Conducting an AML Audit AML Compliance Reasons Procedures

  • Slides: 23
Download presentation
Conducting an AML Audit & AML Compliance Reasons, Procedures & Benefits Presented by The

Conducting an AML Audit & AML Compliance Reasons, Procedures & Benefits Presented by The Financial Investigations Division January 24, 2018

Presentation Outline • • • The Regulated Sector & Their Responsibility Reasons for Adhering

Presentation Outline • • • The Regulated Sector & Their Responsibility Reasons for Adhering to AML Standards/Audits Procedures for Conducting an AML Audit (Recommendations) Completing the Audit Risk Based Approach to Supervision Benefits of an AML Audit/Compliance

The Regulated Sector plays a vital role in minimizing Money Laundering risks and is

The Regulated Sector plays a vital role in minimizing Money Laundering risks and is charged with several key responsibilities as prescribed under the various pieces of legislation. These include the submission of: • (Cash) Threshold Transaction Reports (TTR’s) - FI’s • Suspicious Transaction Reports (STR’s) – FI’s & DNFI’s • Listed Entities Reports (TPA) - FI’s • Suspicious Transaction Reports (TPA) - FI’s

The Regulated Sector In addition to the reporting requirements of the Regulated Sector, entities

The Regulated Sector In addition to the reporting requirements of the Regulated Sector, entities are required to: 1. Designate a Nominated Officer 2. Comply with all relevant Orders (Account Monitoring, Production & Inspection, Customer Information) 3. Provide appropriate training for all staff members (especially front-line)

The Regulated Sector The regulated sector includes Financial Institutions (FI’s) and Designated Non Financial

The Regulated Sector The regulated sector includes Financial Institutions (FI’s) and Designated Non Financial Institutions (DNFI’s). Designated Non-Financial Institutions include: o Real Estate Dealers o Public Accountants o Attorneys-at-law o Gaming Machine Operators

Reasons for Adhering to AML Standards/Audits • Legislative – The Proceeds of Crime (Designated

Reasons for Adhering to AML Standards/Audits • Legislative – The Proceeds of Crime (Designated Non-Financial Institution) (Gaming Machine Operators, Real Estate Dealers, Attorneys-at-law, Casino Operators & Public Accountants) Order, 2013 • International Enforcement – Financial Action Task Force (FATF) Recommendations • Risk Reduction

Procedures for Conducting an AML Audit An effective AML program should include: 1. The

Procedures for Conducting an AML Audit An effective AML program should include: 1. The development of internal policies, procedures and controls; 2. Designation of a Compliance Officer; 3. An ongoing employee training program; 4. An independent audit function to test programs.

Policies & Procedures An effective AML Policy should address: • Know Your Customer (KYC)

Policies & Procedures An effective AML Policy should address: • Know Your Customer (KYC) • Politically Exposed Persons (PEP’s) • Record Keeping • Appointment of a Nominated Officer • Risk Profiling • Internal Controls • Know Your Employee & • Training

KYC At a minimum, KYC policies and procedures should address: • Processes that must

KYC At a minimum, KYC policies and procedures should address: • Processes that must be followed to ensure proper identification of customers and those that may be acting on their behalf • Processes for the identification and verification of the nature and purpose of a customer’s business in order for the firm to have a basis for determining whether a transaction is unusual or suspicious

KYC, Record Keeping & Risk Profiling At a minimum, KYC policies and procedures should

KYC, Record Keeping & Risk Profiling At a minimum, KYC policies and procedures should address: • Procedures for the recording and regular review of customer identification and transaction information/records to ensure that the information is current and comprehensive, as well as the retention of such information for a minimum of five years after the transaction was initiated/attempted or had actually taken place, or the business relationship has been terminated; • Procedures clearly indicating the application of KYC due diligence which take into account the level of risk posed to the institution by transacting business with the particular customer;

KYC A business relationship or one-off transaction must not be established or continued until

KYC A business relationship or one-off transaction must not be established or continued until the identity of the customer is satisfactorily determined. Where a potential customer refuses to produce any requested information, the relationship must not commence or the transaction should not proceed.

