Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Financial crime anti-money laundering - bovill briefing

Bovill - the UK financial services regulatory consultancy - runs regular briefings. These are the slides from the February briefing on anti-money laundering. For more information visit

Information on the event is below:

Taking a company-wide approach to money laundering

“The FCA has made it very clear that responsibility for the overall culture of firms sits at the top. We need leaders and senior managers within the industry to set the tone for how their staff behave.”
Tracey McDermott, Director of Enforcement and Financial Crime, FCA

The regulator has recently reiterated their intention to carry out further thematic and enforcement work in financial crime. However, many firms still have a fragmented approach to managing the risks of money laundering.

The responsibility for preventing financial crime is shared across the firm from the back office to the boardroom. Firms need to take a company-wide approach to tackling money laundering to ensure they are complying with regulation and managing risks effectively.

Bovill’s briefing looked at Anti-Money Laundering (AML), covering:
• Governance arrangements: as the foundation for effective communication and issue resolution
• Risk management: the difficulties of negotiating the right level of due diligence for higher risk customers and what tools can be used to help with this process
• Systems and controls: ensuring that these are fit for regulatory purpose and are appropriately maintained within your firm.

  • Login to see the comments

Financial crime anti-money laundering - bovill briefing

  1. 1. Anti-Money Laundering (AML) Taking a company-wide approach February 2014
  2. 2. • Themes • Moving beyond tick the box • Bringing regulatory compliance to the heart of the business OR • Keeping the CEO out of trouble • Content • Governance • Risk Management • Monitoring • Updates Introduction 2
  3. 3. A comprehensive framework for AML compliance 3 Governance Operations Risk Management Awareness Monitoring
  4. 4. Good governance relates to: • Leadership • Strategic • Risk appetite • Culture • Management • Policies • Guidance • Processes • Clarity of scope • FCA’s Handbook • Senior Management Arrangements, Systems & Controls (SYSC) Governance is the process of decision-making and control 4 Governance
  5. 5. Governance models 5 A - Divisional Framework B - Federal Framework C - Enterprising Governance
  6. 6. • Board executive responsibility • Global minimum policy • Risk appetite articulated to Divisions, Business Units • Oversight resource allocation proportionate to extent of delegated risk appetite • Delegated risk managed at regional level • Mechanisms for assurance on adequacy of controls • Good management information • Eliminate duplication / leverage synergies to reduce costs The best model takes a number of these features 6 Governance
  7. 7. 1. Adopt formal Financial Crime / AML Policies 2. A defined governance and oversight structure 3. Defined AML roles and responsibilities • Designated MLRO • Designated Nominated Officer 4. Defined clear approval/ escalation process (CDD / SARs) • Defined internal path • Established governing body roles and responsibilities 5. Defined AML training & awareness strategy For AML, your best governance model must include… 7 Governance
  8. 8. Overlay the Three Lines of Defence Model 8 First line of defence Second line of defence Third line of defence Increasing regularity of review Governance
  9. 9. The Financial Crime governance model in practice 9 Financial Crime Committee AML Sanctions Bribery Fraud Market Abuse Data Security Shared Services Intelligence • Larger organisations are more likely to have more complex organisational structures • Amalgamation of Financial Crime areas may provide efficiencies • Centralised / holistic organisation recommended Audit Committee Group / Board Executive Committee Risk Committee Compliance Committee Governance How are outputs shared?
  10. 10. Committee meetings should include the following topics 10 Agenda items will be driven by: • Business type • Activity • Key risks • Issues • Regulatory horizon • FCA thematic reviews • Emerging risks • Hot topics • MI • Strategic activities which may impact Financial Crime • Oversight / Assurance / Audit plans • Projects (e.g. remediation) • Intelligence Governance Attendance Active Engagement Challenge
  11. 11. Getting the policy and procedures right 11 Group Policy & Risk Appetite Statement Guidance Procedures Desktop Manuals Governance
  12. 12. • Due diligence is determined via a Risk Based Approach • This allows for focused time and effort on the highest risk customers Due diligence effort is determined by risk rating 12 Risk Management Low risk ‘Simplified’ or lesser amount of due diligence Medium risk ‘Standard’ due diligence (i.e. more than ‘Low’) High risk ‘Enhanced due diligence’ (EDD)
