Chapter 3 Flashcards
Why is it important for organizations to continue to update and revisit their aml risk assessment
- environment in which each organization operates its subject to continue change
- externally, political changes of jurisdiction on whether economic sanctions are posed or removed can affect a countries risk rating
- internally respond to market and customer demands emerging requiring other companies, introducing new products and services and implementing new delivery systems
-combination of these changes make it critical that ML risk model is subject to regular review - Some countries, there is legislative obligation for such reviews to be undertaken on a regular basis
According to FATF, what categories of risk factors warrant enhance due diligence measure
-customer risk factors ( non resident, cash intensive business, complex ownership structure)
- Country or geographic risk (in adequate email systems, subject to sanctions, countries involved with funding or supporting terrorist activities)
- product, service, transaction, or delivery channel risk factor ( private banking, anonymous transactions, payment received from unknown through parties)
As a financial organization develops transaction history with its customers, what factors should lead it to consider modifying the risk rating of a customer
-unusual activity, such as alerts, cases, and suspicious activity filings
-receipt of law enforcement inquiries as subpoenas
-Transactions that violate economic sanctions programs
-Significant volumes of activity where it would not be expected
What are some sources for identifying high risk countries?
-US state department annual international cottage control, strategy report, rating more than 100 countries on their ML controls
-Transparency international yearly, corruption perceptions index which rates more than 100 countries are perceived corruption
-FATF identifies jurisdictions with weak AML regimes and issues country specific mutual evaluation reports
-US certain domestic jurisdictions are you evaluated based on whether they fall within government identified high risk geographic location in such as high intensity drug trafficking areas(Hidta’s) and high intensity financial crime areas (hifca’s)
In addition to policies and procedures, what are examples of internal controls with AML programs
-Rely on a variety of internal controls, including management reports, automated review systems and utilization of multiple reviewers
-the internal technology or tools the financial organization uses to ensure ML program is functioning as intended, and within the predefined perimeters
-Alert, compliance department to identify potential outliers and deviations from normal policy that may need to be reviewed
What factors should be considered when determining the level of sophistication of an organizations compliance program
-should be based upon the organizations, nature, size, complexity, regulatory environment, and the specific risk associated with his products, services, and customers
-No two organizations will have exactly the same compliance structure because the risk facing each organization are different as identified in the respective risk assessments
Why is it important for an organization aml compliance officer to have good communication skills?
-Vital to the success of the organization AML program
-compliance officer must be able to communicate at all levels of the organization from front line associates to CEO and board of directors. Needs to be careful of articulating matters of importance to senior executive management. Compliance officer must be able to analyze, interpret changes, determine what effect they could have the organization and suggest an action plan when appropriate.
Describe an AML compliance officers accountability
Regardless of the ways and organization delegates its various ML task, it’s designated compliance officer is responsible for executing the AML program. More and more often, various regulators are seeking enforcement actions against not only the organization, executive management team, and board directors for AML violations, but also the compliance officer as well.
What are some of the target audiences for training?
-Most areas are financial organizations should receive AML training
-In some countries, training programs must extend beyond full and part time employees to include contractors, consultants, students, apprentice, placements, and second years from other branches necessaries
This includes customer facing staff, operations personnel, compliance staff, senior management, board of directors, and independent testing staff
Why are tests important in the AML training?
Test evaluate how well the training is understood with a mandatory passing score
When should financial organizations conduct training?
-Ongoing and on regular schedule
-existing employees should at least attend an annual training session. New employee should receive appropriate training with respect to their job function, and within reasonable periods after joining or transferring to a new job situations may arise that demand immediate session or enhance training.
-Changes in software, systems, procedures, or regulations are additional triggers for training sessions, as well as specific illicit financial activity that affects as specific business line or department.
According to FATF recommendation 10, when should financial organizations undertake customer due diligence measures
-Establishing business relationships
-caring out occasional transactions under certain circumstances
-When there is suspicion of money laundering or terrorist financing
- when financial organization has doubts about veracity or adequacy of previously attained customer identification data
According to FATS recommendation 10, when should financially organization conduct enhance due diligence on a customer
-When there are circumstances in which the risk of ML/tf is higher, Edd measures should be taken. These include customer risk factors, country, or geographical risk factors, and product, services, transaction, and delivery channel risk factors
What are examples of information obtained when financial organizations conduct enhanced due diligence on high-risk customers?
-source of funds and wealth
-Identifying information on individuals with control over account such as signatory or guarantor
-Occupation or type of business
-Financial statements
-banking references
-Residency
-Proximity of customers residence, place an employment and place of business to the bank
-Description of the customers primary trade area and whether international transactions are expected
-description of the business operations, the anticipated volume of currency and total sales
-list of major customers and suppliers
-Explanations for changes in account activity
According to FATF recommendation 10, when should of a customer be established and verified?
Bank should not establish banking relationship or carry out any transactions until identity of the customer has been satisfactory established and verified in accordance with this recommendation