SlideShare a Scribd company logo

4. op risk and aml

C
crmbasel
1 of 14
Implementing AML Compliance Program for Financial Institutions Dr. LAM Yat-fai (林日辉博士林日辉博士林日辉博士林日辉博士) Doctor of Business Administration (Finance) CFA, CAIA, FRM, PRM, MCSE, MCNE PRMIA Award of Merit 2005 E-mail: quanrisk@gmail.com 2 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 3 Supervisory framework Regulatory guidelines Circulars AML profiling Prudential survey Offsite review Onsite examination Control self-assessment Tripartite meeting 4 Regulatory guidelines Hong Kong Monetary Authority Guideline on Anti-Money Laundering and Counter- Terrorist Financing (for Authorized Institutions) Issued in January 2012, 12 chapters, 112 pages Securities and Futures Commission Guideline on Anti-Money Laundering and Counter- Terrorist Financing Issued in April 2012, 10 chapters, 130 pages
5 Circular 6 AML profiling A long questionnaire consisting 30 to 40 questions AML compliance officer Composition of AML compliance committee IT systems for AML compliance in place Major MIS reports No. of PEP customers Customer AML risk classification system No. of incidents reported to JFIU during the last three years Latest audit findings To capture static information about a FI’s AML compliance program To be completed within two to three months, renew on annual basis Regulators to build a centralized database 7 Prudential survey A short questionnaire to collect some ad-hoc information during the year No. of transactions with Mr. 薄熙來, Ms. 谷開來 or Mr. 薄瓜瓜 during the last three years No. of large amount out-going fund transfers from Chongqing city during the last three years No. of customers in North Korea Driven by contemporary political, economic, regulatory and/or media focus Issued on ad-hoc basis To be completed within two to four weeks 8 Off-site review Revised and updated policies and procedures Independent audit reports on an FI’s AML compliance program Action plans to rectify audit findings Progress report on rectification actions Major incident reports Follow up by meetings
9 Onsite examination Comprehensive examination Two/three-people group, around two to three months Covering major topics of an FI’s AML compliance program To assess the quality of an FI’s AML compliance program Thematic examination One man band, around one month Covering one to three hot AML compliance topics Aim at identifying sound practices and common issues of contemporary AML topics 10 Control-self assessment (“CSA”) A comprehensive audit check list To be completed by an FI herself Covering critical policy areas For each control procedure Compliance status – fully, partially or not compliant Explanations of compliance Mitigation plan and tentative completion date 11 CSA summary 12 CSA summary by institution
13 CSA summary by control procedure 14 CSA summary by institution and control procedure 15 Compliance projection 16 Tripartite meeting Three-party senior meeting among Financial institution Auditor Regulator To assess the major and critical areas for improvement and/or development
17 Challenges facing FIs External Regulatory requirements keep on changing and tightening Internal AML compliance a cost centre Limited budget Lack of manpower AML compliance impacts customer relationship 18 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 19 Senior management oversight Senior management is fully responsible for the AML compliance program A committee comprises senior staff from different business units A comprehensive terms of reference Regular meetings – at least quarterly Meeting minutes with discussion items on AML compliance 20 Corporate AML policy Match the regulatory guidelines Topics and no. of pages Reviewed and updated At least annually Incorporating material changes on business or regulatory requirements during the year Approved by AML committee
21 AML procedures A guide book to carry out a specific AML activity, e.g. Due diligence procedure Suspicious transaction management procedure JFIU reporting procedure Department and business dependent From one page to hundred pages Reviewed at least on annual basis Approved by department head and/or AML committee 22 MIS reporting MIS reports with key risk indicators (“KRIs”) No. of high/medium/low risk customers No. of rejected potential customers No. of suspicious transactions detected No. of suspicious transactions approved No. of suspicious transactions under investigation Trend analysis Peer analysis among business lines and country offices 23 Compliance and audit Compliance To ensure that AML policies and procedures are followed through Compliance staff are advised not to be involved in daily operations to maintain independency Audit To ensure that compliance staff are doing their jobs Do more on fashion topics 24 Training and awareness New staff training within three months Annual training on regulatory updates Keep attendancy record Follow up with simple test
25 Risk-based approach To justify that there is no AML activity, please do more on Customers with higher risk – CDD Counterparties with higher risk – sanction filtering Transaction with higher risk 26 Customer risk level Higher customer risk Customers with political background (PEPs) Customers in business of casino or weapon Customers in sanctioned countries Lower customer risk High school teachers Restaurant waiters Factory workers 27 Other higher risk customers Private banking Correspondent banking Money changers Companies registered in tax heavens Client accounts – who is the ultimate owner? 28 Risk-based approach Higher risk customers Detailed background check Frequent updated Close monitoring Lower risk customers Simple background check Regular updated Less monitoring
29 Counterparty risk Higher counterparty risk On the sanction list Lower counterparty risk Not on the sanction list 30 Transaction risk Likelihood What is the chance? Chance of customer + chance of counterparty Exposure What is the amount? Transaction risk Likelihood x Exposure 31 Exposure Static limits HK$8,000 for wire transfer HK$120,000 for other transactions Dynamic limits Statistical distance Amount Mean Standard deviation − = 32 Transaction risk
33 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 34 AML IT systems Customer identification CDD and KYC Offline checking again a sanction list Sanction filtering Transaction monitoring 35 Sanction filtering Know the counterparty of your customer Fund transfer from counterparty Fund transfer to counterparty Match against sanction lists Worldcheck Fativa Local black list Conducted before completion of transactions 36 Sanction filtering False positive Customer name similar to entities in sanction list Urgency Suspected transactions must be investigated before proceeding Resources No. of AML compliance officers
37 Risk-based approach Transaction risk Likelihood x Exposure Higher transaction risk Detailed investigation Expert Lower transaction risk General investigation Front line staff 38 Resources dedicated by the bank Higher risk categories Centralized expert investigation Dedicated compliance officer Lower risk categories Decentralized general investigation Front line staff 39 Sanction filtering IT solutions 40 Transaction monitoring Know the transaction of your customer To detect suspicious transactions Conducted after the completion of transactions Implemented with offline IT systems Not to notify customer Suspicious crimes to be reported to police
