer feature. A simple page at verify.amlcertification.com where anyone can paste a credential ID and see the issue date, holder, and credential type. Compliance officers downstream — at banks, crypto exchanges, gaming operators — used it constantly. Internal estimate: it cuts ~30% of inbound “is this person actually certified?” emails for the centre’s clients.
Spanish localisation was load-bearing. Both the LATAM and the Spain market grew faster than the EN cohorts in months 6–18, which meant the bilingual scaffolding we built in Phase 1 was a much bigger lever than we expected. The team is now adding Portuguese.
The audit trail paid for itself within a year. A regulator inspection in 2024 was cleared in two days because the audit pack export reconstructed exactly what happened in every flagged exam attempt. Without that infrastructure, the investigation would have been weeks of manual reconstruction.
Where it is now
The platform serves 14,000+ active learners across 79 countries. Cohorts run weekly across five verticals (Banking, Crypto/VASPs, EMIs, iGaming, Funds & Trading). Operations time per cohort dropped roughly 70% from the manual baseline. Cost-per-certificate is below €2 at current scale.
We still operate the platform; the AML Certification Centre team handles content, marketing, and learner support. Roadmap is shared, with quarterly planning sessions. The relationship has held for four years because both sides keep the contract boring: clear scope, named engineers, written changes.
What we learned
- Going rental-first was the right call. We avoided a 6-figure custom build before we knew the business worked.
- The migration credit clause (rental fees credit against custom build) saved both sides from arguing later.
- Certificate verification ended up being the highest-leverage feature we shipped. Compliance officers asked for it constantly; once it shipped, support tickets dropped 30%.
- Webcam proctoring is the feature buyers ask about and learners hate. We made it optional per cohort and let cert-body buyers decide.
Want fuller details under MNDA?
On request we share extended versions of NDA cases with named clients, architecture diagrams and full delivery numbers, under a mutual non-disclosure.