It’s AML-CTF review time

From

Chris Deeble

AUSTRAC is serious about anti-money laundering and counter terrorism (AML-CTF). Just take a look at their recent actions against the Commonwealth Bank of Australia.

Any business that has an AML-CTF Program must have it reviewed regularly. This now includes digital currency exchanges.

Who can do this review depends on whether your business has a Part A or Part B AML-CTF Program.

What is a Part A AML-CTF Program?

A Part A AML-CTF Program identifies, manages and mitigates the money laundering or terrorism financing (ML-TF) risks your business has. It must include:

  • An AML-CTF risk awareness training program for employees;
  • An employee due diligence program; and
  • Be approved by your governing board and senior managers.

Your business must have a Part A AML-CTF Program unless:

  • It holds an Australian Financial Services Licence and provides services in the capacity of that licence; and
  • It arranges for a person to receive another designated service from another reporting entity.

This means financial planners do not have to have a Part A AML-CTF Program.

If you have a Part A AML-CTF Program, an independent person must do the review.

What is a Part B AML-CTF Program?

A Part B AML-CTF Program sets out your customer identification and verification procedures. It includes the procedures for knowing your customers.

All reporting entities (including financial planners) must have a Part B AML-CTF Program. If you only have a Part B AML-CTF Program you don’t need to have it independently reviewed but it’s a good idea to.

What is an independent review?

An independent internal or external person must do the review. An independent internal person could be an employee who is not involved in your AML-CTF program. For example, they may be from your legal department. An independent external party may be an external auditor, a compliance specialist or an external lawyer.

AUSTRAC recently changed its rules to make sure the reviewer is truly independent and does not have a vested interest in the outcome of the review. Your reviewer must not have:

  • Designed, implemented, or maintained the program; or
  • Developed the program’s risk assessment or internal controls.

You must also be able to show that the reviewer is independent.

How often must you review your AML-CTF Program?

It’s up to you how often your program is reviewed. Some things you should take into account when making your decision include:

  • The nature of your business;
  • Your size;
  • How complex your business is; and
  • The type and level of ML-TF risks you have.

What must be reviewed?

The review must assess and test:

  • The effectiveness of your AML-CTF program for your ML-TF risk;
  • If your AML-CTF Program meets the AML/CTF rules;
  • How effectively your AML-CTF Program has been implemented; and
  • If you have actually followed your AML-CTF program.

You must give the outcome of this review to your governing board and senior management.

We can independently review your AML-CTF Program – Part A, Part B or both. If you need some help setting up or refining your AML-CTF Program, you can also purchase our AML/CTF Compliance Kit. We’d be happy to help.

By Chris Deeble

You must be logged in to post or view comments.