41 IT systems for transaction monitoring Examine within a period, all Account balances Incoming transactions Outgoing transactions Criteria set out by experts based on Historical scenarios Exceptions to normal situations 42 Transaction monitoring solutions 43 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 44 Role of senior management To accord AML compliance due priority, senior management may play an active role in the following areas. Endorsing AML policies. Appointing senior staff responsible for AM compliance. Approving or declining high risk customers. Approving or declining third party payments. Reviewing suspicious activities/cases identified by the staff. Supporting compliance investigation of suspicious cases. Participating in AML/CFT training.
45 Role of senior management To reinforce the importance of AML compliance, the board of directors may contribute by Overseeing the implementation of AML policies as part of their broader governance role. Reviewing reports of violations of AML procedures and controls. 46 AML policies and procedures To help ensure that appropriate and effective AML policies and procedures are in place, firms may implement the following steps AML policies are endorsed by senior management and effectively communicated to all staff by means of training and utilizing suitable forms of testing to ensure proper understanding of the policies. Appoint a person to regularly review changes to applicable AML rules and regulations, and where necessary, make changes or updates to ensure compliance. Perform periodic audits or compliance checks of AML controls, including clients’ identification and verification procedures. Issue and distribute AML internal audit reports or compliance checking reports to all relevant business and functional departments as well as to senior management. 47 Customer acceptance and customer due diligence To undertake customer acceptance and due diligence measures on a risk sensitive basis, firms may Risk-based assessment Perform risk-based and extensive know-your-customer assessment in order to ascertain a customer's identity, beneficial owners, nature and background of its business activities and source of funds and apply a risk rating to determine the extent of ongoing monitoring. Categorise customers into distinct risk categories – high, medium and low risk. High risk customers are managed by focused resources and enhanced due diligence processes. 48 Customer acceptance and customer due diligence On-going due diligence Conduct periodic reviews depending on a customer's risk rating. This risk-based approach allows more detailed and enhanced reviews to be conducted for higher risk customers on a more frequent basis than low/medium risk customers. Generate reports identifying those accounts showing activity which fulfils predetermined criteria, such as large transaction volume, or increased account usage. The compliance officer would review and decide if the transactions made were consistent with the customer’s profile.
49 Customer acceptance and customer due diligence Identification of Politically Exposed Persons and related enhanced due diligence Use Internet or other web-based tools to perform background screening. Employ external databases to perform background screening, including names of customers, directors, shareholders, authorised signatories and beneficial owners and perform batch screening on all accounts regularly. 50 Customer acceptance and customer due diligence Classify PEPs as high risk customers and adopt enhanced due diligence and escalation processes, for example by Assessing the PEP risk by obtaining information such as the customer’s political function, country of origin, type of services and products sought and the source of wealth and funds, etc. Seeking senior management’s approval before opening PEP accounts. Reviewing transactions of the PEP clients on a periodic basis. 51 Recognition and reporting of suspicious transactions To facilitate the identification of suspicious transactions and help ensure that the legal requirements for reporting suspicious transactions to the JFIU and prohibitions against tipping-off are complied with, firms may: Recognition and reporting of suspicious transactions Implement automated transaction monitoring system utilising software which is designed to detect patterns of unusual transactions and suspicious transactions. Arrange to have exception reports automatically escalated to the compliance officer for review, approval and, where necessary, to form the basis for further investigation, reporting, raising the risk rating of a customer for enhanced monitoring. 52 Recognition and reporting of suspicious transactions Cash or third-party payments Require approval of cash or third party payments by Head of Compliance and Head of relevant Business Department. Perform regular review on activities such as frequent fund transfers or cheque payments involving unverified or difficult to verify third parties or other unusual fund movements and investigate accounts with unusual activities.
53 Recognition and reporting of suspicious transactions Review these reports from time to time to ensure that they have been properly updated to incorporate new indicators of suspicious activity. Incorporate organization specific indicators of potentially suspicious or unusual activities into AML policies and AML training. Conduct background checks using reliable and independent source documents and database before establishing business relationships in order to identify terrorist suspects at the initial account opening stage and on an ongoing basis thereafter. 54 Recognition and reporting of suspicious transactions No tipping-off Put in place procedures whereby Account executives and other relevant staff receive AML training and are fully cautioned against tipping off customers and made aware that they are subject to criminal liability for such actions. Only a limited number of persons, e.g. the compliance officer and senior management, are privy to suspicious transaction reports which are made to the JFIU strictly on a need-to-know basis. Account executives are not informed when suspicious transaction reports are made to the JFIU to prevent tipping off. 55 Staff training To help ensure that appropriate and effective staff training procedures are in place, firms may Distribute their internal AML policies to new staff members during induction training. Require newly recruited staff to complete training on AML and thereafter refresh themselves on AML policies and procedures regularly. Incorporate new or updated changes in AML regulations or policies whenever necessary and inform staff of these changes through different means, e.g. circulation of revised policy, internal circulars or email alerts. Provide tailored AML training for front office employees. Utilize suitable forms of testing to ensure proper understanding of the policies, e.g. quizzes. Your opinions http://sites.google.com/site/quanrisk