  13. 13. Customer due diligence should drive risk management 13 IndividualsLegalEntities • Verify identity • Identify sources of income / wealth • Identify proposed use of the account • Identify legal structure • Identify type of business • Identify beneficial owners • Identify source of funds / client’s own customer base • Identify intended use of the account • Where is the money coming from? • Is the activity consistent with what is known about the client (KYC)? • Is the activity consistent with the product/ account type? • Where is the money going? • Who owns / controls the money? Information Intelligence Risk Management
  14. 14. Intelligence informs your customer’s risk profile 14 • High risk customer? • Business type • Connection to PEPs • Anticipated activity • Sanctions targets • High risk country? • Country of residence • Country of prime business • Connections to sanctions • Source of funds • High risk product? • Service offered • Product facilities • Restrictions on the product • Speed on transaction size • Delivery channels • Suspicious activity? • Meets with Risk Appetite? Information Intelligence Risk Management
  15. 15. • Enhanced due diligence is required… • No face-to-face meeting with the client • The client is a PEP • The client is a correspondent • Any other situation with elevated ML/TF risk • Enhanced Due Diligence is a more robust level of due diligence including: • Enhanced monitoring • Periodic review • Negative news searches • Politically Exposed Person (PEP) searches • Due diligence on controlling persons and related parties • Additional documentation gathering EDD must be applied for higher risk customers/accounts 15 Risk Management
  16. 16. • Legal risk • Reputational risk • Regulatory risk • FCA’s “Thematic Review for High Risk Money Laundering Risk Situations” and in its “Guide for Firms” • 4th EU Money Laundering Directive – Domestic PEPs inclusion • Financial risk • Recent enforcement action • Political corruption risk • Standard Customer Due Diligence (CDD) is not sufficient • PEPs are becoming more effective in hiding their identity PEPs are a higher risk category of customer 16 Risk Management
  17. 17. • New client approval • Identification of existing clients • Enhanced Due Diligence (EDD) • Enhanced monitoring • Reviews – existing PEP clients • Training and education Controls are required for PEP risk management 17 Risk Management
  18. 18. An approach to PEP risk management is recommended 18 Screening Decision EDD Approval Ongoing Review Decision based on: • Discounting • Judgement • Profile • Control • Public sources • Adverse media • Country risk • Sanctions risk • Reputation Management Information (MI) Risk Management
  19. 19. • PEP profile • Actual vs. Connected, Current vs. former etc. • e.g. Actual current PEP = High • Adverse media • Money Laundering • Terrorist Financing • Fraud, Bribery & Corruption • Sanctions and Regulatory fine/censure • Current, recent, historic news • e.g. Current conviction or charge of money laundering = High • Country risk association • Use of Country Risk Ratings • Based on individual's Country or Residence etc. • e.g. Individual is a UK ambassador in Syria and has been a resident of Syria for > 3 years = High An example of a PEP risk assessment methodology 19 Risk Management
  20. 20. Country risk is relevant to PEP risk management 20 Risk Management Country impacts • Residency (& nationality) • Client’s place of prime business • Business factors • Source of funds • Funds destinations Country risk indicators For example: • Membership of FATF • Membership of regional FATF • FATF Strategic deficiencies • Transparency International CPI Score • US INSCR reports • IMF review status / reports • OFAC status Country risk scoring High risk Medium risk Low risk
  21. 21. • Methodology output can be used to drive: • Due diligence requirements • Frequency and level of ongoing monitoring • Overall view of PEP risk distribution • Accurate MI and board reports • Improved ability to drive business decisions • Deeper understanding of risks posed • Ensure customer base aligned to firm’s risk appetite Benefits of PEP risk assessment include… 21 Risk Management
  22. 22. • Global policy must have clarity on minimum standards • Documented procedures should reflect business operations • Golden source of data is used across business and jurisdictions effectively • Intelligence (e.g. from SARs) is used effectively in-house • Processes are owned and over sighted • Transaction monitoring systems are efficient and effective • Synergies between relevant processes optimised • Record keeping is comprehensive Monitoring of systems and controls is vital 22 Monitoring
  23. 23. • 4th EU Money Laundering Directive • Bribery & Corruption –fining on JLT Speciality Limited • Market Abuse Directive • Future FCA thematic reviews Regulatory update 23
  24. 24. Wrap Up 24
  25. 25. Questions 25
  26. 26. Wrap up 26 Governance Operations Risk Management Awareness Monitoring