The fight against financial crime is a key priority for financial institutions and governments globally. The ability for criminal organizations to use financial institutions (FIs) to launder funds is a material concern to regulators. These transactions expose an FI to potential risk to their reputation and ultimately to their soundness. Many countries have implemented measures to fight money laundering and terrorist financing. This action has been driven largely by the leadership of the Financial Action Task Force (FATF).
The FATF is the intergovernmental body that develops, monitors and evaluates country AML/ATF standards. These standards and FATF Recommendations establish a strong AML/ATF framework and encourage a risk-based approach to the implementation of preventive measures.
COMPLIANCE FRAMEWORK TO MEET REGULATORY REQUIREMENTS A comprehensive and effective compliance program is the basis of meeting obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing ACT (PCMLTFA) in Canada. During a regulatory examination it is important for FI to demonstrate that the required policies and procedures are in place and that employees, agents, and all others authorized to act on your behalf are well trained and can effectively implement all the elements of your AML/ATF compliance program. Effective control over ML and TF risks, and related regulatory, operational and reputation risks is essential.
In order to achieve effective control, FIs need to implement different approaches to their AML/ATF program based on the nature, scope, complexity and risk profile of their institution.
A RISK BASED APPROACH TO AML The basic principle underpinning an AML Framework is that financial institutions must develop and implement effective policies and procedures as well as a risk management framework to manage their exposure to ML/TF risk and ultimately their financial stability.
Reporting entities need to understand their ML & TF risks and prepare a Risk Based Assessment. This involves taking inventory of risks relating to products, services and delivery channels, clients and business relationships, geography and other relevant factors.
It is important to implement effective mitigation measures and in monitoring the money laundering and terrorist financing risks reporting entities may have or encounter as part of their activities and business relationships.
An effective AML Compliance Program needs an end-to-end suite of enterprise controls that addresses regulatory guidelines including: onboarding, detection, investigation, reporting and employee training.
We undertake internal audits and provide training or workshops on all aspects of AML risk management.
TRAINING ~End-to-End AML risk management~
The object of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) Regulations is to detect and deter money laundering and terrorism financing. By regularly assessing these risks entities can protect and maintain the integrity of their businesses while contributing to the integrity of the financial system as a whole.
Principal Elements of AML/ATF Program FIs should ensure that their AML/ATF programs include the following elements: . Senior Management oversight and accountability including reporting to Senior Management . A qualified individual responsible for the implementation of the program . Assessment of inherent ML and TF risks . Written AML/ATF Control policies and procedures that are kept up to date . Written ongoing training program . Self Assessment of Controls and . Effectiveness testing . Reporting
ASSESSMENT OF RISKS Regulators require that the compliance program include the development and application of policies and procedures to assess the ML/TF risks to ensure they are in the course of a FIs activities. IaS can advise and audit the following categories of ML and TF risk be covered in a FI’s assessment of inherent risk: . the clients and business relationships of the FI; . the products and delivery channels of the FI; . the geographic location of the activities of the FI; and . any other relevant factor.
CONTROL POLICIES AND PROCEDURES FIs should ensure that control policies and procedures are kept up to date to mitigate risks. They must also comply with other regulatory requirements: for example, the PCMLTF Regulation requires that written compliance policies and procedures form part of the AML/ATF compliance program and be approved by a senior management.
Control policies and procedures should be embedded in business areas commensurate with the risks they are intended to mitigate, and otherwise tailored to the particular circumstances in which they operate.
IaS can advise and audit control policies and procedures to identify and implement measures designed to control inherent risks.
CLIENT DUE DILIGENCE (CDD) CDD is comprised of client identification, information gathering, ascertaining identity and ongoing monitoring. These components must comply with applicable regulatory requirements and must be enhanced for higher risk onboarding clients.. The extent of CDD performed should correspond to the relative level of assessed ML and TF risks in the circumstances. Our team can advise or audit CDD.
RECORD KEEPING AND RETENTION IaS can audit the procedures for keeping paper and electronic records of pertinent information about clients and transactions to ensure that the FI complies with all of the record keeping requirements.
TRANSACTION REPORTING(Suspicious Transactions and Suspicious Attempted Transactions, and Reports on Terrorist Property)
IaS can advise on the controls related to suspicious transactions and attempted transactions in which there are reasonable grounds to suspect that the transaction or attempted transaction is related to the commission or attempted commission of a ML/TF offence.
TRAINING Effective training programs for staff and others (as required) is an important and statutorily required element of an FIs’ AML/ATF program. FIs should ensure that written AML/ATF training programs are developed and maintained. Appropriate training should be considered for Senior Management, employees, agents and any other persons who may be responsible for control activity, outcomes or oversight, or who are authorized to act on the Company’s behalf pursuant to the PCMLTF Regulation. The nature and content should be appropriate to the AML/ATF responsibilities of and the FI's relationship with, each intended recipient group. In particular, training should be tailored to provide the types and granularity of information and skills that are necessary for effective performance of the AML/ATF function in each case. Training programs for Senior Management should provide sufficient briefing with respect to inherent risks and controls to enable them to assess information reported by the CAMLO and Auditor, and exercise effective oversight over the AML/ATF program.
SELF ASSESSMENT of CONTROLS FIs should ensure that a self assessment of control measures is conducted, preferably on an ongoing basis, but at least annually. The assessment of AML/ATF controls is an important component of AML/ATF program because of its quality assurance outcome. The self assessment in each relevant area of the FI should cover, at a minimum, the adequacy of the inherent risk assessment, AML/ATF policies and procedures, training and other controls implemented to mitigate ML and TF risks. FIs should ensure that the self assessment is neither too narrow nor too broad. For example, a narrow legal/regulatory-based assessment could fail to cover broader ML and TF controls. Similarly an operational-based assessment might fail to cover prescribed controls. IaS has a team of experts who can advise on self-assessment of controls.
EFFECTIVENESS TESTING Like the assessments of inherent risk and risk management controls, effectiveness testing of the AML/ATF program is an important component of AML/ATF program quality assurance and is a statutorily required part of the FI’s AML/ATF program. Regulators require that the following AML/ATF program components be reviewed for the purpose of testing their effectiveness every two years: . Policies and Procedures; . Risk assessments; . Training programs.
Our team has performed effectiveness testing at some of the world’s leading FIs.
MONEY LAUNDERING INVESTIGATIONS Are the monies being funnelled through subsidiaries, fictitious entities or shell corporations? Our forensic accounting and investigative team can work to uncover the hidden connections and to provide you with tools to "follow the money". Our experienced team includes former Scotland Yard detectives and RCMP officers. Staff also belong to a world-wide network of investigation agencies and have a close relationship with law enforcement agencies.
PENALTIES FOR NON-COMPLIANCE A conviction of failure to retain records could lead to up to five years imprisonment, a fine of up to $500,000, or both. Failure to comply with your record keeping or client identification requirements can lead to criminal charges against individuals. Alternatively, failure to keep records or identify individuals and confirm the existence of entities can lead to an administrative monetary penalty.