Internal policies, procedures and controls

  • Polices are a high-level statement of principles. Procedures and controls translate this into the details of how to execute and validate success in implementation of those principles. Controls might include dual controls such as secondary review, or technology controls that prevent or detect certain incidents.

  • Check what laws and regulations apply, this will set the minimum compliance level. Then based on the risk assessment, and risk appetite, you should prohibit anything the organisation deems too risky i.e. regions, company types or customer types. You also need to monitor laws and regulations for changes. The policies should be approved by upper management or the board of directors.

  • Key aspects of the policies, procedures and controls:

    • Identify high risk products, services, customers and geographic regions

    • Be tailored to organisation risk

    • Inform the board and senior management of key initiatives, deficiencies, details of suspicious reports filed, and actions taken

    • Clear accountability for all duties undertaken under the program

    • Ensure continuity despite staff changes

    • Meet all regulatory requirements and recommendations

    • Annually review the program, and update timely in response to changes in regulations

    • Include risk-based customer due diligence

    • Include controls and monitoring systems to detect and report suspicions. The reporting should be centralised for consistency.

    • Dual controls/segregation of duties: those who complete forms should not submit them or grant exceptions

    • Comply with record keeping requirements

    • Include supervision of employees engaged in any AML activity

    • Train employees on their obligations

    • Include AML in job descriptions

    • Screen new employees, and provide sanctions for employees who fail in their AML duties

    • Test the effectiveness of AML controls, policies and procedures, separate from internal audit




Next Topic: Designated compliance officer with day-to-day oversight of the program

Previous Topic: The Elements of an AML Program

Get the Book & Pass First Time!

Includes all the study notes, the mock exam and detailed explainations of the answers

Get the AML Book & Pass First Time - Instant PDF Download