KYC The following information should be obtained from all prospective customers: 1. True name

KYC The following information should be obtained from all prospective customers: 1. True name and names used; 2. Correct permanent address, including postal address (if different from the permanent address); 3. Date and place of birth; 4. Nationality; 5. At least two (2) referees; 6. Source of funds, and source of wealth, where considered appropriate; 7. Contact numbers (work, home, cell) 8. Institutions may also require the submission of a photograph of the customer for their records.

KYC - PEP’s Senior management should ensure that the personal circumstances, income sources and

KYC - PEP’s Senior management should ensure that the personal circumstances, income sources and wealth of PEPS are known and verified as far as possible, and should also be alert to sources of legitimate third party information. Whilst it is appreciated that efforts must be made to protect the confidentiality of PEPS and their businesses, these accounts must be available for review by the Supervisory Authority, the Designated Authority, and the firms internal compliance officers (including the Nominated Officer) and internal auditors.

Internal Controls & The Nominated Officer Internal Controls: • Assigning the responsibility for AML

Internal Controls & The Nominated Officer Internal Controls: • Assigning the responsibility for AML compliance to an appropriate person who will keep senior management and the Board informed • Providing dual control and segregation of duties as appropriate • Report and maintain records as required

KYE & Training Firms need to be cognizant of the risks attached to having

KYE & Training Firms need to be cognizant of the risks attached to having inadequate systems to deal with for e. g. dishonest employees because the success of the AML and CFT programme depends to a large extent on the integrity of employees. Members of staff must also be sensitised as to their personal obligations under the POCA and the fact that they can be held personally liable for failing to report relevant information to the Designated Authority, or otherwise failing to carry out their responsibilities under the relevant statutes.

Procedures for Conducting an AML Audit • Document the Scope of Examination • Item

Procedures for Conducting an AML Audit • Document the Scope of Examination • Item Request Letter – – – AML/CFT Policy Independent Testing Training Risk Assessment & Customer Ratings Customer Identification Procedures Suspicious Transaction Reporting & Transaction Files Review • Conducting the Audit • Examination Report/Findings

Procedures for Conducting an AML Audit Master AML Policy VS Multiple Policies Customer Information

Procedures for Conducting an AML Audit Master AML Policy VS Multiple Policies Customer Information (KYC) Policy, Transactions & Record Retention Policy, Information Sharing Policy, Know Your Employee & Training Policy, etc.

Procedures for Conducting an AML Audit Are policies being adhered to? This question is

Procedures for Conducting an AML Audit Are policies being adhered to? This question is answered through: o Inspection of records o Observation o Confirmation o Inquiry, etc.

Completing the Audit • Exit/Wrap-up Meeting • Auditors/Examiners Report Ø Adequacy Ø Deficiencies Ø

Completing the Audit • Exit/Wrap-up Meeting • Auditors/Examiners Report Ø Adequacy Ø Deficiencies Ø Recommendations • Management Response

Risk Based Approach to Supervision Rules Based Approach of Supervision VS Risk Based Approach

Risk Based Approach to Supervision Rules Based Approach of Supervision VS Risk Based Approach of Supervision

Benefits of AML Audit & Compliance The AML audit process is a way to

Benefits of AML Audit & Compliance The AML audit process is a way to strengthen or improve a firm's AML program. It should be regarded not as a regulatory burden imposed by the government but as one of four pillars of an effective anti-money laundering program.

Benefits of AML Audit & Compliance ü Meeting International standards, or ü Strong Enforcement

Benefits of AML Audit & Compliance ü Meeting International standards, or ü Strong Enforcement AML Regime ü Foreign institutions are less likely to subject transactions with such countries to added scrutiny, ü Continued relationships with business partners from those countries

THANK YOU FOR YOUR ATTENTION & COOPERATION

THANK YOU FOR YOUR ATTENTION & COOPERATION