Formulating a Comprehensive AML Policy

By ·

AML policy

In most countries with robust anti-money laundering/countering the financing of terrorism (AML/CFT) governance framework, it is compulsory for financial institutions (FIs) to have its AML/CFT framework documented in the form of a company policy.  This allows the FIs to prove that reasonable steps are taken in ensuring compliance with local regulations. Additionally, having a robust and decent AML policy will improve the regulator’s confidence in the FI undertaking money laundering/terrorism financing risks. Below are some factors to consider whilst creating an AML policies.

Senior Management Approval

An AML/CFT compliance program should be approved by the FI’s senior management or its board. This sets expectations that the responsibility for an AML/CFT program lies with the senior management, and not just operational staff. Senior management should set the right ‘tone’ in ensuring a strong AML compliance culture.

Designated AML Officer

FIs must designate an AML officer, preferably within the senior management. In countries with robust AML/CFT governance, the appointment is a legislative requirement. An AML officer acts as a liaison between the FI and the local regulator. Furthermore, an AML officer is responsible for reporting suspicious activities, as well as, receiving information from a Financial Intelligence Unit (FIU).

Proper documentation of processes

Without a doubt, an AML policy should document its entire AML processes. This includes the prevention, detection and the reporting of any suspicious transactions.

Independent audit of AML policy

As part of ensuring that an AML policy functions as intended, it should be subjected to an independent review to assess if the policy is robust. Reviews of the AML policy should be conducted regularly.

Relationships with anonymous individuals or entities

Criminals and terrorists prefer to conduct their illicit activities anonymously or under a fictitious name. An AML policy should address this concern and the approach the FI should undertake for such scenarios.

Relationships with higher risk customers

Customers who are Politically Exposed Persons (PEPs) or are adversely reported in the media should be scrutinised for potential money laundering/terrorism financing (ML/TF) activities. The policy should detail any extra steps taken, i.e., performing enhance customer due diligence or getting senior management approval.

Risk Assessment

The Financial Action Task Force (FATF) recommends a risk-based approach to determine the appropriate level of due diligence applicable for customers who are of heightened risk. A risk assessment helps the designated AML officer knowing the size of at risk customers in the company.

Retention period

The policy should list out a document retention period even if relationships between the customer has been terminated. This is to facilitate any re-evaluation or any request of information from a FIU or a local regulator.

Application of AML Policy within FI’s branches and subsidiaries

The AML policy should describe in detail if it applies to all branches and subsidiaries. However, in the perspective of a subsidiary, should the AML policy of its Head company is weaker than its own subsidiary policy (due to different levels of AML/CFT framework in each individual jurisdiction), the subsidiary should undertake and apply the stricter policy.

training

Training

An AML policy would not be complete if there is no indication of a training to all staffs. Having regular training would ensure that staffs are kept abreast with latest ML/TF typologies, trends, and regulations.

Conclusion

Financial crime is getting more prevalent in the world. As part of on-going efforts to prevent illegal activities happening in the company, it is imperative that FIs are equipped with the necessary framework. Having an AML policy is the first step of many in ensuring that suspicious activities or customers are accurately identified and addressed appropriately. A FI could further augment its AML framework by investing in technology. However, there is no one-size-fits-all solution to an AML framework and a Compliance Officer must be able to tailor an approach unique to his or her organisation.

Related Post

 Designing a governance framework for sanctions Firms are required to ensure compliance with global sanctions regimes and export controls to prevent terrorism and organised crime. In order to meet these requirements, they will need to monitor regulatory changes and maintain an internal framework to ensure that customers, third parties and transac...
 6 Elements of an Effective AML/CFT Compliance Programme Aligning an organisation's business processes with the relevant anti-money laundering / countering the financing of terrorism (AML/CFT) regulations and best practices is no easy feat to accomplish. The difficulty of it amplifies when the business is massive and complex.Recent events have shown u...
 How to conduct proper customer due diligence (CDD) Conducting customer due diligence, or CDD, is a skill every Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) analyst should have.  A typical investigation into a potential suspicious transaction will begin with CDD. In most countries with a robust AML/CFT framework, it is compul...

About JX Low

Editor · Dip(AML)

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Be the first to know
We hate spam as much as you do