Recommended

5. op risk and aml
5. op risk and aml5. op risk and aml
5. op risk and amlcrmbasel
 
AML and Compliance Analytics
AML and Compliance Analytics AML and Compliance Analytics
AML and Compliance Analytics Naveen Grover
 
Anti Money Laundering Framework
Anti Money Laundering FrameworkAnti Money Laundering Framework
Anti Money Laundering Frameworknikatmalik
 
Operational innovations in AML/CFT compliance processes and financial inclus...
Operational innovations in AML/CFT compliance processes and financial inclus...Operational innovations in AML/CFT compliance processes and financial inclus...
Operational innovations in AML/CFT compliance processes and financial inclus...CGAP
 
Business Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money LaunderingBusiness Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money LaunderingKartik Mehta
 
FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...
FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...
FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...Louise Malady
 
StubbsGazette AML/CFT EBook for Credit Unions
StubbsGazette AML/CFT EBook for Credit UnionsStubbsGazette AML/CFT EBook for Credit Unions
StubbsGazette AML/CFT EBook for Credit UnionsStubbsGazette
 
ICBC AML Risk-Based Approach (Jan 2011) by Bachir El Nakib
ICBC AML Risk-Based Approach (Jan 2011) by Bachir El NakibICBC AML Risk-Based Approach (Jan 2011) by Bachir El Nakib
ICBC AML Risk-Based Approach (Jan 2011) by Bachir El NakibBachir El-Nakib, CAMS
 

Recommended

5. op risk and aml
5. op risk and aml5. op risk and aml
5. op risk and amlcrmbasel
 
AML and Compliance Analytics
AML and Compliance Analytics AML and Compliance Analytics
AML and Compliance Analytics Naveen Grover
 
Anti Money Laundering Framework
Anti Money Laundering FrameworkAnti Money Laundering Framework
Anti Money Laundering Frameworknikatmalik
 
Operational innovations in AML/CFT compliance processes and financial inclus...
Operational innovations in AML/CFT compliance processes and financial inclus...Operational innovations in AML/CFT compliance processes and financial inclus...
Operational innovations in AML/CFT compliance processes and financial inclus...CGAP
 
Business Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money LaunderingBusiness Intelligence For Anti-Money Laundering
Business Intelligence For Anti-Money LaunderingKartik Mehta
 
FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...
FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...
FATF's June 2013 Guidance Note on a Risk Based Approach to Implementing AML/C...Louise Malady
 
StubbsGazette AML/CFT EBook for Credit Unions
StubbsGazette AML/CFT EBook for Credit UnionsStubbsGazette AML/CFT EBook for Credit Unions
StubbsGazette AML/CFT EBook for Credit UnionsStubbsGazette
 
ICBC AML Risk-Based Approach (Jan 2011) by Bachir El Nakib
ICBC AML Risk-Based Approach (Jan 2011) by Bachir El NakibICBC AML Risk-Based Approach (Jan 2011) by Bachir El Nakib
ICBC AML Risk-Based Approach (Jan 2011) by Bachir El NakibBachir El-Nakib, CAMS
 
Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...
Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...
Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...Resurgent India
 
Risk based approach
Risk based approachRisk based approach
Risk based approachPierre Simon, CCEP-I
 
Anti Money Laundering Conference Cyprus - Post-Event Presentation
Anti Money Laundering Conference Cyprus - Post-Event PresentationAnti Money Laundering Conference Cyprus - Post-Event Presentation
Anti Money Laundering Conference Cyprus - Post-Event PresentationInfocredit Group
 
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...StubbsGazette
 
NAT-16-133 AML Benchmarking-FINAL
NAT-16-133 AML Benchmarking-FINALNAT-16-133 AML Benchmarking-FINAL
NAT-16-133 AML Benchmarking-FINALJennifer Fiddian-Green
 
Programme Management for Financial Crime
Programme Management for Financial CrimeProgramme Management for Financial Crime
Programme Management for Financial CrimePwC Polska
 
Mdm (2)
Mdm (2)Mdm (2)
Mdm (2)Martijn Sinninghe Damsté
 
FinCraft - Anti Money Laundering Solution by Nelito
FinCraft - Anti Money Laundering Solution by NelitoFinCraft - Anti Money Laundering Solution by Nelito
FinCraft - Anti Money Laundering Solution by NelitoNelito Systems Ltd
 
goAML
goAMLgoAML
goAMLjwsong127
 
Crowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperCrowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperBrett Rosynek
 
Introduction to Careers in Anti-Money Laundering (AML)
Introduction to Careers in Anti-Money Laundering (AML)Introduction to Careers in Anti-Money Laundering (AML)
Introduction to Careers in Anti-Money Laundering (AML)AML Source
 
GT_AML_Benchmarking_Report
GT_AML_Benchmarking_ReportGT_AML_Benchmarking_Report
GT_AML_Benchmarking_ReportAndres Betancourt, CFCS, CAMS, CCI, FIS
 
Final CDD Rule - How We Got Here and What To Do Now
Final CDD Rule - How We Got Here and What To Do NowFinal CDD Rule - How We Got Here and What To Do Now
Final CDD Rule - How We Got Here and What To Do NowNick Guest, CAMS
 
