Module 3 (Part 2) Flashcards
What are the 4 pillars
- A system of internal controls
- compliance function/designated BSA officer
- Employee training
- Independent Review
What is the first line of defense
effective policies, procedures, and internal controls
what do these three parts do
define and support the entire AML/CFT program, while at the same time, act as a blueprint that outlines how an institution is fulfilling its regulatory requirements
What is the second line of defense
the compliance function/designated BSA officer
Why is it the second line of defense
the compliance function is responsible for monitoring the controls of the business
can the compliance function be designated with a one size fits all mentality
no
why
no two institutions will have exactly the same compliance structure because the risk facing each institution is going to be different as identified in their respective risk assessments
what are the five factors in which the sophistication of the compliance function should be based upon
the institutions:
- nature
- Size
- Complexity
- Regulatory environment
- Specific risk associated with the products, services and clientele
in most cases what is the BOD responsible for
appointing a qualified individual as an institution’s AML/CFT Officer
what is this compliance officer responsible for
managing all aspects of the AML/CFT compliance program
what can these duties consist of (5 items)
- designing and implementing the program
- making necessary changes and updates to the program
- disseminating information about the program’s successes and failures to key staff members
- constructing AML/CFT related content for staff training programs
- managing adherence to applicable AML/CFT laws and regulations
what should an effective AML/CFT training program do
explain the relevant AML/CFT laws and regulations
Cover the institutions’ policies and procedures used to mitigate money laundering risks
what is the first steep in designing an effective AML/CFT training program
identify the target audience
will the topics to train be the same at every institution?
no, they will vary
what are the matters that should be factored into training
general background and history pertaining to money laundering controls, including the definitions of money laundering and terrorist financing, why criminals do it, and why stopping them is important
legal framework on what aml/cft laws aply to institutions and their employees
penalties for violations
how should training occur
What are the three key aspects of training to determine
it should be ongoing and on a regular schedule
- how to provide the training
- what to focus the training on
- who to train
What is the third line of defense
independent audit
who must perform it
people not involved with the organizations AML/CFT compliance staff
why must it be independent
to ensure its effectiveness and to look for new risk factors
who should those performing the audit report to
BOD or to a designated board committee composed primarily/completely of outside directors
what must be created at a company
a culture of compliance
What are the four measures that FATF recommends institutions incorporate into their CDD programs
- Identifying the customer and verifying the customer’s identity using reliable independent source documents, data, or information
- identifying the beneficial owner and taking reasonable measures to verify the identity of the beneficial owner
- Understanding and as appropriate, obtaining information on the purpose and intended nature of the business relationship
- Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of the relationship to ensure that the transactions being conducted are consistent with the institution’s knowledge of the customer, their business, risk profile and, where necessary, the source of funds
what should occur with higher risk customers and their transactions
should be reviewed even more closely at account opening and more frequently during their account relationships
what should the bank do to verify the identify of the customer
use reliable, independent source documents, data or information
what can be utilized for the verification
documentary or non documentary methods
what do documentary verifications include
obtaining a copy of the certificate of incorporation, memorandum and articles of association, partnership agreement, or any other document certifying the existence of the entity
what about for established corporate entities
reviewing a copy of financial statements
what do non documentary verification methods include
- Undertaking a company search and/or other commercial inquiries to ascertain that the legal person has not been, or is not in the process of being, dissolved or terminated
- using an independent information verification process, such as by accessing public corporate registers, private databases or other reliable independent sources (lawyers and accountants)
- validating the legal entity identifier and associated data in the public access service
- obtaining prior bank references
- visiting the corporate entity, where practical
- contacting the corporate entity by telephone, mail, or e-mail
what is a way to financially isolate a target
Economic Sanctions
what are the 3 categories that sanctions can fall within
- Targeted sanctions
- Sectoral sanctions
- Comprehensive sanctions
What are targeted sanctions
aimed at specifically named individuals
what do these sanctions often include
the freezing of assets and travel bans where possible
what are sectoral sanctions
aimed at key sectors of an economy to prohibit a very specific subset of financial dealings within those sectors to impede future growth
what are comprehensive sanctions
generally prohibit all direct or indirect import/export, trade brokering etc.
what are they often aimed at
regimes responsible for gross human rights violations and nuclear proliferation
what should be done before a financial institution starts doing business with a new customer
review the various country sanction program requirements as well as published lists of known or suspected terrorists, narcotics traffickers, and other criminal actors for potential matches
what does KYE stand for
know your employee
what does this program mean
that the institution has a program in place that allows it to understand an employee’s background, conflicts of interest, and susceptibility to money laundering complicity
what is the deal with the sheer number of people and volume of regulations
makes manual compliance difficult, if not impossible
what have most institutions done
have designated technology systems to automate their compliance activities,
what should the automated system have the ability to do (5 items)
- Monitor transactions and identify anomalies that might indicate suspicious activity
- gather CDD information for new and existing customers, score customer responses, and store CDD data for subsequent use
- conduct advanced evaluation and analysis of suspicious/unusual transactions identified by the monitoring system in the context of each client’s risk profile and that of their peer group
- view individual alerts within the broader context of the client’s total activity at the institution
- use data from the institution’s core customer and transaction systems and databases to inform/update monitoring and case management services
what are the 5 ML/TF red flags
- Unusual customer identification circumstances
- Unusual cash transactions
- Unusual wire transfer transactions
- Unusual activity indicative of trade based money laundering
- unusual activity indicative of human trafficking
what are some examples of an unusual customer identification circumstance
customer furnishes unusual or suspicious ID documents or declines to produce originals for verification
customer is unwilling to provide personal background info when opening an account
customer does not wish a statement of his account or any mail sent to him
customer’s internet protocol (IP) address does not match the identifying info provided during online registration
what are some unsual cash transactions
customer makes large cash deposit containing many larger denomination bills
customer withdraws cash In amounts under the reporting threshold
customer makes frequent deposits or withdrawals of large amounts of currency for no apparent business reason, or for a business that generally does not generate large amounts of cash
what are some unusual wire transfer transactions
wire transfers are sent or received from the same person to or from different accounts
wire transfer activity to and from secrecy havens or higher risk geographic locations without apparent business reason or is inconsistent with customer’s transaction history
an increase in international wire transfer activity in an account with no history of such activity or where the stated business of the customer does not warrant it
what are unusual activity indicative of trade based money laundering
discrepancies in the description of goods or commodity in the invoice or of the actual goods shipped
no apparent business relationship between the parties and transactions
frequent transactions in round or whole dollars
lack of appropriate documentation to support transactions
what are examples of activity indicative of human trafficking
a business customer does not exhibit normal payroll expenditures pay roll costs can be non existent or extremely low for the size of the customers alleged operations, workforce and/or business line/model
multiple, apparently unrelated, customers sending wire transfers to the same beneficiary
payments to employment or student recruitment agencies that are not licensed/registered or that have labor violations
a customer establishes an account or visits a branch to conduct transactions while escorted by a third party
inflows are largely received in cash where substantial cash receipts are inconsistent with the customer’s line of business, extensive use of cash to purchase assets and to conduct transactions
