How can we help? How can we help?
  1. Box+Dice Help Centre
  2. Settings
  3. CRM

Control access to AML/CTF Due Diligence

Eagle Support Eagle Support

Summary

Learn how to control which users can create, edit, and manage AML/CTF Due Diligence checks in Box+Dice, and what users without AML access can still see, so you can configure roles correctly and reduce confusion when users can view AML status but cannot take action.

This article covers:

About AML/CTF Due Diligence access

AML/CTF Due Diligence access controls who can interact with AML checks in your system. This includes creating a new AML check, editing an existing check, and managing AML records linked to listings.

Recent changes to AML visibility mean users without the relevant AML privilege may still be able to see whether an AML check exists and whether it is in progress or completed, even if those users cannot open the AML record or take action on it.

This is useful for teams that need visibility into compliance progress without granting every user permission to manage AML records directly.

Assign AML privileges to a role

Use Access settings to control which roles can use AML/CTF Due Diligence features. Access Control Levels are managed from the General settings area, where modules can be expanded to reveal available privileges for each part of the system.

To open the Access settings:

  • Go to: Settings > General
  • Select Access
  • Expand Contacts
  • Select AML/CTF Due Diligence
AML_CTF-Due-Diligence.png

Roles determine which users can access specific functions in Box+Dice. Once you open Access settings, you can add or remove roles against the privileges available for a module

To assign AML privileges to a role:

  • Select the AML privilege you want to configure
  • In the Roles panel, add or remove the relevant role
AML_CTF-Due-Diligence-roles.png
  • Select Add.
Tip: Review AML access for manager, admin, and office support roles first, then decide whether agents need full AML access or only status visibility. This aligns with how AML visibility currently works for users without edit permissions.

Understand AML privilege options

AML/CTF Due Diligence privileges control which AML actions a user can perform. Users with the relevant AML privilege can start new AML checks and interact with existing AML records, while users without that privilege cannot.

The AML privilege options include:

  • Create a new AML Check or edit an existing AML Check
  • Remove a listing from an AML Check or delete an AML Check

The first privilege is the key permission for day-to-day AML activity, as it allows users to initiate new AML checks and interact with existing AML records.

The second privilege controls higher-level maintenance actions for AML records linked to listings. This should generally be limited to trusted admin or compliance-focused roles unless your business wants broader control over AML record management.

Understand what users with AML privileges can do

Users with the relevant AML privilege can actively work with AML records once the AML module is enabled. Authorised users can create a new AML check, edit an existing AML check, and interact with the AML feature set.

Users with AML privileges can:

  • Start a new AML check
  • Edit an existing AML check
  • Open AML details
  • Access AML file attachments and related record details

These permissions work alongside the AML Compliance Module, which is enabled separately through Settings > CRM > AML/CTF Due Diligence Settings.

Understand what users without AML privileges can still see

Users without the relevant AML privilege no longer lose all AML visibility. Those users can still see whether AML exists for a contact or a listed contact, and whether the AML check is in progress or completed.

Users without AML privileges can still:

  • See whether a contact has an AML check in progress or completed
  • View AML status indicators against relevant contacts on listings
  • Use those status indicators to identify whether AML has started, is in progress, or has been completed.

Coloured AML indicators help users recognise whether AML is complete or still needs attention, even if those users are not allowed to manage the AML record directly.

Understand what users without AML privileges cannot do

Even though users without AML privileges can view AML status information, they cannot perform AML actions unless the relevant privilege has been assigned.

Users without AML privileges cannot:

  • Start a new AML check
  • Open AML details
  • View AML file attachments
  • Interact with the AML record beyond basic visibility of its status

This distinction is important because a user may see an AML status badge in the UI but still be blocked from opening or editing the AML record.

Tip: If your team uses a dedicated compliance officer or administrator to manage AML, consider granting broader AML privileges only to those roles while allowing general users to rely on status visibility for awareness.

What's next?

Use the anti-money laundering compliance module for creating and managing AML records from contacts, listings, and appraisals.

Learn how to update access control levels for a comprehensive understanding of how ACLs and roles function in Box+Dice.

Articles in this section