Importance of AML/CFT measures

As the world economy is growing and the entire globe is coming together as an integrated society, two vices are trying to take a toll on this society – Money Laundering and Terrorism. Money laundering has been a setback to the global financial system, pumping the illegally generated money into the economy, making it appear to have come from a legitimate source. Such funds generated from criminal activities are used again for multiplying the effect of illegal activities, such as terrorism, and impacting the security and integrity of the countries. The need of the hour is to be resilient against such evils of the society to make it a better place to live, and thus, various countries are coming up with the Importance of AML/CFT measures.

AML/CFT Measures undertaken by various countries

Due to sheer Importance of AML/CFT measures, Singapore Ministry of Law has developed a division under the name of “Anti Money Laundering / Countering Financing of Terrorism,” with whom Cash Transaction Report for suspicious transactions is furnished.

Similarly seeing the Importance of AML/CFT measures, the Australian Government has issued the Anti-Money Laundering and Counter-Terrorism Financing Act in the year 2006, which requires businesses to have a proper program in place to protect the company from financial crimes by timely identification/mitigation of these kinds of risks.

AML/CFT measures undertaken by UAE

The United Arab Emirates is also one such nation amongst the list who understands the Importance of AML/CFT measures, and is devoted to controlling the money laundering activities and financing of terrorism or other illegal activities from there. As a part of this strategy, the UAE government has introduced the regulation “Anti-money laundering and combating the financing of terrorism and illegal organization” and issued the guidelines to enforce the law better.

Designated Non-Financial Businesses and Professions (DNFBPs)

Auditors and accountants;
Lawyers, notaries, and other legal professionals and practitioners;
Company and trust service providers;
Dealers in precious metals and stones;Real estate agents and brokers;

If one deep dives into the lawmakers’ intent, one would understand that DNFBPs have been categorized looking at the risk involved in the business or the vulnerability of business towards the criminal activities or the one having access to the suspect’s accounts/ finance details.

If we take the example of auditor, the federal laws regulating the audit profession anyway imposes specific obligations on auditors regarding the reporting of crimes detected during auditing the accounts of clients, as they have access to the books and internal controls.

When it comes to protecting the financial sector from such criminal exploitation, certain businesses and professions could serve as first aid to curb these. With the same thought, under UAE guidelines, class of people/businesses have been defined as Designated Non-Financial Businesses and Professions (“DNFBPs”).

They have been obligated under the law to perform the Due Diligence of their customers and risk profiling. These DNFBPs have been made responsible for reporting the transactions to the authorities, where any suspicion involving money laundering or illegal activities such as financing terrorism, drug trafficking, etc., is doubted.

It is pertinent to know the group of businesses and professions that have been identified as DNFBPs. This list includes the following:

Let’s talk about precious metals and stones. The high intrinsic value of the product vis-a-viz the compact form of the same and the value appreciative nature of such items (gold, silver, diamonds, etc.) make it easy for the money launderers to exploit the sector and fund the criminal activities.

Looking at the nature of business/professions obligated with tasks under anti-money laundering and combating of financing of terrorist activity, it is apparent that the purpose is to trace back such money launderers and check the illegal or criminal activities. For this, it is important to have in place a dependable source of information about the business relationships and transactions. This is pertinent as the money launderers and the persons involved in criminal activities try to hide their identity and camouflage the proposed transactions.

Responsibilities of DNFBPs

In the context of the responsibilities shouldered on the DNFBPs, it would be treated as an offense if they do not report the suspected transactions (where they doubt the involvement of money laundering or any other criminal act) or tip-off about the transactions reported with the supervisory authorities.

For this, the regulations have suggested specific ways and means to assist the DNFBPs to comply with the guidelines and discharge their obligations of reporting the suspicious transaction in a fair method, such as:

Developing and implementing the internal controls and policies/procedures (commensurate to the size and complexity of the business) that seems to be adequate to identify the doubtful transactions and prevention of the money laundering related activities;
Maintaining appropriate AML documentation such as “Know Your Customer” document, Customer Due Diligence practice, Risk profiling policy, etc.
Communicating such policies to the staff and imparting training thereupon;
Monitoring and adhering to the compliance requirements under the guidelines.

Thus, the law revolves around adequate measures for identifying customers and risk assessment to evaluate the cause for concern and report the same to apt Governmental authorities for necessary proceedings against the felonious person.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

FAQs On Importance of AML/CFT measures

AML/CFT regulations are essential to fight financial crimes – money laundering and terrorism financing – to ensure the integrity of the society and stability of the country’s financial system and the whole world, mitigating the adverse effect of such crimes on society. Having AML/CFT measures as regulations would mandate the country’s ordinary people to join this fight.

AML/CFT requires the designated entities to implement countermeasures to fight against money laundering and terrorism financing, such as implementing the robust AML/CFT compliance framework, verifying a person’s identity before transacting, staying alert to any red flags, timely reporting of suspicious activities, etc.

Combatting terrorism financing is critical as it facilitates funds to the terrorist group for their operations, propaganda, etc., which ultimately impacts global peace and threatens society. It also results in the rise of other criminal activities like human trafficking, the use of narcotics, etc. Thus, CFT becomes pertinent to prevent incidences of terrorism.

Having robust AML guidelines in place would leverage a country in fighting financial crime with the united support of fellow citizens. Further, predefined guidelines will clearly lay down the government’s intention, ensuring that the prescribed best practices to fight money laundering are followed consistently across the nation.

Article UAE

Red Flag Indicators For AML/CFT

AML UAE, with its vast experience and on the basis of the AML/CFT guidelines, has systematically prepared Red flag indicators for AML/CFT pertaining to different aspects such as customers, their source of funds, etc.

Money laundering can cause a lot of troubles in both qualitative and quantitative manner on the business organization. Money laundering primarily hides the income and the source of funds of the criminals or money launderers, as the same is illicit or unexplained. In addition to that, Red flag indicators for AML/CFT also harm the overall economy and poses several risks to the business enterprise.

Facilitating criminal activities like money laundering either directly or indirectly through one’s business may lead to dramatic challenges in managing the assets of the business organization. Furthermore, Red flag indicators for AML/CFT may add to high legal costs and penalties if any sort of money laundering activities is taking place involving one’s business organization or the organization is not abiding by the anti-money laundering compliance regulations.

Surprisingly, a humongous amount of money is being laundered every year. In order to avoid that, one has to be very mindful of the Red flag indicators for AML/CFT and constantly monitor the same where something unusual is observed. The Sooner the identification of the Red flag indicators for AML/CFT, the more efficient would be the measures to avoid/control the damage or restrict the intensity of the same.

What is the meaning of Red flag indicators for AML/CFT?

It is essential to be well aware of and act according to the red flags indications that pinpoint involvement of any fraud or suspicious activities in a financial transaction. In a few complex cases, one may experience the need to obtain more information from the customers. For example, suppose certain essential questions or details pertaining to the customers remain unaddressed or unanswered. In that case, the AML Compliance Officer should evaluate the reasonableness of suspicion involved and, if needed, filing a Suspicious Transaction Report with the Financial Intelligence Unit.

Red flags indicators also aid financial institutions in order to apply a risk-based approach to meet customer due diligence (CDD) requirements like knowing about the beneficial owners and understanding the legitimacy of the source of funds. If there is a red flag indication, the regulators might suspect the occurrence of either terrorist financing or money laundering, or any funding of illegal organizations. Law enforcement officers find these red-flag indicators helpful when monitoring the behavior of the professionals or even the customers. A report from Financial Action Task Force or FATF highlights the following red flags related to terrorist financing and money laundering:

Red flags about the customer

Here are a few red flags about the customers.

The customer is extraordinarily secretive or tries to evade information related to the following aspects.

