1st July 2020
AML Compliance Checklist for Banks
AML Compliance Checklist for
In most global jurisdictions, banks and other financial institutions must put an AML compliance program in place in order to detect and prevent money laundering and terrorism financing activities and satisfy their associated regulatory obligations.
However, achieving AML/CFT compliance in banking is a challenging process for many institutions: banks must ensure that they collect the appropriate information from customers, screen transactions on an ongoing basis and, if necessary, report suspicious activity to the financial authorities. Complicating that challenge, banks must be aware of emerging criminal methodologies and upcoming legislative changes that may affect their internal AML programs and change their compliance obligations.
Given that administrative burden, and in order to manage their AML/CFT responsibilities and ensure the effectiveness and efficiency of AML measures, it is good practice for banks to implement a compliance checklist that supports and informs their AML program. An AML checklist can help banks not only build their AML infrastructure but manage their day-to-day response to money laundering risks.
Accordingly, an effective AML compliance checklist should involve the following key features:
Identity verification is a crucial component of risk-based AML/CFT: banks must know who they are dealing with, and the risk that they present, in order to deploy appropriate AML responses. An AML checklist should prioritize identity verification through customer due diligence (CDD) measures, with enhanced due diligence (EDD) measures for higher-risk customers. In practice, CDD should accurately establish:
- A customer’s personal information including their name, address and date of birth.
- Beneficial ownership of a company where that owner is not the customer or client.
- The nature of the business in which the customer is involved.
AML checklists should focus on helping banks to deliver ongoing compliance, which means monitoring customer transactions for suspicious activity in relation to their risk profile. In practice, transaction monitoring should be set up to detect:
- Transactions above regulatory thresholds
- Unusual transactions, for example transactions of unexpectedly high amounts or a high volume of transactions
- Unusual transaction patterns
- Transactions with high-risk countries
- Transactions with PEPs or with sanctioned individuals
- Adverse media stories involving customers