Aml 161014061258
Aml 161014061258Aml 161014061258
Aml 161014061258RAJASUNDAR R
 
BMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceBMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceAbhishek Bali
 
Financial crime compliance
Financial crime complianceFinancial crime compliance
Financial crime complianceaakash malhotra
 
How to conduct an AML risk assessment
How to conduct an AML risk assessmentHow to conduct an AML risk assessment
How to conduct an AML risk assessmentAsia Pacific AML
 
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsSignificance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsAML Audit
 
Payments and AML CFT KYC
Payments and AML CFT KYCPayments and AML CFT KYC
Payments and AML CFT KYCMartin Chan
 
AML/CTF Compliance Presentation - Gaming
AML/CTF Compliance Presentation - GamingAML/CTF Compliance Presentation - Gaming
AML/CTF Compliance Presentation - GamingNarelle Davidson Hospitality Compliance Consultant
 
Aml basics
Aml basicsAml basics
Aml basicsDavid F Amakobe
 
How to conduct an anti-money laundering (AML) system assessment
How to conduct an anti-money laundering (AML) system assessmentHow to conduct an anti-money laundering (AML) system assessment
How to conduct an anti-money laundering (AML) system assessmentKeith Furst
 

More Related Content

What's hot

Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...
Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...
Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...Resurgent India
 
Anti Money Laundering Conference Cyprus - Post-Event Presentation
Anti Money Laundering Conference Cyprus - Post-Event PresentationAnti Money Laundering Conference Cyprus - Post-Event Presentation
Anti Money Laundering Conference Cyprus - Post-Event PresentationInfocredit Group
 
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...StubbsGazette
 
Programme Management for Financial Crime
Programme Management for Financial CrimeProgramme Management for Financial Crime
Programme Management for Financial CrimePwC Polska
 
FinCraft - Anti Money Laundering Solution by Nelito
FinCraft - Anti Money Laundering Solution by NelitoFinCraft - Anti Money Laundering Solution by Nelito
FinCraft - Anti Money Laundering Solution by NelitoNelito Systems Ltd
 
Crowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperCrowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperBrett Rosynek
 
Introduction to Careers in Anti-Money Laundering (AML)
Introduction to Careers in Anti-Money Laundering (AML)Introduction to Careers in Anti-Money Laundering (AML)
Introduction to Careers in Anti-Money Laundering (AML)AML Source
 
Final CDD Rule - How We Got Here and What To Do Now
Final CDD Rule - How We Got Here and What To Do NowFinal CDD Rule - How We Got Here and What To Do Now
Final CDD Rule - How We Got Here and What To Do NowNick Guest, CAMS
 
BMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceBMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceAbhishek Bali
 
Financial crime compliance
Financial crime complianceFinancial crime compliance
Financial crime complianceaakash malhotra
 
How to conduct an AML risk assessment
How to conduct an AML risk assessmentHow to conduct an AML risk assessment
How to conduct an AML risk assessmentAsia Pacific AML
 
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsSignificance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsAML Audit
 

What's hot (18)

Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...
Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...
Money Laundering and Its Fall-out - ROLE OF INFORMATION TECHNOLOGY IN ANTI M...
 
Risk based approach
Risk based approachRisk based approach
Risk based approach
 
Anti Money Laundering Conference Cyprus - Post-Event Presentation
Anti Money Laundering Conference Cyprus - Post-Event PresentationAnti Money Laundering Conference Cyprus - Post-Event Presentation
Anti Money Laundering Conference Cyprus - Post-Event Presentation
 
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...
Anti-Money Laundering and Countering the Financing of Terrorism - StubbsGazet...
 
NAT-16-133 AML Benchmarking-FINAL
NAT-16-133 AML Benchmarking-FINALNAT-16-133 AML Benchmarking-FINAL
NAT-16-133 AML Benchmarking-FINAL
 
Programme Management for Financial Crime
Programme Management for Financial CrimeProgramme Management for Financial Crime
Programme Management for Financial Crime
 
Mdm (2)
Mdm (2)Mdm (2)
Mdm (2)
 
FinCraft - Anti Money Laundering Solution by Nelito
FinCraft - Anti Money Laundering Solution by NelitoFinCraft - Anti Money Laundering Solution by Nelito
FinCraft - Anti Money Laundering Solution by Nelito
 
goAML
goAMLgoAML
goAML
 
Crowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperCrowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management Whitepaper
 
Introduction to Careers in Anti-Money Laundering (AML)
Introduction to Careers in Anti-Money Laundering (AML)Introduction to Careers in Anti-Money Laundering (AML)
Introduction to Careers in Anti-Money Laundering (AML)
 
GT_AML_Benchmarking_Report
GT_AML_Benchmarking_ReportGT_AML_Benchmarking_Report
GT_AML_Benchmarking_Report
 
Final CDD Rule - How We Got Here and What To Do Now
Final CDD Rule - How We Got Here and What To Do NowFinal CDD Rule - How We Got Here and What To Do Now
Final CDD Rule - How We Got Here and What To Do Now
 
Aml 161014061258
Aml 161014061258Aml 161014061258
Aml 161014061258
 
BMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceBMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering Compliance
 
Financial crime compliance
Financial crime complianceFinancial crime compliance
Financial crime compliance
 
How to conduct an AML risk assessment
How to conduct an AML risk assessmentHow to conduct an AML risk assessment
How to conduct an AML risk assessment
 
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsSignificance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
 

Viewers also liked

Payments and AML CFT KYC
Payments and AML CFT KYCPayments and AML CFT KYC
Payments and AML CFT KYCMartin Chan
 