Who the customer is
What precisely the bigger picture is, and is there anything that is lying under the table
What is the source of the enormous sum of money
Who exactly is the beneficial owner
Why are they carrying out a particular financial transaction in a different or unusual manner

Customers are looking up to these things

Customers are actively avoiding any sort of direct or personal contact
Uses an email address that is not found on the internet
If the customer clearly refuse to provide information, necessary documents, or data
Upon asking, the customer offers irrelevant or fake documents
An associated partner, or any known or unknown person involved in any kind of suspected criminal activities like terrorist financing and money laundering

Red flags alerts for parties are generated when

When the parties or their representatives are situated in a country that is prone to high-risks
The parties involved in any financial transaction are tied for no apparent commercial reason
The links between the families, employment, institution of the parties may raise doubts about the legitimacy or authenticity of the parties
The individual who directs the operation is not amongst the official parties of the transaction or its representatives
A natural person working as a representative or a director is not appropriate in many terms, and even his behavior is not right

Red flags in the source of funds

Here are a few red flags that should look forward to in order to minimize the intensity of the damage:

Red flags

The financial transactions are expressly inconsistent with the socio-economic profile of the individuals.
If one finds out that the actual source of funding is illicit
If the customer uses more than one national or foreign bank account under his name
The choice of payment mode or method has been postponed to a highly close time to the time of notarization without any explainable or logical reason.
If there is any unexplained or suspiciously short payback period
Mortgages are repaid quickly without any sustainable explanation, even before the first due date
If the assets are being purchased in cash and rapidly used as a guarantee for the loan
If any prompt request comes in order to moderate the previously agreed payment procedures without a good experience
Finance is provided by the lender without any logical explanation outside of the credit institution
The collateral provided for the transaction is located in a country that is categorized as high-risk.
If there has been an exponential increase or consecutive contributions to the same business enterprise without having any recent logical statement in favor of that same business unit.
If there is an unrelated increase in the capital from a company or from a foreign company.
If the business enterprise has received a relatively high sum of capital or fixed assets.
If there is an unnecessarily high or low price for the transfer of the securities.
If recently incorporated, companies are also making large financial transactions without any justification or logical reason.

Red flags related to behaviour

Where the customer makes unusual requests for maintaining the secrecy of the transaction;
Where the customer insists on the use of an intermediary in all interactions, without sufficient justification and avoids personal contact without sufficient justification;
Where delivery instructions requested appear to be unnecessarily complex or confusing;
The customer exhibits unusual concern with the firm’s compliance with government reporting requirements and the organization’s AML policies;
Customer involving foundations, cultural or leisure associations, or non-profit-making entities, especially when the characteristics of the transaction do not match the goals of the entity;
When the customer suddenly cancels the transaction when asked for identification or information;

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

Best practices for KYC compliance

KYC is an abbreviated version of Know Your Customer. It is basically an important function that helps assess the risk-bearing power of your customers and legal abiding to comply with the laws of Anti-Money Laundering. Best practices for KYC Compliance majorly revolve around knowing the identity of your customers, the risk they possess, and their overall financial activities.

AML Best practices for KYC Compliance

Being a business owner, it is essential for you to know your customer well. If you are a financial institution or designated non-financial business or profession (DNFBP), you might face possible sanctions, reputational damage, and fines upon professionally collaborating with terrorists or money launderers.

KYC is the essential control mechanism that protects your business enterprise from losses and fraudulent activities that might result from illegal transactions or funds.

A KYC is basically a systematic process that any financial institution or business enterprise undertakes. This systematic process includes the following steps.

Establishing the identity of the customer.
Understanding the actual goal behind customer’s activities. The ultimate motive behind this is to identify that the source of the customer’s funds is both legally appropriate and legitimate.
Effectively assess the risks associated with a particular or all the customers with the sole purpose of monitoring their activities.
Dealers in precious metals and stones;Real estate agents and brokers;

The article revolves around the best practices you must follow in order to comply with the process of knowing your customer.

Characteristics of an effective and best practice for KYC Compliance

To build and run an effective AML KYC strategy, you require the following elements.

1. Customer Identification Program or CIP

The only reason why the KYC process is conducted is to identify the legitimacy and authenticity of your customers. One of the most essential elements for successful and Best practices for KYC Compliance is to assess the risk of your customers. This risk assessment should be carried out at an individual level as well as on an institutional level. The Best practices for KYC Compliance provide qualitative guidance to determine the accurate risk level and the policies to mitigate those levels of risks.

The minimum requirements needed for the opening of an individual financial account are somehow delimited in the process of the customer identification program. The data gathered includes:

Name
Address
Contact number
Nationality
Date of birth
Place of birth
Occupation
Employer name
Purpose of transaction
Beneficial owner
Identification number

The same information is then verified with the original source document by at least 2 independent verifiers to ensure accuracy and authenticity. The process of identity verification includes non-documentary and documentary methods like comparing all the information provided by the customer with the help of consumer reporting agencies and public databases, documentary method, or an intelligent combination of both.

The procedures mentioned above are considered the core of the Best practices for KYC Compliance because, unlike other Anti-money Laundering compliance methods, this stands solid and reliable. The procedures need to be codified and clarified in order to provide guidance to executives, staff, and many other benefits to the regulators.

However, it is crucial for you to note that the actual policies or procedures will depend upon the risk-based approach of the financial institution. There are a few factors that you can consider while framing the actual process or procedures.

The enterprise risk related to the risk exposure of the business itself
Geographic risk related to the kind of countries a business deal with
Product, service, or transaction-related risk
Customer/business relationship-specific risk
Channel related risk and
Other risks

2. Customer Due Diligence (CDD)

For every financial institution, the only thing that matters is to identify whether you can trust the potential client or not. Customer Due Diligence is basically a critical element that effectively manages your risks and protects your company against terrorists, politically exposed parties (PEPs), and criminals who might involve a heavy risk quotient with them.

There are only three levels of customer due diligence.

Simplified Due Diligence (SDD) is basically the situation where the overall risk of terrorist financing or money laundering is relatively low, and customer due diligence is not required. Low-value accounts make the best example of SDD.
Basic Customer Due Diligence is practically the information obtained for all the respective potential customers to verify their identity and assess the overall risk associated with that particular customer.
Enhanced Due Diligence (EDD) is associated with potential high-risk customers. It is all about gathering additional information about your customers who carry a high-risk profile, verifying and evaluating the information to mitigate the associated risks.

In order to enhance the effectiveness of your due diligence program, here are a few steps you can follow.

Ascertain the location and the identity of the potential customers and invest time to understand their basic business activities in-depth. It can be as easy as finding a legal document that verifies your potential customer’s name and address.
When authenticating a potential customer, identify their risk category and define what type of customer they are, and then store their information digitally
Beyond basic customer due diligence, it is vital that you carry out various processes to ascertain whether there is room for enhanced due diligence. This could be an ongoing process because the existing customer might convert into high-risk profile customers over time. To avoid the cumbersome situations that may arise, it is better to conduct periodic due diligence assessments on all the existing customers. Following is the list of factors that you must keep in mind to identify the need for enhanced due diligence (EDD).
Occupation of the customer
Location of the customer
Types of transactions
Expected mode of payments
Expected patterns in terms of the kinds of transactions, frequency of commerce, and the value of transactions
Maintaining a record of all EDD and CDD performed on each customer is essential for regulatory audits

3. Ongoing monitoring

Monitoring your customers or potential customers once is not enough. You must develop an ongoing monitoring plan. The continuous monitoring function incorporates oversight of financial transactions and the thresholds developed to map the customer’s risk profile.

Depending upon the risk profile of your customer, along with the risk mitigation strategies, you have to monitor a few additional factors.

Spikes or surprisingly enhanced activities
Unusual cross-border activities or trading with the black-listed geographies
Inclusion of people on the sanctioned lists
Adverse or negative media mentions

A business might be required to file a suspicious transaction report (STR) if the account’s activities appear unusual.

The level of transaction monitoring depends on the risk-based assessment.

4. Corporate KYC for AML

Similar to individual accounts, corporate accounts also require KYC, identification, monitoring, and due diligence. The process of corporate account KYC is almost the same as of the individual KYC. However, the demands are different.

