Anti-Money Laundering Seminar

PRACTICAL EXERCISE 1

Strategies and Techniques

Practical Risk Management

You have recently been appointed the Compliance Officer of a Medium seized Retail Bank in another country. The Bank
has a spread of mainly domestic Personal, Business and Corporate customers. It offers a range of products and
services through its Branch Network. The Bank has a good reputation and has been established for many years. It has
a team of three full-time Compliance staff at Head Office with others working in Transaction Monitoring.

Upon arrival, you ask your staff to describe the standard of AML Compliance and are assured that it is high. When
asked to justify this assessment, they respond that they have written procedures in place which are reviewed annually
and routinely submit STRs to the State Committee for Financial Monitoring (SCFM) in a timely manner. Statistics are
provided on the number of STRs submitted each month. When asked how they know that AML procedures are being
followed, you are informed that as a Bank, staff are trained to comply with all processes and controls in place.
Unconvinced by these assurances, you ask Internal Audit to undertake a thorough review of AML compliance against
both the Bank’s own procedures, as well as domestic legislation and regulatory guidance. The findings reveal the
following:

1 Material failures in account opening standards, particularly in relation to the adequacy and completeness of
Customer Due Diligence Information.
2 Opening accounts prior to identifying the customer and Beneficial Owner.
3 Lack of understanding of the concept of Beneficial Ownership and how they should be identified.
4 General failure to identify Higher Risk relationships and undertake Enhanced Due Diligence.
5 Low levels of Suspicious Transaction Reporting by staff as a result of a general lack of awareness.
6 Inadequate risk ownership and management at all levels.

The situation was most acute in Retail Banking. Business Banking was slightly more compliant but significant concerns
remain. Corporate Banking were more thorough in their approach, mainly as a result of the higher lending risks. Your
Bank has yet to implement Screen Based Account Opening, and continues to employ application forms.

The key causes of the weaknesses encountered were attributed to the following factors:

1 Untrained or inexperienced staff opening accounts. They viewed account opening as just another process to
follow.
2 General failure by line Managers and Staff, to appreciate the importance of compliance.
3 A failure by staff to refer to internal procedures which in any event, were incomplete and inadequate.
4 Ineffective staff training
5 Poor local management, supervision and ownership of processes and controls
6 No consequences for poor compliance with AML requirements.
7 Line Management did not view AML compliance as their problem.

The Chief Executive was most concerned by these findings and it has a wider impact on the Bank’s reputation and
standing. He has given you his full support in remedying the position and ensuring that effective systems and controls
are introduced to ensure compliance. You have the Chief Executive’s support for your solution to be both rapid and
radical.

Working in your Syndicate Groups and using your risk management skill, please discuss and consider the following:

Group 1: How would you address the training needs of staff? Should all staff receive the same training and if not,
who should receive enhanced training? How would you deal with the weaknesses in account opening
and ensure that only competent staff where authorised to open accounts? What additional training
should be in place to improve the volume and quality of STRs?

Group 2: What internal Policies and Procedures should be in place? How frequently should they be reviewed and
who should finally approve them? How would you ensure appropriate risk ownership and that your
policies and procedures are being followed?

Group 3: What additional controls should be introduced to manage the weaknesses in account opening? How
would you address the failure to identify Higher Risk relationships? Should there be any penalties
against line management and staff for poor account opening standards?

Group 4: What type of Management Information (MI) would be useful in providing an overview of ML/TF risks
and compliance standards? How frequently should such Reports be produced and who should receive
copies?

Group 5: How would you demonstrate the standard of compliance to Senior Management? How frequently
should you meet with Senior Management and what standard topics should be on the agenda?

Will you also please nominate someone from within your Group to act as the spokesperson during the feedback
session.

Each Group has 30 minutes to complete the exercise.