How to conduct an anti-money laundering (AML) system assessment
How to conduct an anti-money laundering (AML) system assessmentHow to conduct an anti-money laundering (AML) system assessment
How to conduct an anti-money laundering (AML) system assessmentKeith Furst
 
Basics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick PrimerBasics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick Primercomplianceonline123
 
Anti-Money Laundering (AML) Risk Assessment Process
Anti-Money Laundering (AML) Risk Assessment ProcessAnti-Money Laundering (AML) Risk Assessment Process
Anti-Money Laundering (AML) Risk Assessment Processaccenture
 

Viewers also liked (7)

Payments and AML CFT KYC
Payments and AML CFT KYCPayments and AML CFT KYC
Payments and AML CFT KYC
 
AML/CTF Compliance Presentation - Gaming
AML/CTF Compliance Presentation - GamingAML/CTF Compliance Presentation - Gaming
AML/CTF Compliance Presentation - Gaming
 
Aml basics
Aml basicsAml basics
Aml basics
 
How to conduct an anti-money laundering (AML) system assessment
How to conduct an anti-money laundering (AML) system assessmentHow to conduct an anti-money laundering (AML) system assessment
How to conduct an anti-money laundering (AML) system assessment
 
Basics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick PrimerBasics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick Primer
 
Kyc
KycKyc
Kyc
 
Anti-Money Laundering (AML) Risk Assessment Process
Anti-Money Laundering (AML) Risk Assessment ProcessAnti-Money Laundering (AML) Risk Assessment Process
Anti-Money Laundering (AML) Risk Assessment Process
 

Similar to 4. op risk and aml

How to Prepare Your Firm for a Visit from the SRA
How to Prepare Your Firm for a Visit from the SRAHow to Prepare Your Firm for a Visit from the SRA
How to Prepare Your Firm for a Visit from the SRALegl
 
Vendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesVendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesContinuity Control
 
6. the hkma’s regulatory requirements on liquidity risk management
6. the hkma’s regulatory requirements on liquidity risk management6. the hkma’s regulatory requirements on liquidity risk management
6. the hkma’s regulatory requirements on liquidity risk managementcrmbasel
 
Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docxaryan532920
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programmeSILO Compliance Systems
 
2015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 032020152015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 03202015Brent Siegel
 
NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008Ciaran Henry
 
ISO 37001 Certification.docx
ISO 37001 Certification.docxISO 37001 Certification.docx
ISO 37001 Certification.docxRankyMathew
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?EDR
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & GovernanceEDR
 
David Schneiderman's Resume 2016
David Schneiderman's Resume 2016David Schneiderman's Resume 2016
David Schneiderman's Resume 2016David Schneiderman
 
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerImplementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerHernan Huwyler, MBA CPA
 
Exploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceExploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceComplianceTrack
 
Chapter 1 stored value retail payment system
Chapter 1 stored value retail payment systemChapter 1 stored value retail payment system
Chapter 1 stored value retail payment systemQuan Risk
 
Bovill outsourcing bcp and client money and assets 16 aug16
Bovill outsourcing bcp and client money and assets 16 aug16Bovill outsourcing bcp and client money and assets 16 aug16
Bovill outsourcing bcp and client money and assets 16 aug16bovill
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...LexisNexis Benelux
 

Similar to 4. op risk and aml (20)

How to Prepare Your Firm for a Visit from the SRA
How to Prepare Your Firm for a Visit from the SRAHow to Prepare Your Firm for a Visit from the SRA
How to Prepare Your Firm for a Visit from the SRA
 
Vendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesVendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto Series
 
6. the hkma’s regulatory requirements on liquidity risk management
6. the hkma’s regulatory requirements on liquidity risk management6. the hkma’s regulatory requirements on liquidity risk management
6. the hkma’s regulatory requirements on liquidity risk management
 
Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme
 
Risk Assessment1.ppt
Risk Assessment1.pptRisk Assessment1.ppt
Risk Assessment1.ppt
 
2015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 032020152015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 03202015
 
Thematic compliance
Thematic complianceThematic compliance
Thematic compliance
 
NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008
 
ISO 37001 Certification.docx
ISO 37001 Certification.docxISO 37001 Certification.docx
ISO 37001 Certification.docx
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
 
David Schneiderman's Resume 2016
David Schneiderman's Resume 2016David Schneiderman's Resume 2016
David Schneiderman's Resume 2016
 
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerImplementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
 
Exploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceExploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & Compliance
 
conferences.aicpa.org
conferences.aicpa.orgconferences.aicpa.org
conferences.aicpa.org
 
Chapter 1 stored value retail payment system
Chapter 1 stored value retail payment systemChapter 1 stored value retail payment system
Chapter 1 stored value retail payment system
 
Bovill outsourcing bcp and client money and assets 16 aug16
Bovill outsourcing bcp and client money and assets 16 aug16Bovill outsourcing bcp and client money and assets 16 aug16
Bovill outsourcing bcp and client money and assets 16 aug16
 
Chp06
Chp06Chp06
Chp06
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
 

More from crmbasel

Chapter 0 credit neural network
Chapter 0 credit neural networkChapter 0 credit neural network
Chapter 0 credit neural networkcrmbasel
 
13.2 credit linked notes
13.2 credit linked notes13.2 credit linked notes
13.2 credit linked notescrmbasel
 
20.2 regulatory credit exposures
20.2 regulatory credit exposures20.2 regulatory credit exposures
20.2 regulatory credit exposurescrmbasel
 