For corporate accounts, the volume of transactions increases along with the amounts per transaction, and several other risk factors are usually elevated, and hence more procedures are involved. These procedures are therefore known as Know Your Business (KYB).

Every jurisdiction has its own defined type of KYB requirements. However, there are four common steps that you can implement.

5. Retrieve the vitals of your company

Identify and verify the basic company information like registered number, address, name of the company, status, and the key management employees. On the other hand, it depends on your fraud prevention standards and jurisdiction when it comes to gathering specific information. You have to systematically collect all this information and cautiously feed it into your workflows.

6. Analyze the ownership structure

Identify the people who have ownership rights of the company through direct or indirect means. These can be individuals or a team of individuals.

7. Identifying ultimate benefit owners

Calculate the total stake of ownership and management control of any individual to determine whether it crosses the threshold for ultimate beneficial owners (UBO) or not.

8. Carry out AML/KYC checks

All the individuals you have identified as Ultimate Benefits Owners should undergo an AML or a KYC check.

Final words : AML KYC Best Practices

Knowing your customer is an integral part of your business. For businesses like auditors and accountants, lawyers, notaries, and other legal professionals, company and trust service providers, dealers in precious metals and stones (DPMS), real estate agents and brokers, the importance of AML KYC increases exponentially and should be performed thoroughly without a single casualty. Any error in the process can cause you qualitative as well as quantitative losses.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

Know Your Business (KYB) – Key element of AML compliance

What is Know Your Business (KYB)?

Know Your Business or KYB is the process of identifying the authenticity of a business with which the company deals. It might be suppliers, third-party consultants, intermediaries, or B2B clients or customers. KYC process would be relevant for any business organization directly dealing with the company.

Know Your Business is an essential step toward protecting an organization from financial crimes. Similar to the Know Your Customer (KYC) process, KYB is a practice followed by the companies to know with whom they are doing business. For every organization, it is very critical to be aware of their business partners. Their identities need to be verified and validated. The foundation of a business relationship with another business should be based on a proper KYB procedure.

It serves two purposes – it enables a business to know that the business it deals with is real and a lawful entity. It is not a shell company that is commonly used as a technique to launder money. Secondly, it lets the business know whether the persons controlling and running the business are involved in any criminal activities.

Therefore, KYB is a common practice in the B2B sector. Many companies rely on it to know if they are dealing with legitimate companies and lawful entities with a genuine legal structure.

Why is KYB needed?

Increased instances of money laundering have urged companies to adopt a strict approach towards safeguarding their company from being exposed to financial crimes, with procedures and methods to know the customers and business partners. Since the money laundering typologies are evolving and moving towards the use of network structure, the focus now should be on knowing the legal persons with whom the company is transacting by the “Know your Business” process.

Identifying the legal structure and its ownership is a top concern when dealing with other businesses, which is an essential process. By following the best KYB practices, the companies can identify the structure and people operational for conducting financial crime well in time and thus, reduce the possibility of financial crimes. Adequate and effective KYB procedures would keep the customers’ and stakeholders’ interest in the business intact and save from reputational and monetary damages.

Are KYC and KYB the same?

KYC and KYB are both verification processes targeted at different customer categories. The subject of the verification differs in both cases – KYC is for verifying the identities of an individual customer or business partner (natural person). At the same time, KYB aims to assess businesses (legal persons) and those controlling, owning, and running these businesses.

The subject of the verification differs in both cases – KYC is for verifying the identities of an individual customer or business partner (natural person). At the same time, KYB aims to assess businesses (legal persons) and those controlling, owning, and running these businesses.

The increasing importance of KYB

KYB is a new entrant into the framework of risk mitigation and prevention of financial crimes. KYC has been in place for a long time to help organizations protect themselves from financial crimes but was focused more on the customer segment. Now, realizing the growing importance of dealing with all the business associates and the spread of money laundering networks, one glaring gap has attracted everyone’s attention – verifying a business’ identity. Now with KYB, business relationships are monitored with the same effectiveness as the assessment of individuals as per the KYC process.

The US Financial Crimes Enforcement Network (FinCEN) introduced the KYB regulations to implement a standard procedure for verification of the legitimacy of a business.

KYB is vital because criminals may use different ways and create various sources to launder money, such as shell companies, which exist only on paper and are used to transfer illicit money.

Moreover, criminals also use legitimate businesses to launder money and fund terrorism and other criminal activities. Considering this aspect, US FinCEN introduced the KYB regulations. When carrying out the Due Diligence process, KYB has also become a standardized procedure that businesses employ to verify the identity of the organization they work with.

Who should conduct KYB?

KYB is fast gaining acceptance, and businesses realize its importance. Companies should conduct KYB to identify and prevent financial crimes timely. They can comply with the regulations and protect their business from criminals who often target legitimate businesses for money laundering. It should be a common practice for banks, financial institutions, and companies to conduct KYB procedures.

Wholesalers, manufacturers, and suppliers who deal with other companies must know their counterpart’s identities.

KYB will let a business know that their associates are legitimate, and they will not have to face legal repercussions while doing business with them.

Steps to Conduct KYB

Verification of Business

KYB helps determine that the business is not a shell company and exists in reality. It also verifies that the activities and operations the business is conducting are lawful and the business per se is legitimate. It assures a business that the organization is genuine and is not involved in any unlawful activity.

Different documents should be sought and reviewed to establish the authenticity of a business, such as:

Registration documents and certificate of incorporation
Ownership structure
Constitution of the management or board of directors
Financial statement, if possible

Verification of business owners

After knowing that the business activities and operations are legitimate, the next step is to verify the authenticity of the business owners and the controlling parties. The verification will reveal if the owners and stakeholders are law-abiding citizens with no criminal records.

An essential aspect of the verification of business owners is also termed Ultimate Beneficial Owners (UBO) verification. The process consists of identifying UBOs and evaluating if they are genuine natural persons, not merely names existing on paper. Moreover, businesses should verify whether any of the UBOs are on sanction lists.

With such a thorough verification process, a company can make informed decisions about maintaining or continuing a business relationship with the entity.

Simplifying Know Your Business

KYB is an essential process that businesses should follow to know the authenticity of their associated companies. It may be suppliers, manufacturers, wholesalers, logistics partners, or intermediaries. The KYB process is laden with several challenges, which businesses can simplify with the help of experts. The significant challenges in the KYB process are:

Collation of different documents and information from various sources
Verifying the information collected from varied sources and screening them against different databases to establish the authenticity
Compilation of the KYB procedure – its proper documentation

Given the critical factors involved, it is recommended to rely on technology to implement the KYB procedure correctly to avoid the risk of non-compliance. Technology and advanced software would ensure accurate results and streamline the process to yield faster and more comprehensive outcomes. Automated verifications with the help of software are an ideal solution for any business that wants to diligently comply with the KYB regulations. Outsourcing may also help conduct the manual verification process seamlessly, without the need to invest in technology and own workforce.

Implement Know Your Business (KYB) processes with professional support

Niyeahma is a team of expert advisors offering AML Compliance services on a wide range of services such as KYC & KYB, AML Policy, procedures and controls documentation, AML training, etc.

We help businesses in the B2B segment to understand the authenticity of the organizations they are doing business with. KYB will help companies to comply with the verification rules and regulations, safeguard the interest of their customers and stakeholders, and protect their reputation from being tarnished by criminals for their illicit gains.

By outsourcing the AML compliance services and KYB procedures, you can benefit from the expertise of compliance experts who will seamlessly handle KYC and KYB procedures.

Our experts use technology to deliver accurate results. Get a complete check on your customers and companies you are doing business with – be it KYC, KYB, business or customer Due Diligence, Enhanced Due Diligence, identification of PEP or UBO, and sanction screening results.

Get peace of mind with our professional identity verification, authentication, and validation approach. It will allow you to concentrate on business growth rather than getting caught up in the KYC and KYB regulations. Get in touch with our expert team and how they can help you with the KYC and KYB processes.

