System of Internal Policies, Procedures, and Controls Flashcards
Foundational to a successful AML/CFT program
Policies, Procedures and controls. Establishment and continual development
AML/CFT program should ?
Explain the 4
This program should
1) outlines how FI is fulfilling its regulatory requirement
2) Indicate the risk appetite of the
business- Risks the FI is prepared to accept and those it is not.
3)Mitigate the AML/CFT risk
4) Laws and regulations that the financial institution must comply with
larger financial institutions, what sort of approach is recommned towards AML/CFT program and Why?
Adopt an enterprise-wide approach that
allows for consistency in the manner in which the financial institution manages its ML/TF risk and also accommodate regional and/or business line-specific requirements.
Explain creation of Baseline of procedures and controls for LOB
Post executive management and the
board of directors approve the AML/CFT policy , this will serve as a baseline on how LOB will achieve compliance with laws and regulations, as
well as with the organization’s AML/CFT policies.
Explain benefits AML/CFT operating procedures
1) standard AML/CFT operating procedure is drafted at Operational level.
2) They translate policy into acceptable and workable practices
3) It also acts a component for AML/CFT training and compliance monitoring programs.
How do the FI ensure that AML/CFT program keeps going
1) Creation of variety of internal controls
2) Creation of built-in safeguards that
keep the program working.
3) second review and approval of actions
4) use of Technology
Key difference between AML/CFT Policy, procudre and Control
Policy
Clear and simple high-level statements that are uniform across the
entire organization (sets the tone from the top).
Approved by executive management or the board of directors.
Reflects the high-level responsibilities of the stakeholders through-
out the organization.
Procedures
Translates the AML/CFT policies into an acceptable and work-
able practice, tasking the stakeholders with their respective
responsibilities.
May be established at the operational (not executive) level of the
financial institution. These are the instructions on how an institu-
tion wants something done.
Much more detailed than AML policies.
Reviewed and updated regularly.
3 Controls
The internal technology or tools the financial institution utilizes
to ensure the AML/CFT program is functioning as intended and
within predefined parameters.
Alerts compliance to potential outliers or deviations from normal
policy that may need to be reviewed.
Includes management reports, automated review systems, or the
utilisation of multiple reviewers.
What is second line of defense.
The compliance function is commonly referred to as the second line of defense
Can two different FI can have two same Compliance Function
No two institutions will have exactly the same compliance structure because the risk
facing each institution is going to be different,
Who Appoints a Compliance Officers
The board of directors is responsible for appointing a qualified individual as an institution’s AML/CFT Compliance Officer.
Examples of AML/CFT subgroups
Program Management, Sanction Screening, Transaction Monitoring, Financial Investigations
Who will be first line of contact for line of business questions on AML/CFT matters.
Know Your Customer, Subgroup of AML/CFT program
What does the training include
Both formal training courses and ongoing communications. like Emails
Explains steps in designing an effective AML/CFT training program
WHO , WHAT, HOW, WHEN, WHERE TO TRAIN
Who is included in First Line of Defence for Training Program
Customer-facing staff and Operations personnel:
Who is included in Second Line of Defence for Training Program
AML/CFT compliance staff:
Who is included in Third Line of Defence for Training Program
Independent testing staff:
What training is provided to First Line of Defence
General Course to address importance of AML.
Basis specific LOB, Like Loan, Cash, credit, staff may be provided some additional training on specific unit procedures.
Which set of employees require the deepest practical understanding of AML/CFT
Employees part of First Line of Defence
Which set of employees require the deepest practical understanding of AML/CFT
Employees part of First Line of Defence
Who are Operational Personnel
Non-customer facing personnel. Example cash vault, wire transfer, trade finance, loan
underwriters, loan collections, and treasury management personnel are oftentimes in posi-
tions to recognize illegal, fraudulent, or unusual account activity.
Who are AML/CFT compliance staff?
they work under the direction of direction of a designated compliance officer. They are the second line of defence. They coordinates and monitors the organization’s day-to-day AML/CFT compliance
program.
What sort of Training is provided to the second line of Defence
more advanced ongoing trainings are required to stay abreast of requirements and emerging trends. Example. Attend Conference or or AML/CFT- specific presentations that are more robust in nature.
What sort of training is provided to third Line of Defence
As they accesses the adequacy of periodic training concerning regulatory requirements, they receive Periodic training concerning regulatory requirements, changes in regulation,
What will an effective internal audit department will develop and maintain
an audit risk assessment
What should the Audit team do with Internal audit department
Corrective action must tracked as well as indicate
the target date for completion and the personnel responsible.