19.2 regulatory irb validation
19.2 regulatory irb validation19.2 regulatory irb validation
19.2 regulatory irb validationcrmbasel
 
18.2 internal ratings based approach
18.2 internal ratings based approach18.2 internal ratings based approach
18.2 internal ratings based approachcrmbasel
 
17.2 the basel iii framework
17.2 the basel iii framework17.2 the basel iii framework
17.2 the basel iii frameworkcrmbasel
 
16.2 the ifrs 9
16.2 the ifrs 916.2 the ifrs 9
16.2 the ifrs 9crmbasel
 
15.2 financial tsunami 2008
15.2 financial tsunami 200815.2 financial tsunami 2008
15.2 financial tsunami 2008crmbasel
 
14.2 collateralization debt obligations
14.2 collateralization debt obligations14.2 collateralization debt obligations
14.2 collateralization debt obligationscrmbasel
 
12.2 cds indices
12.2 cds indices12.2 cds indices
12.2 cds indicescrmbasel
 
11.2 credit default swaps
11.2 credit default swaps11.2 credit default swaps
11.2 credit default swapscrmbasel
 
10.2 practical issues in credit assessments
10.2 practical issues in credit assessments10.2 practical issues in credit assessments
10.2 practical issues in credit assessmentscrmbasel
 
09.2 credit scoring
09.2 credit scoring09.2 credit scoring
09.2 credit scoringcrmbasel
 
08.2 corporate credit analysis
08.2 corporate credit analysis08.2 corporate credit analysis
08.2 corporate credit analysiscrmbasel
 
07.2 credit ratings and fico scores
07.2 credit ratings and fico scores07.2 credit ratings and fico scores
07.2 credit ratings and fico scorescrmbasel
 
06.2 credit risk controls
06.2 credit risk controls06.2 credit risk controls
06.2 credit risk controlscrmbasel
 
05.2 credit quality monitoring
05.2 credit quality monitoring05.2 credit quality monitoring
05.2 credit quality monitoringcrmbasel
 
04.2 heterogeneous debt portfolio
04.2 heterogeneous debt portfolio04.2 heterogeneous debt portfolio
04.2 heterogeneous debt portfoliocrmbasel
 
03.2 homogeneous debt portfolios
03.2 homogeneous debt portfolios03.2 homogeneous debt portfolios
03.2 homogeneous debt portfolioscrmbasel
 
02.2 credit products
02.2 credit products02.2 credit products
02.2 credit productscrmbasel
 

More from crmbasel (20)

Chapter 0 credit neural network
Chapter 0 credit neural networkChapter 0 credit neural network
Chapter 0 credit neural network
 
13.2 credit linked notes
13.2 credit linked notes13.2 credit linked notes
13.2 credit linked notes
 
20.2 regulatory credit exposures
20.2 regulatory credit exposures20.2 regulatory credit exposures
20.2 regulatory credit exposures
 
19.2 regulatory irb validation
19.2 regulatory irb validation19.2 regulatory irb validation
19.2 regulatory irb validation
 
18.2 internal ratings based approach
18.2 internal ratings based approach18.2 internal ratings based approach
18.2 internal ratings based approach
 
17.2 the basel iii framework
17.2 the basel iii framework17.2 the basel iii framework
17.2 the basel iii framework
 
16.2 the ifrs 9
16.2 the ifrs 916.2 the ifrs 9
16.2 the ifrs 9
 
15.2 financial tsunami 2008
15.2 financial tsunami 200815.2 financial tsunami 2008
15.2 financial tsunami 2008
 
14.2 collateralization debt obligations
14.2 collateralization debt obligations14.2 collateralization debt obligations
14.2 collateralization debt obligations
 
12.2 cds indices
12.2 cds indices12.2 cds indices
12.2 cds indices
 
11.2 credit default swaps
11.2 credit default swaps11.2 credit default swaps
11.2 credit default swaps
 
10.2 practical issues in credit assessments
10.2 practical issues in credit assessments10.2 practical issues in credit assessments
10.2 practical issues in credit assessments
 
09.2 credit scoring
09.2 credit scoring09.2 credit scoring
09.2 credit scoring
 
08.2 corporate credit analysis
08.2 corporate credit analysis08.2 corporate credit analysis
08.2 corporate credit analysis
 
07.2 credit ratings and fico scores
07.2 credit ratings and fico scores07.2 credit ratings and fico scores
07.2 credit ratings and fico scores
 
06.2 credit risk controls
06.2 credit risk controls06.2 credit risk controls
06.2 credit risk controls
 
05.2 credit quality monitoring
05.2 credit quality monitoring05.2 credit quality monitoring
05.2 credit quality monitoring
 
04.2 heterogeneous debt portfolio
04.2 heterogeneous debt portfolio04.2 heterogeneous debt portfolio
04.2 heterogeneous debt portfolio
 
03.2 homogeneous debt portfolios
03.2 homogeneous debt portfolios03.2 homogeneous debt portfolios
03.2 homogeneous debt portfolios
 
02.2 credit products
02.2 credit products02.2 credit products
02.2 credit products
 