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Article UAE

Socio-economic impact of money laundering

Money laundering is a crime that involves occupying money through illegal means. Corrupt anti-money laundering regimes in various countries allow terrorists and money launderers to use their financial gains in order to expand their criminal pursuits and expand their unlawful purposes and encourage many illegal activities like corruption and drug trafficking.

Although terrorist financing and money laundering can occur in any part of the world, it has particularly many social and economic consequences for developing countries. The developing countries are more susceptible to disruptions from the effects of money laundering, having significant social and economic implications due to fragile financial systems. This article talks briefly about the socio-economic impact of money laundering.

Social impact of money laundering

The economy obviously faces some dramatic repercussions when it comes to money laundering. But even society bears the repercussions of money laundering activities. Generally, money laundering allows criminals or launderers to expand their operations deliberately.

This exponentially increases the cost that the government has to bear due to enhanced law enforcement and the need to invest in the healthcare sector and public welfare in order to combat the negative consequences.

Money laundering transfers the economic power from the citizens, government, and the entire market to money launderers or criminals.

Money laundering can cause a virtual takeover of the political party in power. Overall, money laundering activities arise pretty dynamic and complex challenges to the world community.

As a preventive measure, the government reduces the overall public spending in order to expand the spending on AML regulations, resulting in the ordinary citizens getting affected dramatically.

Economic impact of money laundering

Money laundering activities dramatically affect the Financial Institutions (FIs) and Designated Non-Financial Businesses and Professions (DNFBPs), critical for economic growth. Activities related to money laundering promote corruption and crime that slow down the overall development of the economy and intensely reduce productivity in the nation-development sectors such as real estate and infrastructure.

Money laundering is a persistent problem in the world’s major financial markets as well as emerging markets. As the emerging markets are in the development phase, it becomes easy for launderers to disguise and target such developing markets to expand their spread.

Macroeconomic consequences of Money Laundering

Weaker banks and financial institutions
Increased crime and corruption
Discourages foreign investments in the country
Economic instability leading to distortion of major markets
Wide-spread tax evasion and loss of tax revenue
Reputational risks for the country
International sanctions
Undue advantage to money-launderers
Depreciation in the value of the official currency of the country

Furthermore, due to the unpredictable flow of money in the economy without a traceable source, the money demand too changes.

This results in dramatic fluctuations in international capital flows and the overall exchange rates. The adverse results of money laundering activities on the economy affect various economic concepts like growth rates, money demand, tax revenues, income distribution, and financial institutions.

What are the various adverse implications of money laundering for the developing countries

Financing of terrorism and money laundering can happen anywhere, irrespective of the country. However, the value of damage or destruction it causes will definitely differ from one country to another, depending on the financial and social stability of the country. For developing countries, money laundering activities can have a severe social and economic impact because the markets of these countries are relatively small and more prone to disruption from activities such as terrorism and other criminal activities.

In addition to that, money laundering and terrorist financing also have a tremendous adverse impact on countries with fragile financial systems, as weaker social status, economic condition, and security measures aid the mala fide intentions of the criminals for terrorist financing or for money laundering activities.

The extent of the effect that money laundering has on each of the aspects of society and economy varies, as discussed hereunder:

1- International consequences and foreign investment

Any developing country which has a standing for money laundering activities or terrorist funding activities could experience a significant negative impact on their overall growth and development. Foreign financial institutions (FIs) can limit all their transactions with enterprises from money laundering heavens, make transactions more expensive, subject such transactions to extra scrutiny, and stop their overall investments.

Every legitimate business enterprise residing in money laundering heavens can suffer from restricted access to world markets or higher costs because of extra scrutiny of their ownership, control systems, and organizations.

As a result, loose implementation of AML and CTF policies in a country may lead to hardships in receiving foreign private investments in such a country’s economy. Furthermore, for developing countries, eligibility for foreign state help is more likely to be severely restricted.

2- Exponential increase in corruption and crime

A country that is known as money-laundering heaven is more likely to attract criminals and encourage corruption. Various factors lead to increased corruption and crime. For instance, a weak AML or CTF regulation, weak or selective enforcement of AML/CTF provisions, burdensome seizure provisions, and limited sanctions against money laundering activities. If a country is more prone to criminal activities like money laundering, corruption is bound to happen with high intensity and value.

Criminals or money launderers take the help of bribery before the central institutions of the countries in order to make their money laundering efforts successful.

The counterparties to the bribery could be lawyers, employees, and management of financial institutions, legislatures, accountants, police officials, prosecutors, supervisory authorities, and courts.

Effective and timely practices around anti-money laundering and combating the financing of terrorism in countries can significantly reduce the scope of criminal activities, as such practices would exponentially affect the profit margins from the proceeds of financial frauds or laundering.

3- Private sector

Money launderers utilize shell companies as these companies have distinct commercial existence that might appear legal or legitimate but are actually powered and controlled by the criminals. These shell companies basically mix illegal funds with legal or legitimate funds in order to hide their unfair and unexplainable share of income. Thus, the front face companies are not merely focusing on booking profit but also protecting their illegally occupied sum.

By leveraging the power of shell companies and other investments in legit companies, the proceeds from money laundering can be used to control all industries and sectors of the economies of particular countries.

This elevates the probability of monetary instability due to improper allocation of resources. It also facilitates a way to avoid taxation and hence depriving the income of the country.

4- Weakened financial institution

Money laundering can damage the soundness of the country’s financial sector and the stability of financial institutions like banks. The negative consequences are usually defined as operational, reputational, concentration, and legal risks that are interrelated. Each of these risks comes with its costs associated with it.

For example, when a financial institution experiences reputational risks, they are more likely to lose public trust in the financial institution because of negative publicity.

As a result, customers, depositors, borrowers, and investors end their business relationships with the financial institutions whose reputation has been distorted by allegations of criminal activities like terrorist financing and money laundering.

5- Privatization efforts

Money launderers and criminals threaten the economies of several countries through privatization. All of these criminal organizations may surpass the legitimate buyers of any former state-owned businesses. Moreover, when the illegally occupied funds are utilized or invested in this way, money launderers enhance their potential to conduct even more criminal activities and impact the growth of the country on a negative side.

Advantages of a powerful AML / CTF framework

One of the excellent ways to reduce money laundering is to implement AML and CTF programs effectively. Here are a few benefits of having a robust AML / CTF framework:

1- Elevating the stability of financial institutions

Money laundering gives birth to many financial risks, and fortunately, there are sound banking practices that reduce these risks. These risks include the potential for financial institutions and individuals to suffer due to fraud, violation of laws and regulations. Lack of adequate internal controls directly aids the execution of money laundering and other criminal activities. Customer Due Diligence (CDD) processes and Know Your Customer (KYC) are the essential part of an effective AML and CTF regime. The AML and CTF framework ensure the safe and effective functioning of organizations at higher money laundering risk.

The AML and CTF framework or policies makes an effective risk management tool. In addition to that, an effective AML and CTF regime also reduces the probability of damage to the organization due to fraudulent activities.

2- Encouraging economic development

Money laundering directly impacts the economy of a country in a negative manner. Funds occupied through illegal means take a different path in the country’s economy than the statutory funds. The laundered amount is usually placed in sterile investments to preserve their original value or making them more easily transferable to other productive avenues for further investments. These investments clearly include high-value consumption assets like real estate, jewelry, art, luxury cars, or antiques. These investments simply do not create any additional products for the broader economy.

Not just this, criminal organizations can turn even the productive businesses into vicious investments by operating illegal funds for the sole purpose of laundering instead of profit-making enterprises.

Unlike the investments for legally occupied funds, a country’s response towards sterile investments ultimately reduces the productivity of the entire economy. Therefore, sturdy AML/CTF regimes are hurdles to the execution of criminal intentions in any country’s economy. Furthermore, this allows the investments to be transformed into something productive that responds to the customer’s needs and aids the economy’s overall productivity.

