The performance of periodic reviews in AML compliance requires an appropriate AML/CFT review plan and program including procedures to be performed during the review process. The procedures should be standardized, relevant, and sufficiently consistent on an entity-wide basis enabling it to aggregate money laundering, terrorist financing, or other crime information in a systemic way to identify any patterns or trends of weak AML/CFT controls.
Anti-Money Laundering controls review processes should include verification of key information used in compliance reports to Management and the Board. Periodic ML/TF-related risk and controls exercise is reviewed to check the identified ML/TF risks by the compliance team and the measures are taken to address those risks. The health of controls is checked by the audit team, where controls are tested for selected samples of transactions.
Importance of Periodic Reviews and Performing Investigations in AML Compliance
The independent AML reviews need to be performed on a risk-based approach where material and high-risks are to be assessed or areas where non-compliance may have serious financial and compliance implications resulting in reputation, financial and operational losses. The review process includes assessing the awareness of relevant employees of AML/CFT laws and regulations.
All the review results are to be reviewed by the compliance head. The significant compliance issues and observations are segregated and analysed in detail with management feedback. This requires discussion with different stakeholders such as departmental heads, heads of legal, etc. The responses are consolidated and discussed with the departmental heads and the CEO of the entity.
The material risks and issues are placed before the board audit committee meeting, for review and feedback. The committee based on the facts presented, issues further instructions and feedback, to ensure that weak internal controls are strengthened and measures are taken to protect the entity from the consequences of ML/TF risks and issues.
The management follows the instructions and guidance of the committee and applies the instructions received and reports to the committee back in its next meeting through the head of the audit function. Institutions need to focus extensively on the narrative part of the SAR, and in some cases, the managers and investigators usually are from the background of the regulatory job who have experience with ML and financial investigations and possess knowledge about the relevant regulatory requirements.
The ML/TF case investigation is a process that involves the review of historical financial transactions and other related information, to identify the root causes of the ML/TF event that occurred in the entity. It involves the analysis of various conditions that highlight the breaches of internal controls, and any possible management bias for the actual financial crime incident.
The identification process is also a forward-looking activity to assess the possibilities of the reoccurrence of financial crime incidents. To assess the reoccurrence of ML/TF activities in the future in any particular department or function of the company, the investigators analyze the historical as well as current financial crime trends and incidents, to establish the inter-connections between them. This connection assessment helps in the prediction of possible future fraud incidents.
Investigation of transaction alerts generated during the period is performed by the Compliance AML team, which checks the risk profile of the customer against the transaction generated as an alert. In case the detail of the risk profile is not matched with the transaction, the information is obtained from the customer about the nature and purpose of the transaction. If the customer provides appropriate feedback that matches the transaction, then the AML team marks the alert as close. In case the customer doesn’t provide a satisfactory response or hides the information then the transaction is considered suspicious.
Transaction investigators also participate in monthly group meetings that provide the ability to discuss issues across various channels. A business group discusses cases or new trends discovered. This allows for cross-training to understand the ML risks that exist within the different processes. Once a transaction alert is generated by the monitoring system, 6 months of account activity is reviewed. Once a decision is made to initiate an investigation, the alert is entered into the bank’s case management system. At this point, the timeline for filing a suspicious activity report (SAR) starts.
Final Thoughts
Periodic reviews and investigations are crucial components of anti-money laundering (AML) compliance programs. AML regulations require financial institutions to conduct ongoing monitoring and periodic reviews of customer accounts, transactions, and other activities to detect and report suspicious behavior. Overall, periodic reviews and investigations are critical components of AML compliance programs. They help financial institutions identify suspicious activity, comply with regulations, mitigate risk, and improve the effectiveness of their AML programs.