4. op risk and aml

  • 1. Implementing AML Compliance Program for Financial Institutions Dr. LAM Yat-fai (林日辉博士林日辉博士林日辉博士林日辉博士) Doctor of Business Administration (Finance) CFA, CAIA, FRM, PRM, MCSE, MCNE PRMIA Award of Merit 2005 E-mail: quanrisk@gmail.com 2 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 3 Supervisory framework Regulatory guidelines Circulars AML profiling Prudential survey Offsite review Onsite examination Control self-assessment Tripartite meeting 4 Regulatory guidelines Hong Kong Monetary Authority Guideline on Anti-Money Laundering and Counter- Terrorist Financing (for Authorized Institutions) Issued in January 2012, 12 chapters, 112 pages Securities and Futures Commission Guideline on Anti-Money Laundering and Counter- Terrorist Financing Issued in April 2012, 10 chapters, 130 pages
  • 2. 5 Circular 6 AML profiling A long questionnaire consisting 30 to 40 questions AML compliance officer Composition of AML compliance committee IT systems for AML compliance in place Major MIS reports No. of PEP customers Customer AML risk classification system No. of incidents reported to JFIU during the last three years Latest audit findings To capture static information about a FI’s AML compliance program To be completed within two to three months, renew on annual basis Regulators to build a centralized database 7 Prudential survey A short questionnaire to collect some ad-hoc information during the year No. of transactions with Mr. 薄熙來, Ms. 谷開來 or Mr. 薄瓜瓜 during the last three years No. of large amount out-going fund transfers from Chongqing city during the last three years No. of customers in North Korea Driven by contemporary political, economic, regulatory and/or media focus Issued on ad-hoc basis To be completed within two to four weeks 8 Off-site review Revised and updated policies and procedures Independent audit reports on an FI’s AML compliance program Action plans to rectify audit findings Progress report on rectification actions Major incident reports Follow up by meetings
  • 3. 9 Onsite examination Comprehensive examination Two/three-people group, around two to three months Covering major topics of an FI’s AML compliance program To assess the quality of an FI’s AML compliance program Thematic examination One man band, around one month Covering one to three hot AML compliance topics Aim at identifying sound practices and common issues of contemporary AML topics 10 Control-self assessment (“CSA”) A comprehensive audit check list To be completed by an FI herself Covering critical policy areas For each control procedure Compliance status – fully, partially or not compliant Explanations of compliance Mitigation plan and tentative completion date 11 CSA summary 12 CSA summary by institution
  • 4. 13 CSA summary by control procedure 14 CSA summary by institution and control procedure 15 Compliance projection 16 Tripartite meeting Three-party senior meeting among Financial institution Auditor Regulator To assess the major and critical areas for improvement and/or development
  • 5. 17 Challenges facing FIs External Regulatory requirements keep on changing and tightening Internal AML compliance a cost centre Limited budget Lack of manpower AML compliance impacts customer relationship 18 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 19 Senior management oversight Senior management is fully responsible for the AML compliance program A committee comprises senior staff from different business units A comprehensive terms of reference Regular meetings – at least quarterly Meeting minutes with discussion items on AML compliance 20 Corporate AML policy Match the regulatory guidelines Topics and no. of pages Reviewed and updated At least annually Incorporating material changes on business or regulatory requirements during the year Approved by AML committee
  • 6. 21 AML procedures A guide book to carry out a specific AML activity, e.g. Due diligence procedure Suspicious transaction management procedure JFIU reporting procedure Department and business dependent From one page to hundred pages Reviewed at least on annual basis Approved by department head and/or AML committee 22 MIS reporting MIS reports with key risk indicators (“KRIs”) No. of high/medium/low risk customers No. of rejected potential customers No. of suspicious transactions detected No. of suspicious transactions approved No. of suspicious transactions under investigation Trend analysis Peer analysis among business lines and country offices 23 Compliance and audit Compliance To ensure that AML policies and procedures are followed through Compliance staff are advised not to be involved in daily operations to maintain independency Audit To ensure that compliance staff are doing their jobs Do more on fashion topics 24 Training and awareness New staff training within three months Annual training on regulatory updates Keep attendancy record Follow up with simple test
  • 7. 25 Risk-based approach To justify that there is no AML activity, please do more on Customers with higher risk – CDD Counterparties with higher risk – sanction filtering Transaction with higher risk 26 Customer risk level Higher customer risk Customers with political background (PEPs) Customers in business of casino or weapon Customers in sanctioned countries Lower customer risk High school teachers Restaurant waiters Factory workers 27 Other higher risk customers Private banking Correspondent banking Money changers Companies registered in tax heavens Client accounts – who is the ultimate owner? 28 Risk-based approach Higher risk customers Detailed background check Frequent updated Close monitoring Lower risk customers Simple background check Regular updated Less monitoring
  • 8. 29 Counterparty risk Higher counterparty risk On the sanction list Lower counterparty risk Not on the sanction list 30 Transaction risk Likelihood What is the chance? Chance of customer + chance of counterparty Exposure What is the amount? Transaction risk Likelihood x Exposure 31 Exposure Static limits HK$8,000 for wire transfer HK$120,000 for other transactions Dynamic limits Statistical distance Amount Mean Standard deviation − = 32 Transaction risk
  • 9. 33 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 34 AML IT systems Customer identification CDD and KYC Offline checking again a sanction list Sanction filtering Transaction monitoring 35 Sanction filtering Know the counterparty of your customer Fund transfer from counterparty Fund transfer to counterparty Match against sanction lists Worldcheck Fativa Local black list Conducted before completion of transactions 36 Sanction filtering False positive Customer name similar to entities in sanction list Urgency Suspected transactions must be investigated before proceeding Resources No. of AML compliance officers
  • 10. 37 Risk-based approach Transaction risk Likelihood x Exposure Higher transaction risk Detailed investigation Expert Lower transaction risk General investigation Front line staff 38 Resources dedicated by the bank Higher risk categories Centralized expert investigation Dedicated compliance officer Lower risk categories Decentralized general investigation Front line staff 39 Sanction filtering IT solutions 40 Transaction monitoring Know the transaction of your customer To detect suspicious transactions Conducted after the completion of transactions Implemented with offline IT systems Not to notify customer Suspicious crimes to be reported to police
