Developing an Effective AML/CTF Programme
November 4, 2020
On the 12th August, the Wolfsberg Group issued the statement on Developing an Effective AML/CTF Programme. The statement outlines steps that Financial Institutions (FIs) can adopt to ensure key elements of an effective compliance programme.
- Complying with AML/CTF laws and regulations
- Providing highly useful information to relevant government agencies in defined areas
- Establishing a reasonable risk-based set of controls to mitigate the risks of an FI being used to facilitate illicit activity
Assess Risk in Defined Priority Areas: The starting point for an effective AML/CTF programme is understanding the risks associated with priority financial crime areas in jurisdiction(s) relevant to the FI, the applicability of those risks to the FI, and material changes to those risks over time. 3 The Group believes a priorities-focused AML/CTF regime is most effective when relevant government agencies specifically define a set of national priorities, particularly from law enforcement, for FIs to focus on. Where specifically defined priorities do not exist, FIs can leverage the priorities described in the jurisdiction’s National Risk Assessment, or equivalent publication, as the defined priority areas. Similarly, the impact of communicating such priorities is enhanced when the public and private sectors work together, thereby setting out a more holistic view of risk.
Implement/Enhance Controls: Once an FI has confirmed its potential risks in the priority areas, it should assess its controls against the identified risks, which may then result in the enhancement of existing controls, or the implementation of new controls, and associated governance, to mitigate those risks
Prioritise Resources: Certain priority areas may present a greater risk for the FI than others. FIs should use a risk-based approach to reallocate time and resources from lower-risk areas to higher-risk areas. FIs should also assess the benefits of harnessing technological developments (e.g. machine learning and artificial intelligence) and, if proven, should consider adopting these capabilities more widely and discontinuing practices that do not lead to one of the key elements of an effective AML/CTF programme.
Engage with Law Enforcement: FI should engage actively with the appropriate level of law enforcement in order to understand operational priorities, and therefore assist agencies to the greatest extent possible, as well as to understand trends and emerging threats from a more strategic perspective. While there are many ways an FI can engage with Law Enforcement, the Group believes the most effective engagement is through Public-Private Partnerships (PPPs) of which there are many examples, although the models in place differ. The Group strongly encourages participation in PPPs as a key component of an effective AML/CTF regime.
Demonstrate AML/CTF Programme Effectiveness: The risks that each FI is exposed to, and how it assesses and mitigates those risks, will vary by FI. Therefore, FIs will articulate the effectiveness of their programmes to Senior Executives/Boards and supervisors/examiners in different ways, using both quantitative and qualitative factors. An assessment of effectiveness should not merely be a statistical exercise: qualitative factors may be equally, if not more, important than the numbers themselves. Similarly, effectiveness can also be enhanced when both law enforcement agencies and supervisors provide feedback on what they have found to be most effective in an FI’s reporting and/or how components of the FI’s programme have been implemented.
The Wolfsberg Group believes that this approach will enable FIs to detect and deter criminal activity more effectively and efficiently, while at the same time reducing friction on innocent customers and helping governments achieve their financial inclusion objectives. As AML/CTF regimes around the world continue to focus on effectiveness, the Group remains committed to collaborating with policy makers, supervisors, law enforcement agencies and other stakeholders to develop this approach further. The Group intends to publish additional materials on each of the five steps described above to assist FIs in developing, and continuously enhancing, their AML/CTF programmes.
UK National Risk Assessment of money laundering and terrorist financing 2017 (Section 4.20):
The vulnerabilities for wholesale banking identified in the 2015 NRA were largely around correspondent banking and trade finance. Correspondent banking continues to pose a risk for banks due to the complex and international nature of many of the relationships involved. Banks’ risk appetites for correspondent relationships has decreased in recent years, leading to de-risking. While this has decreased the risk profile for the banks involved, the trend may pose wider risks by shifting correspondent relationships to those banks or jurisdictions with weaker compliance. The UK has been at the forefront of international efforts to address this issue, including through the Financial Stability Board and the G20. In April 2015, the FCA published a statement clarifying its regulatory expectations around banks’ approaches to risk and stating that “effective money-laundering risk management need not result in wholesale de-risking”.
How FinCrime Protection Limited Can Help
FinCrime Protection Limited’s consultants are industry experts that interpret the rules, regulations and spirit of the industry guidelines by assisting you “the client” in implementing a compliance programme that you can be confident is mitigating the risk of financial crime. What we can do:
- We analyse the relevant jurisdictions legislation, regulation and industry guidance to ensure that your controls adopt the highest standard possible
- Analyse and/ or Enhance your Business Wide Risk Assessment to ensure we consider money laundering and relevant predicate crimes
- Assessment of your Customer Onboarding and/ or Periodic KYC reviews rely on independent documentation and supported by credible information from your customer – as this is key to your compliance programme.
- Robust Transaction Monitoring and Screening whilst utilising your up-to-date KYC documentation/ information are fundamental.
- Greater emphasis on training – why not go through live examples with your RM’s, Operational Teams and Compliance – discuss the areas of concern and come up with compliant solutions.
- Ensuring your Compliance Monitoring Programme is conducted on a regular basis
- Engagement with senior management through relevant committees
For further information please contact us where our industry experts will be happy to answer your questions.
3. De-risking: managing money-laundering risk’, FCA, February 2016