3- Fighting corruption and crime

A steady AML and CFT institutional framework, which incorporates a broad premise for crimes like money laundering, helps in fighting corruption and crime. Money laundering is the crime that facilitates the criminals or money launderers through underlying criminal acts and the laundering of illegally occupied funds. Likewise, an AML and CFT framework incorporates bribery as a primary offense, and its effective enforcement provides a lot fewer opportunities for the concerned person to bribe public officials or to corrupt them in any other manner.

An effective AML and CFT framework regime is a deterrent to any sort of criminal activity.

Such sturdy regimes make it difficult for the criminals or the money launderers to get benefitted from any of their actions planned amidst the robust AML/CFT regulations. In this context, the confiscation and seizure of the proceeds of money laundering activities are vital to the success of any AML program. Loss of revenues from money laundering activities nullifies the profits and therefore reduces the incentives for criminals to take criminal actions.

Final words

With this, we now understand what social and economic impact money laundering has on the economy of the country and how to overcome or reduce the adverse effects of the same on the economy.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

Dealers in Precious Metals and Stones Report (DPMSR)

What is Dealers in Precious Metals and Stones Report (DPMSR)?

Ministry of Economy issued a Circular (No. 08/AML/2021 dated 02 June 2021), instructing the dealers in precious metals and stones to register the specified transactions – cash transactions or transactions through wire transfers (in case of legal person) exceeding a certain amount in the report named as Dealers in Precious Metals and Stones Report (‘DPMSR).

The said reporting requirement was made effective from 12th June 2021.

Who is required to file DPMSR?

All the dealers in the precious metals and stones (‘DPMS’) licensed in the UAE are obligated to report transactions equal to or exceeding AED 55,000 in cash or wire transfers (in specified cases). Irrespective of the registration as a mainland company or with a freezone, all the DPMS are required to file DPMSR for specified transactions.

What are the transactions to be reported in a DPMSR on the goAML portal?

Cash transactions with resident individuals equal to or exceeding AED 55,000
Cash transactions with non-resident individuals equal to or exceeding AED 55,000
Cash transactions with corporate entities (legal persons) equal to or exceeding AED 55,000
Transactions with corporate entities (legal persons) involving international wire transfers equal to or exceeding AED 55,000
Local wire transfers made through an exchange house
Instalment transactions in cash equal to or exceeding AED 55,000, to be reported at the time of receiving funds
Unfixed gold transaction involving cash equal to or exceeding AED 55,000
Advance payment in cash equal to or exceeding AED 55,000, to be reported at the time of receiving funds
Wire transfers from a mainland/onshore company to a Free zone company (not part of the same company)
Transaction between two Free Zone companies, settling the payment in USD through the international wire transfer

What transactions are exempt from being reported into a DPMSR?

Credit card, cheque, or bank transaction with an individual, irrespective of the amount
Exchange of old gold or gold-to-gold transaction, not involving cash equal to or exceeding AED 55,000
Local wire transfers and cheque transactions from a local bank in the UAE
Payment towards Margin calls, Loans with banks
Intra-company transfers or purchase/sell transactions in cash, irrespective of the amount
Transactions through the Letter of Credit issued by banks
Transaction between two Free Zone companies, settling the payment through the bank accounts in the same bank in UAE
Physical trade of precious metals or stones with commercial banks operating & regulated outside the UAE

What are DNFBP’s obligations?

DPMS must obtain and record the following:

Identification documents of individuals with whom the transaction is executed
Trade License of the entity and the identification documents of the local representative of the entity with whom the transaction is executed

Along with obtaining relevant documents pertaining to parties involved in the transaction, DPMS shall submit DPMSR on the goAML platform, capturing details of the parties and transaction.

Documentation requirement

As part of obtaining identification documents, the following documents shall be collected:

Resident individual

Valid Emirates ID; or
Passport copy

Non-resident individual

Valid Government-issued ID; or
Passport copy

Entity/Company

Trade License
Emirates ID or passport copy of representative

Please note that all the relevant documents pertaining to such transactions are to be maintained by the DPMS for a minimum period of five (5) years.

What is the timeline for filing DPMSR on goAML Portal?

DPMSR is to be filed within 2 weeks of the occurrence of receipt or payment of funds equal to or exceeding AED 55,000 through cash or wire transfer.

What is the timeline for filing DPMSR on goAML Portal?

It is important to note that filing of DPMSR to report the transaction pertaining to the transaction exceeding the specified threshold is an additional requirement.

DPMS is not absolved from the filing of Suspicious Transaction Report/Suspicious Activity Report/Fund Freeze Report/Partial Name Match Report, as and when the same are applicable. Accordingly, along with the filing of reports as prescribed earlier for reporting sanctions or suspicion, additional DPMSR is to be filed to report designated transactions.

DPMSR Summary

Transaction Value	Transaction with	Mode of payment	Documents obtained & reporting requirement
Equal to or exceeds AED 55,000	Resident Individual	Cash	Valid Emirates ID; or Passport copy Submit DPMSR on goAML platform
	Non-resident Individual	Cash	Valid Government-issued ID; or Passport copy Submit DPMSR on goAML platform
	Entities/Companies	Cash; or Wire transfer	Trade License Emirates ID or passport copy of representative Submit DPMSR on goAML platform

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

What are AML compliance requirements in DIFC?

Dubai is a financial hub and an epicenter for trade activities in the Middle East and Gulf region. Thousands of businesses, along with banks and financial institutions, operate in the world’s most popular financial center in Dubai, the Dubai International Financial Centre (DIFC).

Even the designated businesses operating in the DIFC are also subject to AML rules and regulations obligated to implement proper measures to fight money laundering and terrorism financing in this region to support the DIFC position. DIFC implements various AML rules and regulations and operates as full-fledged jurisdiction to combat money laundering and mitigate its risks. It is supervised by the Dubai Financial Services Authority, which addresses the burning issue of money laundering and other financial crimes rampant in this particular economic zone. Firms should be mindful of the DFSA regulations and comply with them to avoid penalties and contribute to the government’s mission of reducing exposure to financial crimes.

DIFC and Its Regulatory Authority DFSA

DIFC is a leading international financial hub in the Middle East, Africa, and South Asia (MEASA) region. The Dubai Financial Services Authority (DFSA) is the DIFCs financial regulatory agency. It is authorized to protect DIFC and the economy against money laundering and terrorism financing by implementing the relevant rules and regulations.

What are the AML Regulations applicable to companies operating in DIFC?

The UAE federal legislation was created to follow the international AML/CFT standards and recommendations provided by the Financial Action Task Force (FATF). The crucial acts of the federal legislation that guide AML compliance in Dubai is mentioned as follows:

Federal Law No. (4) of 2002 was implemented to combat Money Laundering and Terrorism Financing Crimes. It criminalizes money laundering and requires all relevant persons to report any suspicious transactions to the Financial Intelligence Unit of the UAE.
Federal Decree Law No. (20) of 2018 is a crucial law on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations. This law is a vital component of the UAE’s efforts to prevent financial crimes, and it helps to improve the efficiency of the legal and institutional bodies in the UAE (including Cabinet Decision No. (10) of 2019).
Regulatory Law DIFC Law No. (1) of 2004.
DIFC’s Non-Financial Anti-Money Laundering/Anti-Terrorist Financing (AML/CFT) Regulations
The DFSA Rulebook – Anti-Money Laundering, Counter-Terrorist Financing and Sanctions Module as applicable to Financial Institutions, Designated Non-Financial Businesses and Professions (DNFBPs) and Virtual Asset Service Providers (VASPs).

DIFC Regulatory Law of 2004 provides that the companies within the DIFC must follow the rules and regulations established by the UAE, i.e., other federal laws. There are certain obligations that the banks and other financial institutions have to follow to obtain a license and operate in the DIFC.

What are AML Compliance obligations for businesses operating in DIFC?

