AML/CFT Governance Structure: Business, Compliance, and Audit
AML/CFT Governance Structure: Business, Compliance, and Audit
The offences of Money Laundering and Financing of Terrorism (ML/TF) are a threat to a regulated entity. It is essential for a regulated entity to establish a governance structure related to Anti–Money Laundering (AML) and Combating Financing of Terrorism (CFT). The AML/CFT governance structure requires an entity to define the roles and responsibilities surrounding AML/CFT within the AML framework of the reporting entity.
This will make every employee aware of what they are required to do, which will ultimately lead to the effective implementation of the AML framework in an entity. Moreover, an effective AML/CFT governance structure helps in combating financial crimes Like ML/TF.
First Line: Business
The First line viz, business includes the employees of the company who are engaged in business on a daily basis. They are responsible for conducting day to day operations of the business. These employees manage overall customer relations as they deal with customers and suppliers. They even engage in service delivery. As they deal in customer relations, they are responsible for carrying out KYC and processing transactions. etc., They are trained in spotting red flags in customer behaviour and activity. They identify any red flags and reduce the chances of any activity related to money laundering. Let us discuss their roles and responsibilities in detail:
- Roles of First Line Business: As we have discussed that First Line Business deals in customer relations. Their primary role is to identify any risk associated with the customer. If they identify any red flags in a customer, they should immediately report that suspicious customer to the compliance officer. They help in managing the risk by reporting it to the Compliance Officer.
- Responsibilities of First Line Business: As the First Line is in direct contact with the customers, they can easily assess any red flags. They are aware of the types of risk associated with a customer. They are responsible for implementing risk management procedures. The risk management procedure might include observing and reporting suspicious activity to the compliance officer. The other responsibilities include taking ownership of KYC and Due Diligence in daily operations. This means identifying the risk in day-to-day operations of an entity.
Second Line: Compliance
The AML/CFT governance structure includes the compliance team and specialised risk management team. Cabinet Decision No. (10) of 2019 talks about the appointment of a Compliance Officer. Their work is to provide guidance to the first line business on how to identify any red flags in a customer. They even develop the policies and procedures related to AML/ CFT and provide training to employees for better implementation. There are certain roles and responsibilities of Second Line Compliance. Let us discuss these in detail:
- Roles of Second Line viz. Compliance: The role of Second Line Compliance is to oversee and support the ML/TF/PF risk management. They provide guidance to the first line business. It includes the specialised risk management team which looks into the risk management deeply. The risk management includes identifying the risk and managing risks in a way that they remain within the entity’s risk appetite.
- Responsibilities of Second Line: The Second Line is responsible for developing AML/CFT policies and processes. The policies and procedures developed by the compliance officer should be capable of immediately detecting the risk indicators and empowering the regulated entity to stay AML compliant. Merely developing policies related to AML/CFT would not serve the purpose, and that is why the Compliance Officer is responsible for providing guidance and training to the businesses.
Training the employees about the policies and procedures makes them aware of this. This ultimately helps detect red flags easily, thereby reducing the chances of ML/TF. Apart from this, it is the responsibility of compliance officer to monitor adherence to ML/TF risk management policies and procedures. The adherence to the policies reduces the chances of any kind of fraudulent activity.
Third Line: Audit
The well-drafted governance structure clearly defines roles and responsibilities, avoiding any confusion and making the administration more efficient. Cabinet Decision No. (10) of 2019 talks about independent audit to test the effectiveness of internal policies. The auditors are responsible for conducting the audits of every measure taken by an entity to avoid the chances of ML/TF. Let us discuss the roles and responsibilities of auditors in detail:
- Role of Third Line viz., Audit: The auditor is responsible for independently reviewing the AML measures implemented by an entity. The audit ensures that the quality and effectiveness of AML measures are satisfactory. The auditors identify the gaps in the measures implemented by an entity. This helps in the immediate redressal of ML/TF/PF risks, which ultimately results in combating financial crimes like money laundering.
- Responsibilities of Third Line: The Third Line is responsible for conducting independent testing of the ML/TF/PF risk management process. The testing of the process helps in knowing the lacuna in the process. The auditors also provide recommendations to improve the ML/TF/PF framework. Moreover, auditors are also responsible for providing assurance on the adequacy and effectiveness of governance. As the auditors review the policies, they also state that the policies are adequate or not.
AML/CFT Governance Structure: A Brief Overview
The AML/CFT Governance Structure includes three lines. The First Line includes the business. The business includes the employees of an entity who directly deal with the customer. If the First Line comes across any red flags, then they report it to the Second Line. The Compliance Officer is responsible for making policies. These policies and their compliance are reviewed by Third Line i.e. independent auditors.
Related Posts
Confused with how to mitigate ML, FT, and PF risks within your Regulated Entity?