AML/CFT Remote Compliance Service Based on the two yearly AML/CFT audits that have been conducted, there have been reoccurring
themes that have come through consistently.
Controls Many entities have developed good Risk Assessments and Programmes with noted policy and procedures, however the missing cog seems to be the third leg of the required equation, “CONTROLS”. It is very easy to note what and how things should be done, however some mechanism needs to be in place to ensure that the “what “and “how” is being adhered to. Some form of quality control needs to be instigated to show the regulators that the entity does take the AML/CFT regulations seriously and that it is committed to ensuring that it is doing their best to make the entity compliant.
Ongoing monitoring One of the other areas that many entities have noted in their documents is the ongoing monitoring of the various supervisors, such as Police FIU and the Financial Action Task Force (“FATF”).
Although stated, many entities could not confirm that regular monitoring was in fact being conducted and recorded. To ensure the entity is
keeping up to date with any regulatory changes such as sector risk assessments provided by the supervisors and the Police FIU, regular reviewing and recording should be actioned, showing that the entity is keeping up with its obligations in this area.
Also as part of ongoing monitoring the entity should be conducting regular reviews of its own business to ensure that any changes instigated in the business are reviewed to check if the AML/CFT Risk Assessment or Programme needs updating. This was also noted in many documents but no evidence of this actually happening in practice. i.e. six monthly AML/CFT meetings.
Politically Exposed Persons (“PEP”) This is an area that is probably a little misunderstood in particular who needs to have a scan conducted on them, and how a scan would be conducted if it was required. As per the regulations the entity should be conducting a PEP scan on a client or close relative/s, which include;
• a child and child’s spouse or partner
• someone who is a beneficial owner of the entity.
This is for someone who has held at any time in the preceding 12 months in any overseas country a prominent public function as noted
in the AML/CFT Act 2009 (the Act”).
Many entities have not correctly asked the right questions to determine if a scan should be conducted and have not sorted out a mechanism to conduct a scan if it is required