The Financial Action Task Force has provided recommendations for AML/CFT compliances. Further, per DIFC’s AML/CFT regulations, the firms in the DIFC have to create an effective AML/CFT program by evaluating the money laundering risks they are likely to be vulnerable to. The standard practices they have to follow for AML compliance are mentioned below:

Customer Due Diligence:

Firms need to adopt a risk-based approach to combat money laundering risks, so they need to put appropriate CDD measures in place to verify the customer’s identity. Customers identified as high-risk should be subjected to the Enhanced Due Diligence process.

Transaction monitoring:

It is vital to monitor the transactions continuously and identify any money laundering risks during the customer relationship journey. Businesses can take the help of AML software to spot any suspicious transactions and unusual patterns in the transactions and identify any fraudulent financial activity.

Screening:

Screening is crucial in the entire AML compliance framework as it helps businesses identify the individuals or entities who have been sanctioned or involved in any financial crime-related activities. Firms need to screen customers to determine whether any of the person or their UBO is Politically Exposed or not. They also need to monitor their customer databases and match the names on the updated local and international sanction lists.

Appointment of a Compliance officer:

Organizations must appoint a compliance officer – a money laundering reporting officer (MLRO). The officer supervises the compliance process by ensuring the AML procedure is appropriately implemented and checking if organizations follow the due process of AML compliance to safeguard themselves against financial crime risks. Suppose the firms identify any suspicious activity or transaction. In that case, the MLRO must file a Suspicious Activity Report or Suspicious Transaction Report to the CBUAE, with a copy to the DFSA.

AML Rulebook:

The DFSA issues an AML Rulebook to firms that contain modules regarding implementing the AML/CFT regulations within the DIFC. The rulebook guides the firms to implement the measures effectively by interpreting the legislation correctly and adopting a risk-based approach. So, the firms should be aware of the contents of the DFSA AML rulebook and adhere to the same diligently.

The critical distinctions between federal AML requirements and that of DIFC

1. DFSA Rulebook includes “person issuing or providing services relating to Non-Fungible Tokens or Utility Tokens” as a DNFBP, unless-

The transaction (or interconnected transactions) related to the issue of NFTs, or Utility Tokens, is equal to or less than $15,000 in value, or
The person is providing technology-related support or advice to an issuer of the NFTs or Utility Tokens.
While any person conducting business activities in relation to Non-Fungible Tokens (NFTs) is considered generally treated as Virtual Asset Service Provider as per federal laws in line with the FATF Recommendations.

2. DFSA Rulebook also specifically provides that Real Estate Developers and Insolvency Firms would be construed as DNFBP.

3. Regulated entities operating in DIFC must have a Compliance Officer who is a UAE resident (except in the case of a registered auditor). It is not a condition as per federal AML Law.

4. The minimum period prescribed for record keeping is six (6) years per DIFC regulations, while it is five (5) years per federal laws.

5. AML Annual Return (for the period 1st August of the previous year to 31st July of the reporting year, to be filed by the end of September of each year) is the requirement under DFSA Rulebook for all the regulated entities operating in or from DIFC. It is in addition to the requirement of semi-annual report submission as per Cabinet Decision No. (10) of 2019.

AML Regulation Enforcement by DFSA

Failure to comply with the AML/CFT laws by organizations falling within the ambit of the DIFC is subjected to investigations. The DFSA might ask for evidence such as account details and records and conduct interviews with the Compliance Officer and the senior management. It is mandatory to follow the rules as non-compliance will lead to the imposition of fines – violation of AML rules attracts a penalty between 10,000 to 1 million dirhams. Money launderers and predicate offenders can also be imprisoned for up to 10 years.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

Why is an Independent AML Audit Necessary

The AML/CFT legal framework is constantly changing and evolving. It necessitates a continuous check and assessment of the AML policies and procedures. An independent body (not involved in any AML routine compliances) must keep a tab on the AML policies and procedures and check their effectiveness in line with the AML rules and regulations. Further, even the AML laws specifically mention that designated institutions must get their AML compliance and framework periodically reviewed by an independent auditor.

Thus, an independent AML audit is the need of an hour that can regularly monitor the relevance of the AML compliance programs and the effectiveness of their adoption in the organization.

Please note that an AML audit is very much distinct from the regular statutory audit of the company’s books of accounts. In an AML audit, the company’s compliance policies and controls are reviewed, while in a traditional audit, books of accounts and the internal controls around business operations are verified.

Key benefits of external AML audit

Though companies set up an in-house AML compliance department, they need to get an unbiased opinion on the efficacy of their AML policies, controls, and overall framework. Such an independent audit reveals the areas in which the AML department needs to work to make the compliance process more robust and ensure its adherence to the AML rules laid down by the government and independent international bodies such as the FATF.
Independent audits are equipped to take prompt action – they can identify the risks plaguing the company’s AML compliance strategy. The audit will help understand the measures a business must adapt to mitigate the risks and analyze a gap between the existing controls and those recommended.
Moreover, with independent audits, a business can keep pace with the changing landscape of the AML compliance framework. It can align its AML framework with the new requirements and prevent the risk of non-compliance while protecting the organization against the recent ML/FT typologies and trends.
It is vital to evaluate the AML practices regularly to ensure quality assurance in the AML compliance process. So, regular independent audits can bring much-needed consistency and reliability in quality to the AML compliance program.
Regularly conducted AML audits will help accurately assess and implement the remedial measures. The audit will also review the firm’s progress in adopting and implementing them to eliminate the AML policies and procedures discrepancies.

Elements of an Independent AML Audit

Objective Opinion

External AML audits are beneficial as they offer an unbiased opinion of the AML compliance program. The audit team comprises professionals with technical expertise and proficiency in AML compliance, so they are the right people to judge your AML compliance framework. Further, the audit would be independent of the routine AML compliances and process to share their fair observations. So, it would be best to get an independent audit to evaluate the AML policies and procedures and get professional guidance to make the AML compliance process more wholesome. With practical and effective recommendations, businesses can improve the efficiency of compliance operations and achieve full AML compliance, protecting the business from being exploited simultaneously.

Goodwill

External audits also help earn goodwill in the market. Investors, stakeholders, and customers appreciate the business’s strict compliance approach. It helps build a good image which also attracts potential investors as they know that with the independent AML practice, they will not have to face any legal issues or non-compliance penalties. The firm can always be ahead of the curve with preventive measures. Timely action is possible with the help of independent audits. The audits will help identify shortcomings and prevent non-compliance. It helps to stay compliant with AML rules and regulations, ultimately helping to boost your reputation and goodwill in the market amongst various stakeholders

Collaboration

A collaborative approach is the best way to get effective results in AML compliance. It will help as the results be shared with the employees, increasing their awareness and understanding of the gaps in the AML compliance program. With the guidance obtained, the staff can streamline their compliance operations. An independent review of the existing AML policies and procedures and communication with the compliance officer will let the business know the effectiveness of the AML compliance measures adopted per the AML laws. The audit will outline the recommendations for streamlining the current AML framework to achieve full AML compliance.

The Right Resources

Different resources are involved in the AML compliance procedure. The right mix of human resources and technological support aids in a highly effective AML audit leading to accurate results. The audit team with expertise in AML regulations, experience and reliability in conducting independent AML audits, and support of the best AML software will enhance the effectiveness of the AML audit and deliver the best results. Today, businesses are extensively using AML software to support AML audits to get better results. It helps access, collect, and organize the data and dispense the information to the concerned stakeholders. It will ensure that your AML compliance framework is implemented cost-effectively with the best internationally accepted standards.

Communication

Clear and regular feedback is necessary to effectively improve and implement the AML audit suggestions. Businesses need feedback – a highly efficient tool to achieve full AML compliance. The company should implement the feedback to accomplish the purpose of the AML audit. Two-way communication will help achieve the best results from the AML compliance program.

When Should the AML Audits be Conducted?

