When developing your policies, you should make your due diligence process a focal point. You should outline the exact checks you need to carry out and the reasons why you may carry out enhanced due diligence. You should also then state what forms of ongoing monitoring you’ll conduct and how your business will mitigate against risk.
Putting an effective anti-money laundering (AML) program in place is one of the best ways you can protect your business from money launderers and other financial criminals.
Depending on where your business is located and the jurisdictions you operate in, you’ll have different AML rules you need to follow. In the US, the Bank Secrecy Act states that all financial institutions must develop and implement AML compliance programs. In addition, members are also governed by the anti-money laundering rule in FINRA Rule 3310.
This rule sets the minimum standards for AML compliance programs, which must be designed to achieve ongoing compliance with the requirements of the Bank Secrecy Act. Consistent with the Bank Secrecy Act, FINRA Rule 3310 also requires firms to take a number of other steps to ensure they maintain AML compliance. These steps include:
Each company must nominate an AML compliance officer who is responsible for implementing and monitoring their firm’s AML compliance program. The responsibilities of this role include:
As you can see from the AML officer’s key responsibilities, this is a senior position. Due to this, your chosen AML compliance officer must have the correct accreditation and relevant expertise in the financial sector, preferably in AML compliance, legal, or internal risk audits.
Employee training should be a centerpiece of your company’s anti-money laundering compliance policy. AML training should be given to every member of staff who deals with either customers or transactions. This includes your compliance and audit teams, senior management team, and anyone who comes into direct contact with a customer, such as a member of your customer services team.
Each of these members of staff must have a detailed understanding of your company’s policies and procedures. They also need to understand:
Your training program should be specific to your business and the risks it faces. That said, popular training topics include:
Remember, training isn’t a one-off obligation or a box-ticking exercise. This means that you should also offer refresher programs that will help keep staff vigilant and informed. It will also ensure that the program is kept up-to-date and reflects any regulatory changes.
On top of this, refresher courses should also be administered to all staff members if one of your employees has been involved in money laundering or has failed to spot dirty money passing through your system. This is because this incident means your existing policy was ineffective and must be amended.
Recommendations from the Financial Action Task Force state that you must also perform a money laundering risk assessment. As part of this, your business must assess all money laundering and terrorist financing risks it faces, including factors relating to customers, countries or geographic areas, as well as products, services, transactions, and delivery channels.
You should start this process by conducting a business-wide risk assessment. This will help you understand the risks in your jurisdiction and niche. Of course, determining risk is not an exact science. For this reason, you should focus on creating dynamic, dependable, and adaptable policies and procedures.
Regulators now advocate a risk-based approach to compliance. This means that you should think systematically about your business, customers, partners, and regulators.
When developing your program, you must remember that no two institutions face the same set of AML risks. There’s no one-size-fits-all solution to compliance and individual institutions are expected to build a solution that works for their risk profile. As a result, when devising your risk-based approach to AML, you must take into account factors like the products and services you offer, your customers and clients, and your geographic location.
All risks associated with your customers and business relationships should be covered by your customer due diligence (CDD) policies and procedures. This means you should select an appropriate level of CDD for each individual customer, rather than following the same CDD process for everyone.
All of your basic CDD measures should:
These initial checks may then reveal that enhanced due diligence measures (EDD) are required because the customer poses a significant level of risk.
By adapting your customer due diligence measures based on the customer’s risk profile, you can ensure that your anti-money laundering compliance program is robust, but does not place a significant burden on honest and low-risk customers. With the help of flexible CDD approaches, your compliance efforts can protect the organization but also provide a quick and seamless experience for your customers.
In order to properly manage risk and maintain regulatory compliance, your business needs to develop a set of internal AML policies and procedures. These can then take the form of AML guidelines that members of staff can follow and regulators can inspect/review.
When developing your policies, you should make your due diligence process a focal point. You should outline the exact checks you need to carry out and the reasons why you may carry out enhanced due diligence. You should also then state what forms of ongoing monitoring you’ll conduct and how your business will mitigate against risk.
On top of this, you should also provide details on how you will report suspicious transactions and whether you will use a transaction monitoring system to help with this process.
Crucially, once you’ve decided on your company’s internal AML policies and procedures, you must commit them to paper. Within your document, you should clearly state:
By writing out your policies, you can make sure they can be viewed by staff members, executives, and regulators whenever required. Remember, it’s vital that your staff members are aware of their own roles and responsibilities within the AML program. This document (alongside the training you’re providing) will help with this.
As well as writing down your policies, you should also write down when you intend to review them, measure their effectiveness, and make any changes.
By identifying your customers, verifying their identities, and then performing due diligence, you can stop fraudsters from accessing your services or opening an account. However, on occasion, previously onboarded and honest customers can begin to act suspiciously. It’s your job to spot this suspicious behavior and report it to the appropriate authorities.
Reporting is one of the main requirements of an anti-money laundering program. If a financial organization has reason to suggest that certain funds were accumulated illegally or are linked to fraud and terrorism, it must promptly report them to a financial intelligence unit.
Reporting triggers include:
Once you have your anti-money laundering compliance program in place, you should get it reviewed by an independent auditor. This individual will be able to help you spot weaknesses in your risk assessment and compliance program. These audits are usually carried out every 12-18 months. However, institutions working in particularly high-risk areas might consider a more frequent schedule than that.
Generally speaking, the auditor will check all of your AML/KYC due diligence procedures, compliance training, monitoring procedures, and reporting systems.
The independent auditor you use must have sufficient AML expertise. It’s not enough for this individual to examine your existing policies and procedures. Instead, they must have the ability to spot weaknesses and make proper recommendations for improvement. This individual should also have no connection to your company and must not have participated in developing your organization’s AML compliance program.
If you’re developing an anti-money laundering compliance program, then you need to consider how you can automate the AML and KYC process to improve efficiency and accuracy.
Our class-leading AML screening solution can help you achieve regulatory compliance while also increasing conversions. It does this by verifying the identities of your customers, conducting politically exposed persons (PEP) and sanctions checks, screening for adverse media, and providing ongoing monitoring. As a result, it reduces risk for your business at every turn.
By harnessing the power of artificial intelligence, our solution can conduct the AML and KYC checks you require in a matter of seconds. It also increases accuracy and reduces false positives, smoothing the onboarding process for the customer.
As an added bonus, due to the increase in accuracy and convenience it provides, our solution can also help you increase conversions by up to 30%.
Interested in learning more about how our AML screening solution can help your business meet its AML compliance obligations? Book a no-obligation demo with our experienced and knowledgeable team today.
We’d love to show you how our tools will fit in with your anti-money laundering compliance program and help you achieve compliance.