  • 11. 41 IT systems for transaction monitoring Examine within a period, all Account balances Incoming transactions Outgoing transactions Criteria set out by experts based on Historical scenarios Exceptions to normal situations 42 Transaction monitoring solutions 43 Outline Supervisory framework on AML Risk-based AML compliance program IT systems for AML compliance Sound practices of AML compliance 44 Role of senior management To accord AML compliance due priority, senior management may play an active role in the following areas. Endorsing AML policies. Appointing senior staff responsible for AM compliance. Approving or declining high risk customers. Approving or declining third party payments. Reviewing suspicious activities/cases identified by the staff. Supporting compliance investigation of suspicious cases. Participating in AML/CFT training.
  • 12. 45 Role of senior management To reinforce the importance of AML compliance, the board of directors may contribute by Overseeing the implementation of AML policies as part of their broader governance role. Reviewing reports of violations of AML procedures and controls. 46 AML policies and procedures To help ensure that appropriate and effective AML policies and procedures are in place, firms may implement the following steps AML policies are endorsed by senior management and effectively communicated to all staff by means of training and utilizing suitable forms of testing to ensure proper understanding of the policies. Appoint a person to regularly review changes to applicable AML rules and regulations, and where necessary, make changes or updates to ensure compliance. Perform periodic audits or compliance checks of AML controls, including clients’ identification and verification procedures. Issue and distribute AML internal audit reports or compliance checking reports to all relevant business and functional departments as well as to senior management. 47 Customer acceptance and customer due diligence To undertake customer acceptance and due diligence measures on a risk sensitive basis, firms may Risk-based assessment Perform risk-based and extensive know-your-customer assessment in order to ascertain a customer's identity, beneficial owners, nature and background of its business activities and source of funds and apply a risk rating to determine the extent of ongoing monitoring. Categorise customers into distinct risk categories – high, medium and low risk. High risk customers are managed by focused resources and enhanced due diligence processes. 48 Customer acceptance and customer due diligence On-going due diligence Conduct periodic reviews depending on a customer's risk rating. This risk-based approach allows more detailed and enhanced reviews to be conducted for higher risk customers on a more frequent basis than low/medium risk customers. Generate reports identifying those accounts showing activity which fulfils predetermined criteria, such as large transaction volume, or increased account usage. The compliance officer would review and decide if the transactions made were consistent with the customer’s profile.
  • 13. 49 Customer acceptance and customer due diligence Identification of Politically Exposed Persons and related enhanced due diligence Use Internet or other web-based tools to perform background screening. Employ external databases to perform background screening, including names of customers, directors, shareholders, authorised signatories and beneficial owners and perform batch screening on all accounts regularly. 50 Customer acceptance and customer due diligence Classify PEPs as high risk customers and adopt enhanced due diligence and escalation processes, for example by Assessing the PEP risk by obtaining information such as the customer’s political function, country of origin, type of services and products sought and the source of wealth and funds, etc. Seeking senior management’s approval before opening PEP accounts. Reviewing transactions of the PEP clients on a periodic basis. 51 Recognition and reporting of suspicious transactions To facilitate the identification of suspicious transactions and help ensure that the legal requirements for reporting suspicious transactions to the JFIU and prohibitions against tipping-off are complied with, firms may: Recognition and reporting of suspicious transactions Implement automated transaction monitoring system utilising software which is designed to detect patterns of unusual transactions and suspicious transactions. Arrange to have exception reports automatically escalated to the compliance officer for review, approval and, where necessary, to form the basis for further investigation, reporting, raising the risk rating of a customer for enhanced monitoring. 52 Recognition and reporting of suspicious transactions Cash or third-party payments Require approval of cash or third party payments by Head of Compliance and Head of relevant Business Department. Perform regular review on activities such as frequent fund transfers or cheque payments involving unverified or difficult to verify third parties or other unusual fund movements and investigate accounts with unusual activities.
  • 14. 53 Recognition and reporting of suspicious transactions Review these reports from time to time to ensure that they have been properly updated to incorporate new indicators of suspicious activity. Incorporate organization specific indicators of potentially suspicious or unusual activities into AML policies and AML training. Conduct background checks using reliable and independent source documents and database before establishing business relationships in order to identify terrorist suspects at the initial account opening stage and on an ongoing basis thereafter. 54 Recognition and reporting of suspicious transactions No tipping-off Put in place procedures whereby Account executives and other relevant staff receive AML training and are fully cautioned against tipping off customers and made aware that they are subject to criminal liability for such actions. Only a limited number of persons, e.g. the compliance officer and senior management, are privy to suspicious transaction reports which are made to the JFIU strictly on a need-to-know basis. Account executives are not informed when suspicious transaction reports are made to the JFIU to prevent tipping off. 55 Staff training To help ensure that appropriate and effective staff training procedures are in place, firms may Distribute their internal AML policies to new staff members during induction training. Require newly recruited staff to complete training on AML and thereafter refresh themselves on AML policies and procedures regularly. Incorporate new or updated changes in AML regulations or policies whenever necessary and inform staff of these changes through different means, e.g. circulation of revised policy, internal circulars or email alerts. Provide tailored AML training for front office employees. Utilize suitable forms of testing to ensure proper understanding of the policies, e.g. quizzes. Your opinions http://sites.google.com/site/quanrisk