Fortifying Your AML Audit with International Best Practices

Similar documents
Know Your Customer (KYC), Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)

HIGH-RISK COUNTRIES IN AML MONITORING

Review of banks anti-money laundering systems and controls

Validating Third Party Software Erica M. Torres, CRCM

Background. FIN-2010-G001 Issued: March 5, 2010 Subject: Guidance on Obtaining and Retaining Beneficial Ownership Information

Bank Secrecy Act Anti-Money Laundering Examination Manual

Managing TPPPs and TPSs in the Current Regulatory Environment

Bank Secrecy Act, Anti-Money Laundering, and Office of Foreign Assets Control

BANK EXAMINERS MANUAL FOR AML/CFT RBS EXAMINATION

It s a Regulatory Requirement But does it help and what does this really mean?

10 Shenton Way MAS Building Singapore Telephone: (65) Facsimile: (65)

Identification and Reporting of Suspicious Transactions in Banks. David Hsu Country Compliance Officer Citibank, N.A., Hong Kong

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved.

LexisNexis UK Anti-Money Laundering (AML) White paper

Briefing Seminar on the New Guidelines on Anti-Money Laundering and Counter- Terrorist Financing (AML/CFT)

The Wolfsberg Group Anti-Money Laundering Questionnaire. Financial Institution Name. 8 Canada Square, London E14 5HQ

B roker-dealers often face a significant challenge

Wolfsberg Anti-Money Laundering Principles for Correspondent Banking

TEMPLATE FOR REFERENCE ONLY

Wolfsberg Anti-Money Laundering Principles for Private Banking (2012)

Report on Anti-Money Laundering/Countering the Financing of Terrorism and Financial Sanctions Compliance in the Life Insurance Sector in Ireland

AML Rule Tuning: Applying Statistical and Risk-Based Approach to Achieve Higher Alert Efficiency

An Oracle White Paper October An Integrated Approach to Fighting Financial Crime: Leveraging Investments in AML and Fraud Solutions

You Can t Afford the Risks

Preparing for an OFAC Review An Examiner s Perspective

BSA/AML & OFAC. Volunteer Compliance Training. Agenda

Anti-Money Laundering and Counter- Terrorism Financial Policy

Payment Processor Relationships Revised Guidance

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL

ANTI-MONEY LAUNDERING AND COUNTER-TERRORISM FINANCING (AML AND CTF) PROGRAM PART A

10 Shenton Way MAS Building Singapore Telephone: (65) Facsimile: (65)

FINANCIAL SERVICES FLASH REPORT

How small banks manage money laundering and sanctions risk

Policy on Prevention of Money Laundering and Terrorist Financing ABH Holding S.A.

ANTI-MONEY LAUNDERING FOR LENDERS

GUIDANCE ON PAYMENT PROCESSOR RELATIONSHIPS (Revised July 2014)

Risk Based Approach putting it into practice

Taking AML Analytics Beyond Compliance

IDENTITY MONITORING: KEEPING A FINGER ON THE PULSE OF CLIENT IDENTITY CHANGES

The proposed Fourth Money Laundering Directive

AML Topics Using analytics to get the most from your transaction monitoring system

Appendix E: Know Your Client DUE DILIGENCE QUESTIONNAIRE

FSA reports on how banks deal with high-risk customers, correspondent banking relationships and wire transfers

A BSA/AML RISK ASSESSMENT. Page 1 of 35

Anti Money Laundering. Cork. Fergus Bradley November 2011

FFIEC BSA/AML Examination Manual. Four Key Components of a Suspicious Activity Monitoring Program

Independent AML Testing of Introducing Broker- Dealers

Enhanced Customer Due Diligence ADVISORY / FINANCIAL SERVICES

Broker-Dealer Concepts

Anti-Money Laundering and Economic Sanctions

ING DIRECT Customer Identification Procedures for Brokers

FinCEN s Proposed Anti-Money Laundering Compliance Requirements for Investment Advisers: How to Prepare Now

Data Analytics Audit Considerations When Designing BSA/AML Audit Testing

Insurance Europe Position Paper on the proposal for the fourth AML Directive. Our reference: LIF-AML Date: 14 May 2013

