Independent Review of the AML/CTF Program
An independent review of the AML/CTF Program is an excellent ‘health check’ of your organisation’s AML/CTF compliance framework. Generally, you may elect to only have Part A of your AML/CTF Program reviewed, or you may elect to subject both Part A and Part B of the Program to the independent AML/CTF review.
Part A Review
Reporting entities with a standard or joint AML/CTF Program are required under Part 8.6 (for a standard AML/CTF Program) and Part 9.6 (for a joint AML/CTF Program) to have Part A of their AML/CTF Program independently reviewed on a regular basis.
While the AML/CTF Rules do not prescribe a particular frequency for independent AML/CTF reviews, a reporting entity needs to take into consideration ‘the nature, size and complexity’ of its business and the ‘type and level’ of the ML/TF risks it faces. This is consistent with the ‘risk-based approach’ adopted by the entire AML/CTF regulatory regime.
The independent AML/CTF review process must address the purpose as stated in r 8.6.5 (for a standard AML/CTF Program) or r 9.6.5 (for a joint AML/CTF Program), which generally involves testing the Program against the regulatory requirements and testing the reporting entity’s implementation of and compliance with its Part A Program.
The reporting entity has the onus to demonstrate the independence of the reviewer, who must not have been involved in the design or ongoing management of the Program or the risk assessment. This is to ensure that the reviewer will not review their own work.
Part B Review
The Part B Program focuses on customer identification and verification. Reporting entities often have secondary policies and processes in this regard, such as customer onboarding manuals for the team members in charge of customer onboarding, paper and/or online application forms for various types of customers. It might be worthwhile to review everything together as part of the independent AML/CTF review in order to ensure that any inconsistencies among policies and procedures are identified and properly dealt with.
Our methodology generally involves reviewing the Part B Program against the regulatory requirements, and testing the reporting entity’s compliance with its own Program.
For further information on what you should expect from an independent AML/CTF review, please see our article Independent AML Review and Related Considerations.
To find out more about how we could potentially collaborate, simply click here to book an obligation-free virtual coffee with our founder and director Xiaoshu Liu.