Professional Documents
Culture Documents
get the appropriate attention from the board, senior management and the
business lines. This AML officer becomes the board’s proxy for driving the day-
to-day success of the Bank’s AML efforts, and as such, the board should provide
the AML officer with sufficient resources to execute his/her responsibilities to
oversee compliance with the Bank’s AML program.
The creating, implementing and maintaining policies and procedures, as well as
communication of these to all personnel. They must also establish processes for
screening employees to ensure high ethical and professional standards and
deliver appropriate training on the AML policies and procedures, based on roles
and functions performed, to help with this process and keep employees aware
of their responsibilities. To facilitate this, employees should be trained as soon
as possible after being hired, with refresher training.
Once a year, the practise should be to identify and assess the main compliance
risk issues facing the Bank and the plans to manage them. Such plans should
address any shortfalls (policy, procedures, implementation or execution)
related to how effectively existing compliance risks have been managed, as well
as the need for any additional policies or procedures to deal with new
compliance risks identified as a result of the annual compliance risk assessment;
In addition report to the board of directors or a committee of the board on the
Bank’s management of its compliance risk, in such a manner as to assist board
members to make an informed judgment on whether the Bank is managing its
compliance risk effectively; and lastly report promptly to the board of directors
or a committee of the board on any material compliance failures (e.g. failures
that may attract a significant risk of legal or regulatory sanctions, material
financial loss, or loss to reputation).
AML officer is responsible for ongoing monitoring for AML compliance,
including sample testing and a review of exception reports, to enable the
escalation of identified non-compliance or other issues to senior management
and, where appropriate, the board. The AML officer should be the contact point
for all AML issues for internal and external authorities and should have the
responsibility for reporting suspicious transactions. To enable the successful
oversight of the AML program, the AML officer must have sufficient
independence from the business lines, to prevent conflicts of interest and
unbiased advice and counsel; the officer should not be entrusted with the
responsibilities of data protection or internal audit. Depending on the size of
the Bank, the AML officer may perform the function of the chief risk or
compliance officer; but should have a direct reporting line to senior
management and/or the board. Of course, the AML officer must be
knowledgeable of the legal and regulatory obligations, the Bank’s AML regime
and the ML/FT risks at the Bank.
3|Page
The definitions of the risk listed below will be utilized when analysing all
information gathered to determine the Bank’s Final BSA/AML Risk Score:
Inherent Risk
Define what determines a rating of High,
Moderate or Low
International transactions
Yes or No
Geographic Risk
Define what determines a rating High,
Moderate or Low
Cash Intensive
Yes or No
Monitoring/Mitigating Controls
Define what determines controls
considered to be Strong, Adequate or
Weak
Residual Risk
Define what determines a rating of High,
Moderate or Low
6|Page
7. Number of exempt clients, Phase I and Phase II, and define exemption
process
8. Process of verification of monetary instrument logs