ANTI-MONEY LANDERING & COUNTER TERRORISM FINANCING POLICY

PREVENTION OF MONEY LAUNDERING AND COUNTERING THE FINANCING OF TERRORISM - BANKS

SPECIAL REPORT: KYC AND AML POLICY IMPLEMENTING BEST PRACTICE IN AN EVER-CHANGING REGULATORY ENVIRONMENT

Guideline on Anti-Money Laundering and Counter- Terrorist Financing. (For Authorized Institutions)

DEVELOPING AN AML (ANTI-MONEY LAUNDERING) PROGRAM:

Nevada Registered Agents Association

Client Update FinCEN Proposes Anti-Money Laundering Rules for Investment Advisers

Report on Anti-Money Laundering/Countering the Financing of Terrorism and Financial Sanctions Compliance in the Irish Banking Sector

GUIDANCE. for. Sole Practitioner Accountants, Accounting Firms and Sole Practitioner Auditors, Auditing Firms

SFC AML/CFT Seminar Governance, PEPs & Transaction Monitoring. Philip Rodd

FEDERAL DEPOSIT INSURANCE CORPORATION WASHINGTON, D.C. ) ) ) ) ) ) ) )

ANTI-MONEY LAUNDERING/ COUNTER TERRORISM FINANCING POLICY

FIN-2014-A007 August 11, 2014

NOTICE TO BANKS MONETARY AUTHORITY OF SINGAPORE ACT, CAP. 186 PREVENTION OF MONEY LAUNDERING AND COUNTERING THE FINANCING OF TERRORISM - BANKS

Customer Identification Program - Overview

Guideline on Anti-Money Laundering and Counter- Terrorist Financing

Basel Committee on Banking Supervision

2: Credit cards, etc. Overview of the sector

Anti-money laundering and countering the financing of terrorism the Reserve Bank s supervisory approach

Account Opening/Client Identification Program and Monitoring Client Activity

APCC London Regional Forum. Monday, 16 th June 2014

Basel Committee on Banking Supervision. Consultative Document. Sound management of risks related to money laundering and financing of terrorism

AML & Mortgage Fraud Compliance Program v ANTI-MONEY LAUNDERING & MORTGAGE FRAUD COMPLIANCE PROGRAM

Fraud, Corruption and Money Laundering: Prevention, Detection and Recovery

THIRD PARTY PAYMENT PROVIDERS

FEDERAL DEPOSIT INSURANCE CORPORATION WASHINGTON, D.C. ) CONSENT ORDER. ) FDIC b

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB OVERSIGHT OF SINGLE-FAMILY SELLER/SERVICER RELATIONSHIPS. Purpose

FEDERAL DEPOSIT INSURANCE CORPORATION WASHINGTON, D.C. CALIFORNIA DEPARTMENT OF FINANCIAL INSTITUTIONS SAN FRANCISCO, CALIFORNIA

Product. AML Risk Manager for Life Insurance Complete End-to-End AML Coverage for Life Insurance

Managing Regulatory Compliance and AML Risk in a Virtual Currency World

In accordance with Article 14(5) of the Rules of Procedure of the Board of Supervisors, 2 the Board of Supervisors has adopted this Opinion.

8 Guiding Principles for Anti-Money Laundering Polciies and Procedures in

Basel Committee on Banking Supervision. Consolidated KYC Risk Management

HELM TRUST COMPANY LIMITED COMPANY MANAGEMENT APPLICATION FORM

Developing the Bank s BSA/AML Compliance Program Based upon its Risk Assessment

Svenska Handelsbanken AB FI Ref through Chair of Board Service no. 1. Finansinspektionen's decision (to be issued on 19 May 2015 at 08.

Transcription:

Fortifying Your AML Audit with International Best Practices Hue Dang, CAMS Head of Asia, ACAMS 1 February 2013 Asia Full Day Seminars Asia Pacific Region - 1

Agenda Regulatory Framework: BSA/AML Exam Optimizing your audit practices to meet stringent regulatory expectations and regional standards Implementing a risk-based approach to AML audits Leveraging audit findings to improve AML department processes Applying the latest techniques to streamline testing and reporting procedures 2

Regulatory Framework: BSA/AML Key Components AML Risk Assessment Step 1: Risk categories: products, services, customers, entities, transactions, and geographic locations Step 2: detailed analysis of the data identified to better assess the risk within these categories AML Compliance Program Written policies, procedures, and processes System of internal controls to ensure ongoing compliance (CIP Program) Independent Testing Designation of Compliance Officer Training 3