The best AML audit practice is to conduct the audits annually, which will provide a comprehensive view of the AML practices, evaluation of AML training programs and the AML procedures, and policies being adopted by the organization. Moreover, the audit will help check if the latest guidelines are followed. Annual audits are recommended to learn about the potential revision the current AML framework requires. The audit will reveal if the business involves modification in the existing AML compliance program or needs a complete overhaul of the entire AML framework. The AML audit findings will help companies keep track of their compliance efforts and make the necessary changes the AML auditor reveals.

It is noteworthy that all businesses do not require an annual audit as it depends on the nature and size of the company. Suppose the company is too large or deals in products or services that might be prone to financial crimes-related risks, such as money laundering or financing of terrorism. In that case, it becomes a prerequisite to have an AML audit conducted annually. It helps to adopt a proactive approach and keep the business safe from money laundering and vulnerable to misuse of funds or financial crimes.

Businesses should conduct audits per the requirements, focusing on evaluating the weak areas in compliance, such as the KYC process or EDD. The audit might suggest aligning the existing AML policies and procedures with the new rules and regulations. There might be cases where businesses need support in identifying PEPs or UBOs. They might need assistance in AML training or require help with the proper software selection. The AML audit will reveal the effectiveness of all these elements in the AML compliance program and guidance on the correct procedure the business needs to adopt.

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Article UAE

Accurate AML Compliance with KYC Automation

Know Your Customer of KYC, as we call it, is the fundamental criterion for starting a business relationship with a customer. A robust KYC process helps businesses comply with the AML rules and regulations and identify any discrepancies in the customers’ profiles at the initial stages of establishing a business relationship. It helps identify forged identities often used to place the illegal money through the legal system and hide their origin or source. But manually managing and implementing the KYC process can be complex and challenging, especially in the fast-evolving digital environment, where the outcome expected is precise and immediate. Digital transformation in AML compliance requires an hour as these processes must combat financial crimes-related challenges arising from identifying and verifying the customers and business partners.

For Know Your Customer KYC, businesses often depend on reliable external sources to verify and authenticate the information furnished by the customers. The onboarding process is deemed to be concluded when information submitted by the potential customer is screened/verified against the data made available by third parties. It includes the government agencies that manage the company registration and incorporation work and agencies involved in overseeing the credit scores and risk management. Such information is available and accessible in the public domain on their web products or via APIs. Businesses can access this valuable information via hard copies or digitally to ensure they have all the required information at their disposal when carrying out the KYC process.

The KYC files consist of primary and secondary documents. The primary documents are the ones that act as supportive evidence from trustworthy independent sources. At the same time, the secondary information includes reporting of the compliance specialists that reveals the data analysis, interpretation, and the results derived from the analysis.

Businesses need to liaise with such agencies to help them verify the authenticity of the documents furnished by individuals and entities proposing to establish a business relationship. It will help them carry out the due diligence process and ensure that they associate with only legit businesses with no criminal records or intention to get involved in money laundering activities.

Most KYC process includes employees manually creating documents. Team collaboration in AML compliance depends on documents shared in drives and sent via email. These KYC files are shared and accessed, and the compliance team collaborates online to complete the KYC process. Earlier manual downloading of the KYC files was cumbersome, and KYC became an overwhelming process for both small and large designated organizations.

Creating digital customer profiles with access to complete customer data helps businesses achieve full AML compliance. Digitization has streamlined the KYC process and made it more manageable and cost-effective. Now, with the help of technology dedicated to efficiency in the compliance processes, such as AML software, companies can complete the KYC process in a relatively short period with more effective and accurate results. They can offer a smooth onboarding process and an enhanced customer experience.

Disadvantages of Manual KYC

There are several disadvantages of manual KYC processes, which urge businesses to move towards digitization and create digital customer profiles. Collecting the customers’ information, organizing, and storing it manually is a burdensome task that leaves business organizations no time to focus on growth. Instead, they are tied up between the complex compliance requirements and fulfilling the basic needs of the KYC and due diligence for its customers. Let’s know why business organizations should reduce dependency on manual KYC drastically.

Information gathering is a time-consuming task and therefore delays the customer onboarding process. It leads to a bad customer experience, involving too much correspondence between the parties, damaging the company’s reputation.

Human errors are also a factor that makes companies consider minimizing dependencies on manual efforts. Errors can enable criminals to misuse an organization’s financial system and exploit the resource to launder illegal money. In addition, improper implementation of the policies does not yield the desired results and leads to discrepancies in the entire compliance process. Errors can jeopardize the whole compliance exercise and render the KYC process ineffective, which makes the organization more vulnerable in the hands of criminals.

In such a scenario, businesses attract penalties and fines imposed by the government and the concerned authorities. Regulatory action is taken against firms that do not implement the KYC process diligently.

Digitization and automation can help businesses streamline the KYC process, avoid all the problems mentioned above, and ensure AML compliance.

Disadvantages of Manual KYC

Integrating the AML software to make the KYC process more manageable, robust, and efficient would be the optimal suggestion. Digitizing the KYC process will ensure a digital customer profile that can be easily created, accessed, and stored, managed while collaborating with the compliance team. It will provide accurate results and help businesses detect any anomaly early in the compliance process, starting from customer onboarding.

With real-time updates, the whole team is on the same page and can work effectively to combat money laundering and financing of terrorism. The technology unifies information and presents data in an easy-to-understand format helping the team analyze and derive accurate results. So, automating the manual KYC will help businesses implement the KYC procedures correctly and assist in accurate risk assessment and management.

Manual vs. Digital KYC

The best way to bring efficiency to the KYC and other AML compliance frameworks is to leverage technology that provides quick and accurate results and reduces the dependency on human resources. Manual processes are fast becoming redundant as the evolving technology is streamlining the KYC process and delivering results in a blink of an eye. So, businesses can free their workforce from manual and mundane tasks and instead direct them towards solving more complicated tasks, focusing on the growth of the business’s core operations.

Social media has become a potent source of real-time information that companies can easily access anytime. Businesses can get the customers’ details from online sources and analyze the customers’ accounts digitally to arrive at the correct conclusion.

With the updated and correct information, businesses can make informed decisions regarding the authenticity of the documents furnished for KYC. They can identify forgery of any kind during the onboarding process and avoid any mishap of financial crimes.

KYC requires collecting and verifying customer data, which businesses monitor throughout the business relationship journey. Continuous monitoring helps detect changes in the customer profile. Creating and updating customer profiles manually is daunting; therefore, relying on technology and creating customer profiles digitally is advisable. With a digital profile, the compliance personnel can easily track all the customer data and compare it with the current profile to analyze changes. With continuous monitoring, businesses can detect any unusual customer behavior and immediately track any suspicious activity with the help of technology. Mapping the original customer profile with the updated profile with accuracy is possible only with technology.

Final Words

Using technology for AML compliance is the way forward for all businesses. Today, software that works on AI brings the much-needed proactiveness and efficiency that companies need to comply with the ever-changing AML regulations. Automation with the help of AML software makes the KYC process more accurate and cost-efficient. It saves precious time for the organizations, which they can allocate to core business functions. Technology helps efficiently implement the AML policies and ensures 100% adherence to the AML laws.

Moreover, it reduces operational costs to a large extent by reducing human dependency on the completion of the KYC process and the occurrence of human errors. The technology makes data collection, storage, and retrieval quick, easy, and effortless, simplifying the AML compliance process.

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Article UAE

AML Training to the Employees: Strengthening the AML Compliance

Financial criminals are developing sophisticated methods of laundering funds and exploiting various legitimate business organizations. To tackle this, the entities must ready the teams across all the business fronts to effectively detect the potential risk indicators and take necessary actions to prevent the same. Here comes the need for adequate AML trainingfor the organization’s employees, arming them with the necessary knowledge and skills to handle money laundering and terrorism financial risks.

Further, the regulated entities subject to compliance with the Prevention of Money Laundering Act, 2002 (PMLA) and the International Financial Service Centre Authority (AML, CFT, and KYC) Guidelines, 2022 (IFSCA AML Guidelines) are obligated to develop and maintain a robust AML training program for the employees. This regulatory requirement aims to ensure that the staff of the regulated entities is well aware of the financial crime risk the business is exposed to and understands the need to contribute towards combating money laundering and terrorism financing.

