INTELLIGENT FRAMEWORK YOUR BUSINESS
What is an Independent AML/CFT Audit?
An Independent AML/CFT Audit is an essential part of an AML/CFT program whereby an independent person verifies that the AML/CFT framework of an entity is in accordance with legal requirements and control measures implemented for compliance are effective.
In accordance with the Financial Intelligence and Anti-Money Laundering Regulations 2018 (FIAML Regulations), a reporting person has an obligation to establish an independent audit function to review and verify compliance with and effectiveness of the measures taken in accordance with the act and the regulations.
Frequency of Independent AML/CFT Audit
The frequency of the licensees’ AML/CFT audits should be proportionate with their size, nature, context, complexity and internal risk assessment. While the minimum requirement tends to be annually, licensees can determine themselves the frequency of audits based on the AML risks they face and the rate of change experienced in their business activity.
More than a mere one-off audit, financial institutions and DNFBPs are encouraged to design an Audit Program that will help them to ensure that they have an independent, adequate and effective audit function. An Audit Program has to be designed taking into consideration the specificities of your organisation, AML risks identified and risk appetite among other factors.
We provide a wide range of services relating to AML/CFT Compliance and based on international best practices. Our team have experience in handling AML/CFT matters in several jurisdictions and help clients navigate their multi-jurisdictional AML/CFT compliance journey.
How can we help?
Having conducted AML/CFT audits in different jurisdictions, our compliance experts have the expertise to conduct quality AML/CFT audits and provide recommendations based on best practices that will bring value to your business. We can also help you in designing a tailor-made audit program that will further mitigate your risks.
An effective AML/CFT Framework is important not only because it is a legal and regulatory requirement, but it also helps to reduce risks and ensure the integrity of the business. Regulated Financial Institutions and Designated Non-Financial Businesses and Professions (DNFBPs) are required to design an appropriate AML/CFT framework in line with prevailing Laws, Regulations and AML/CFT risks.
An important part of the Framework is the implementation of an adequate Targeted Financial Sanctions program in view of applicable legislations. Bearing in mind the heavy fines, regulatory and reputational damages that can result from non-compliance with sanctions requirements, it is important to ensure that your sanctions program is tailor-made for your specific circumstances, having regard to your target market and customers among others.
How can we help?
We can assist by:
- Coordinating and preparing licensing application (authorisation) documentation prior to sending to the regulator
- Designing the whole AML/CFT program including AML/CFT Compliance manual, internal control manual, AML/CFT monitoring program
- Designing all relevant documents such as client onboarding forms
- Setting up the Compliance function
Establishing an AML/CFT Program is essential, and implementing a proper AML/CFT Monitoring and Testing Program is equally important. In Mauritius, Regulation 31 of the FIAML Regulations 2018 requires Financial Institutions and Designated Non-Financial Businesses and Professions (DNFBPs) to establish and maintain appropriate procedures for monitoring and testing compliance with AML/CFT requirements having regard to ensuring that:
(a)Financial Institutions and DNFBPs have robust and documented arrangements for managing the risks identified by the business risk assessment conducted:
(b)The operational performance of these arrangements is suitably monitored and
(c)Prompt action is taken to remedy any deficiencies in arrangements.
How can we help?
An AML/CFT Monitoring and Testing Program is much more than merely conducting an Independent AML/CFT Audit annually. Our team has designed and implemented AML/CFT Monitoring and Testing Programs for regulated companies in Mauritius and several other jurisdictions to assist them in complying with their local AML/CFT requirements. The Program helps Financial Institutions and DNFBPs to adequately monitor AML/CFT arrangement and control measures in place, demonstrate compliance of their AML/CFT Framework with applicable legislations and document the effectiveness of arrangements and control measures implemented.
Our team can:
- Design an AML/CFT Monitoring and Testing Program specific to regulatory requirements applicable to your license and business
- Assist you in the implementation of the AML/CFT Monitoring and Testing Program in your day-to-day activities
- Assist you in documenting the Monitoring and Testing process to enable an audit trail for regulators and external audit
- Train your employees on the AML/CFT Monitoring and Testing process
A key component of an effective AML/CFT Framework is the ability of a Financial Institution and a Designated Non-Financial Businesses and Professions (DNFBP) to identify inherent risks faced including but not limited to customer risk, geographical area risk, risks posed by products and services offered, delivery channels and new technology risk.
All identified risks have to be assigned an appropriate risk rating, highlight whether control mitigations measures implemented are effective and quantify the residual risk accordingly. The AML Business Risk Assessment should also provide the means to identify any improvement area required from an AML/CFT perspective.
Frequency of Business Risk Assessment
While the AML Business Risk Assessment should be reviewed (and updated if needed) at least annually, there are several factors, including business complexity, AML/CFT risks, any changes in the law and any triggering events, that need to be taken into consideration to take an informed decision as to whether to conduct the assessment more often.
A financial institution and DNFBP should have a proper documentation demonstrating the risks assessed, the basis and methodology used for the assessment, how the National Risk Assessment was considered among other factors.
How can we help?
- We can assess and quantify your inherent risk, identify your control mitigation measures and quantify your residual risk
- We can help to design appropriate control measures to further mitigate your AML risks
- We can help you document your AML Business Risk Assessment to ensure a proper audit trail
A core element of a Risk Based Approach is to have an effective customer risk assessment mechanism to identify AML risks posed by each clients. A proper customer risk assessment has to take into consideration the customer risk, geographical risk, Products, Services and Transaction risk among others.
How can we help?
- Our team can design your Customer Risk Assessment framework, including the risk assessment document and risk assessment methodology
- Over and above the ‘traditional risk factors’, we can help you assess and identify and integrate other applicable risks that are specific to your business activity, target market, customer and delivery channel.
Compliance keeps evolving with the legal and regulatory environment and an AML/CFT framework should be dynamic and not static. We can assist you in reviewing your AML/CFT framework to ensure it is compliant with the Law, adapt to AML/CFT risks faced by the organisation or whenever there is a triggering factor.
We use a practical approach, providing a tailor-made framework and an on-the-job training to relevant staff to ensure smooth implementation.
Compliance can be complicated and take much of your time. Our support services are designed to assist your in-house compliance function with its day-to-day duties so that your focus can remain on your business.
Our support services include but are not limited to:
-Assisting with client file reviews
-Conducting screening (including Sanction Screening)
-AML/CFT Monitoring and Testing
-Assisting with client onboarding & KYC Review
-Assisting with transaction monitoring
– Establishing an Annual Compliance Program
-Implementing and periodically reviewing your AML Business Risk Assessment
-Provide an ongoing assistance for AML/CFT queries
-Assist with liaising with the regulator for AML/CFT Matters