Regulatory Framework: BSA/AML Key Components (cont d) Suspicious Activity Monitoring & Reporting Systems Review correspondence with primary regulator Check for STR, CTR errors and exemptions Level and Extent of Automated Systems Volume of activity commensurate w/ customer occupation or type of business Number & Volume of high-risk customers Volume of STRs/CTRs in relation to exemption Volume of STRs/CTRs in relation to bank size, asset or deposit growth, and geographic location 4

Implementing a risk-based approach to AML audits STARTING POINT 1. What are the Key Elements of a Good AML Program? Statement of Objective AML Organization Structure - Identification of Roles & Responsibilities AML Regulatory Framework Outline of the AML/Compliance/Risk Governance Structure Risk assessment of Clients/Products/Geographies /Transactions On-boarding Procedures - CIP + KYC On-going Monitoring + Periodic Review Escalation - Investigation-Suspicious Activity Reporting Cooperation with Law Enforcement, other financial institutions Sanction Screening MIS Record Retention AML Training Review and Auditing/Testing of the AML Program 5

2. Derive the Key AML Risks and Controls from an Effective AML Program 1. Management Oversight 2. AML Policies/Procedures 3. AML Monitoring 4. SAR/STR Reporting, Sanction Screening 5. Testing 6. Training 6

Testing AML Controls : Some Common Flaws in AML Risks and Controls Management Oversight Lack of Business Participation/Buy-in (No Culture of Compliance ) Weak AML Governance Structure (i.e. Senior (AML) Management not aware of AML issues and their resolution) AML Policies Fragmented procedures/processes Not robust enough in mitigating certain High Risks Not timely in addressing regulatory changes (Gaps & Remediation)

Testing AML Controls : Some Common Flaws in AML Risks and Controls AML Monitoring Parameters/Thresholds not optimized: Noise vs Productive Alerts Inefficient disposition of Alerts: Too many nonproductive Alerts Inexperienced AML Analysts to detect unusual activity Insufficient resources Failure to document the rationale for closing an alert/investigation 8

Testing AML Controls : Some Common Flaws in AML Risks and Controls SAR/STR Reporting, Sanction Screening Lack of clarity in the Escalation Process Too much time taken to determine possible suspicious/unusual activity (Delay in reporting) Poor SAR/STR Narratives - Failure to clearly state why the activity is suspicious (or NOT suspicious) Failure to take (or track) action post-sar/str filing Search request and result reporting are not streamlined (resulting in untimely responses/ incomplete coverage) 9

Testing AML Controls : Some Common Flaws in AML Risks and Controls Testing No Independent; only Self-testing Lack of Transparency in Testing and Results Poorly defined Corrective Action Plans (Root Causes not identified/addressed) Failure to track Follow-up Actions Corrective Action Plans/Remediation Training Failure to identify correct target-audience(s) within the Firm Failure to track and follow-through on non-completion of mandatory training New Training vs Refresher Training (same modules/contents) Failure to train to regulatory requirement 10

11 CASE STUDY: Testing KYC/CDD Controls

STARTING POINT: Appreciate the importance of an effective KYC /CDD program Effective KYC/CDD Program Identifies the ML/TF risk that the prospect / client may pose Tailors the Due Diligence required to be performed on the prospect /client Satisfies that the prospect / client does NOT pose a ML/TF risk ML/TF risk to the your FI /Bank Managed 12

Key components of an effective KYC/CDD program Record Retention Written Customer Identification Program / Procedures Customer Due Diligence Name Screening OBTAIN Client Identity Information & Documentation VERIFY Client Identity Information & Documentation Due Diligence or Enhanced Due Diligence (EDD) Sanctions Lists Do-not-do Business Lists Object: To enable the bank to form a reasonable belief that it knows the true identity of each customer. Object: To enable the bank to verify facts about the client, including his reputation. Object: To ensure that the bank does not establish a relationship with a sanctioned person, or with someone that the bank ought not to do business (e.g. previously rejected, or terminated clients, known criminals), etc. 13