What are the guidelines for cml and CFT program recommended by Fincen
dcdc
What are 8 minimum requirements for dfs
Bbjjjjj
What are the four magic of pgt recommended by fatf
Bh ujjbcf
What are the four measures and seven elements of the CD program
Vhujhff
What are the risk factors when an enhanced due diligence should be considered
Bbjjgdfv
What is (HIFCA) and (HIDTA)
Hjhgjj
What are the recommendations for high risk customers
Vhujkjh
What is fatf recommendation10
Bjkkjn
types of information should be collected
and verified for each.
Each new customer who is a natural person
Vghftdgf
What is a consolidated customer due diligence program
Hjjggfcc
What are different categories of economic sanction
Targeted Sanctions, Sectoral Sanction,Comprehensive Sanctions
Is ofac a supervisory agency
No
What are the Key Objective of FATF
set standards and promote effective implementation of legal, reg-
ulatory and operational measures for combatting money laundering, terrorist financing and other
related threats to the integrity for the international financial system. Starting with its own members,
FATF monitors countries’ progress in implementing the FATF Recommendations; reviews money
laundering and terroist financing techniques and counter-measures; and, promotes the adoption
and implementation of the FATF Recommendations globally.
Targeted Sanctions involves freezing of assets and travel bans
Yes
does Sectoral Sanctions prohibit a very specific subset
of financial dealings
Yes
Which Sanctions targets key sectors of an economy
Sectoral Sanctions —
Which sanctions targets terrorists, significant narcotics traffickers
Targeted Sanctions —
What is Comprehensive Sanctions
aimed at regimes responsible for gross human rights violations and nuclear proliferation
Who manages UN Sanctions
UN Security Council Committees
What are preventive, non-pu-
nitive, instruments
Sanctions
Why would EU imposes its restrictive measures
To bring about a change in policy or activity by the
target country
EU restrictive measures are
necessary to achieve the objectives of
Common Foreign and Security Policy (CFSP
Does blocking the transaction means freezing
Yes
Does rejecting he transaction means returning
yes
what will two things that internal audit department develop and maintain
1 )an audit risk assessment to deter-
mine audit priorities
2)
What is the objective of CDD per FFIEC view
enables banks to predict with relative certainty the types of transactions in which the customer is likely to engage
what is the FATF updated recommendations to undertake CDd measures. mention all four
Establishing business relationships.
• Carrying out occasional transactions under certain circumstances.
• There is a suspicion of money laundering or terrorist financing.
• The financial institution has doubts about the veracity or adequacy of previously obtained cus-
tomer identification data.
What are the four measures that FATf recommends to be incorporated in the institutions Program
Identifying the customer and verifying the customer’s identity using reliable independent source
documents, data, or information.
• Identifying the beneficial owner and taking reasonable measures to verify the identity of the
beneficial owner.
• Understanding and, as appropriate, obtaining information on the purpose and intended nature
of the business relationship.
• Conducting ongoing due diligence on the business relationship and scrutiny of transactions
undertaken throughout the course of the relationship to ensure that the transactions being
conducted are consistent with the institution’s knowl
what is CCRIMPD
Customer Acceptance, Customer Identification,Risk Rating, Investigation, Monitoring, Profile, Documentation
Per Basel Committee, EDD may be essential for an individual——?
In case of Large account balance and conduct regular cross-border wire transfers, or is a PEP
What is FATF recommendation of High Risk Customer in case if First Transaction
the first payment to be carried out
through an account in the customer’s name with a bank subject to similar CDD standards.
why is risk based approach more preferable. Provide three points
Flexible—Effective—Proportionate—
what serves as a foundational to a successful AML/CFT program.
establishment and continual development of FI’s policies, procedures, and
controls
policies, procedures, and
controls should be designed to
mitigate the
identified AML/CFT risks,
Does laws and regulations be part of the policies, procedures, and
controls
YEs, should take into account the applicable laws and regulations FI must comply with
Does the AML/CFT program, indicate the risk appetite
Yes, it should clearly indicate what risks the business is prepared to accept and those it is not.
Who will approve the policy for Internal AML/CFT
executive management and the
board of directors,
are the procedures more detailed than the policy
Yes, they translate policy into acceptable and workable prac-
tices
what are example of internal controls
management reports and other built-in safeguards
what serves a baseline of AML/CFT risk categories
Low Risk
There is a Change in Laws and Regulation, What should Compliance Officer do
escalated to management
What should the next course of action post CO has ongoing changes,
determine what effect they may have on
the institution, and suggest an action plan
An ongoing changes is going to impact the FI, What should be CO next course of action
suggest an action plan
CO should not be provided incentives based on
the profitability of those business lines. Correct or Incorrect
Correct