This article discusses the significance of AML training, the AML training program, and some of the best practices the regulated entity should follow for effectively implementing the AML training program to yield the desired outcome.

Why Is AML Training An Essential Element Of The AML Program?

To effectively implement the AML program across the organization, the support of the entire workforce is crucial. In this context, here are some of the key grounds for including a robust AML training program in the entity’s overall AML framework:

To Effectively Comply With Internal AML Policies

The regulated entities subject to AML compliance under PMLA orIFSCA AML Guidelines must develop necessary policies and procedures to identify the money laundering and terrorism financing risk and deploy necessary risk mitigation measures. The penetration of the launderers may be detected at the entry level or during regular business operations. For example, the potential risk indicator may be identified when onboarding the customer, or any unusual transaction pattern is identified in the case of an existing business relationship. Here, the role of the customer onboarding team, customer relationship management team, and the back office (accountant) are equally significant in identifying the possible financial crime at different stages of the customer lifecycle.

Thus, it is important to bring every department of the company on board the AML function to create a holistic shield. This warrants adequate training to the team across all fronts of business, creating awareness around the internal AML/CFT policiesand systems, the roles and duties of each employee to combat the financial crime, empowering the concerned employee to effectively perform Customer Due Diligence or implement transaction monitoring program or other necessary AML tasks.

To Stay Regulatory Compliant

As discussed above, the AML regulations in India (PMLA and IFSCA AML Guidelines) mandate the regulated entities to implement AML training to ensure that the team knows the ML/FT typologies the business is exposed to and supportsoverall AML compliance. The absence of AML training would be treated as AML non-compliance, resulting in heavy fines and penalties in the regulated entity, risking the overall AML efforts.

To Protect The Business Against Financial Crime Risk And Safeguard The Reputation

Assume the customer has been executing large cash transactions without justifying the source. Here, the personnel handling the customer did not understand the AML requirements and did not perceive it as a red flag. Later on, it was found that the said customer laundered huge funds generated from narcotics activities through the regulated entity’s business. This led to AML non-compliance, misuse of the business for financial crime, and irreversible damage to the business.

Had the concerned client-facing employee been aware of the AML measures and the risk indicators, he would have flagged off this to the AML Principal Officer for him to investigate and take necessary actions on a timely basis, preventing the business’s exploitation and reputation amongst the stakeholders. This illustration vividly highlights the significance of AML training to promote the entity’s AML compliance, safeguarding the business’s integrity and good standing.

Having discussed the importance of AML training, let’s explore what an ideal AML training program must look like.

What AML Aspects Must Be Included In The Employee Training Program?

The employees must align themselves with the business’s AML goals. This requires an understanding of the overall AML compliance framework, starting from awareness of the basic concepts around financial crime, the regulatory obligations imposed upon the business, the regulated entity’s internal AML program, the red flags associated with the nature of the business undertaken, etc.

Further, a structured AML training program must be designed, adopting a risk-based approach and considering the entity’s business risk assessment outcome.

To develop a comprehensive and effective AML training program, the regulated entity must consider general training as well as job-specific training, covering the following aspects:

Discussing the basic concepts of money laundering and terrorism financing
ML/FT typologies (on how financial criminals can slip into the business unannounced)
India’s AML regulatory framework and the compliance obligations imposed thereunder (PMLA and IFSCA AML Guidelines)
What is the role of India FIU
Understanding the FINGate registration process
Risk factors and methodology necessary for conducting Enterprise-Wide Risk Assessment
Customer Due Diligence (including the Know Your Customer (KYC) process, customer risk assessment, circumstances, and timing of applying CDD measures)
Decoding the beneficial ownership structure in case of corporate customers
Enhanced Customer Due Diligence (EDD), including the scenarios warranting application of EDD and the increased measures to be applied
Significance of ongoing monitoring program (transaction monitoring as well as business relationship) and the system implemented by the entity
Understanding the red flags
Recognizing and reporting the Suspicious Transactions
Other AML-related reporting requirements
AML documentation requirements
Appointment of AML Principal Officer and Designated Director and the AML functions entrusted upon
Roles of senior management and discharging oversight function
Compliance with AML Audit
Implementation of the sanctions program and the screening systems
Roles and responsibilities of employees and the consequences of non-compliance

When the AML training program is comprehensive and effective, the entity’s AML Compliance Framework can be implemented effectively and in the true sense.

What Are The Best AML Training Practices The Regulated Entity Must Follow?

While developing the AML training program, the regulated entities must consider the following to enhance the effectiveness of the training efforts:

1. Participants

AML Training program must cover the front-line employees managing the client relationship and the back-end function, looking after accounting and payment clearance. AML Compliance Officer (Principal Officer) and the Designated Directors must actively get involved in the training. Further, the Senior management should also participate in and contribute to the overall learning session.

All the employees must be trained in AML, with the degree and extent of AML awareness depending on the role of the employees. No exception shall be allowed, whether the full-time employee or the staff is working part-time or on a contractual basis.

2. Training Content

The training content must be comprehensive, covering the general concepts and the specific areas relevant to the employee’s routine job or the AML aspects where the team is assessed to have weak clarity. The training sessions should be more relatable to the employee’s routine business functions, where the AML compliance and business tasks can be aligned.

Further, to enhance the quality of training, the regulated entity must consider including real-life case studies. This will provide practical insights into the AML concepts, empowering the team to use these measures when a peculiar situation arises in the course of a routine job.

The possibility of including workshops and quizzes must also be explored to make the training more interactive to retain the participant’s attention.

3. Training Methods

The regulated entity must consider involving experienced faculties for conducting AML training, be it an in-house AML Principal Officer or an external professional. Further, the training format could be in nature of online modules or a live session (classroom or through virtual mode).

For a better retention rate among the staff, the regulated entity must consider splitting the training program into smaller modules spread across weeks or a month instead of putting all on the employees’ plates in one go, which is difficult to absorb.

4. Adequate Timing And Frequency

The frequency of the AML training largely depends on the nature of business activities carried out by the entity and its assessment of financial crime exposure. However, the entity must ensure that mandatory AML training is imparted to the new employees upon their joining and to the existing employees once a year. Not restricted to the annual plan, the regulated entity must consider scheduling the awareness session upon a significant change in the regulations impacting the business or identifying the new ML/FT trends relevant to the business.

Further, the training must be scheduled when the regulated entity implements new systems or controls. Educating the team on a timely basis can improve the utilization of new resources and effectively combat financial crime.

5. Assessment

The AML Principal Officer must assess the knowledge of the employees before and after the training. The pre-training assessment shall help the entity understand the employees’ existing AML awareness level and modify the training agenda accordingly. The post-training assessment will enable the entity to determine if the training agenda has been achieved or if there are some gaps requiring an extension of the training program. This can be done through surveys, interviewing the team, or conducting tests.

Further, the employee’s feedback must be sought to identify the gaps in the learning program and immediately attend to resolve the same.

6. Regularly Reviewing And Updating The Training Program

It is important that the team’s AML knowledge and understanding are up-to-date. The regulated entity must periodically review the training program and the content used during the sessions to check its quality and relevance. The outdated information and examples must be eliminated, incorporating the regulatory updates and emerging ML/FT red flags.

7. Maintaining AML Training Records

The regulated entities should maintain the following records about AML training to comply with regulatory requirements and use such records for future enhancements of the training program:

Training topics discussed
Details for the trainer
When was training conducted
Training material used
Who all participated in the training
Outcome of the pre and post-training assessment

It is highly suggested to develop a robust AML compliance framework in the organization and adopt a proactive approach toward sanctions screening. So, during the screening process, businesses should search for aliases, and name variations, including and excluding middle names. Also, match the customers’ information based on the date of birth, middle name, nationality, ID number, etc.

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Article India