KYC/CDD Controls Testing: What are some of the common flaws /problems with a KYC/EDD program? KYC Policy / Procedures No written CIP / CDD / Name Search procedures / Records Retention procedures. Unclear procedures Fragmented procedures/processes (i.e. not consolidated or centrally located) Not robust enough in identifying and/or mitigating certain High Risks Clients PLEASE REFER TO NEXT SLIDE Not timely in addressing regulatory changes (Gaps & Remediation) 14

KYC/CDD Program Regulatory Expectation - Enhanced Due Diligence for Higher-Risk Customers The bank should consider obtaining, both at account opening and throughout the relationship, the following information on the customer: Purpose of the account. Source of funds and wealth. Individuals with ownership or control over the account, such as beneficial owners, signatories, or guarantors. Occupation or type of business (of customer or other individuals with ownership or control over the account). Financial statements. Banking references. Domicile (where the business is organized). Proximity of the customer s residence, place of employment, or place of business to the bank. Description of the customer s primary trade area and whether international transactions are expected to be routine. Description of the business operations, the anticipated volume of currency and total sales, and a list of major customers and suppliers. Explanations for changes in account activity. Source: FFIEC BSA/Aml Examination Manual http://www.ffiec.gov/bsa_aml_infobase/pages_manual/ma nual_online.htm

KYC/CDD Program assessment Common flaws in KYC/CDD Programs SUMMARY (cont d) KYC / CDD Client Profiles Insufficient information on client s Source of Wealth or Source of Funds DD /EDD not performed. Or, results not sufficiently documented for the DD/EDD that was performed No quality control on what client or banker says about the client (i.e. no independent corroboration / verification) The information is stale; as the client s profile has not been periodically reviewed and updated. Too many exceptions / deferrals on client documentation to be obtained. These deferrals may not be tracked to ensure the documents are received Training Business does not appreciate the ML/TF risks Bankers do not know how to complete a KYC Profile. 16

Leveraging audit findings to improve AML department processes Review the past finding (s) Review the Corrective Action (s) that were agreed to address the finding. Ask: Has the Corrective Action addressed the ROOT CAUSE? 17

Applying the latest techniques to streamline testing and reporting procedures Identify Key AML Risks and their controls Test the Controls Design and Operating Effectiveness Don t just rely on deliverables from the Auditee. Think how else can we test the Controls Independent data requests from Technology? 18

AML Audit Cycle: Summary Measure against prior assessments. audits Adequacy of AML Program Record keeping AML Policies, procedures, processes Review of training records Compliance with AML obligations by staff Data testing including monitoring programs 19

20 AML Audit Report Flow Scope agreed Phase 2 Perform Audit Report to Board Action plans Phase 4 Validate Phase 1 Phase 3 Phase 5

Some Cases Asia Full Day Seminars Asia Pacific Region - 21

Hong Kong s Largest ML Case (24 Jan 2013) HK: Jan to Nov 2012: 136 ML cases prosecuted & 147 people convicted 22-yr old high school drop-out working as factory delivery man Chiyu Bank (part of Bank of China (HK)): initial deposit of HK$500 in 2009, within 8 mos, HK$13bil. in transfers by internet (4,800 deposits & 3,500 transfers out) VERDICT: 10 ½ yrs imprisonment KEY QUESTION: What is the consequence to the Bank? 22

Living/Salary Standards Test Jurisdiction: Hong Kong Indicators: 600 transactions over 2 years, with HKD1 mil in size Deposited HKD1.1 mil. In Jockey Club account, only HKD2K used for betting Monthly salary of HKD23K Case description: Wilson Ho Hung-yiu, 36, attached to the Traffic Accident Investigation Unit of Kowloon West, used three bank accounts and a Jockey Club account to manipulate the money between 2007 and 2009. Defendant claimed transactions were for his business, but Inland Revenue Dept records showed he neither owned a property or ran a business, and had not other sources of income. Verdict: 3 years imprisonment 23

Tying it all together: Ponzi Scheme I am not a banker but I know that $100bn going in and out of a bank account is something that should alert you to something, Madoff told the Financial Times from his North Carolina prison. Securities Fraud Investment Adviser Fraud, Mail Fraud Wire Fraud False Statements Perjury False Filings to the SEC Theft from an employee benefit plan AND three counts of money laundering

Thank you. Questions? Asia Full Day Seminars 25 Asia Pacific Region - 25

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information