Skip to main content

AML Policy Checklist - 10 Actionable Steps for Compliance Officers

New regulations are being made seemingly every year and with ever-growing compliance demands. It’s more important today than ever before to have strong and effective AML policy procedures in place. Not just to combat financial crime but to avoid fines for failing to keep up with the endless stream of regulations across multiple jurisdictions. 

What makes an effective AML policy? 

The implementation of AML policy is often subject to and/or overseen by regulatory authorities and is a requirement to achieve compliance with AML regulations, working together with regulators is a great way to ensuring you’re meeting minimum compliance demands, but if you can highlight procedures that better protect the global financial system from financial crime then you’re more likely to gain positive feedback from the regulator. This policy is vital to the operation of your business and is a key defense in protecting business reputation and vulnerability to fines from the regulator. 

Within Europe, AML policy is often a combination of rules and recommendations set out in local laws, but these will be dictated to by the standards set in the EU Anti-Money Laundering Directives, which in turn are informed by the Financial Action Task Force (FATF) 40 Recommendations. 

These rules and recommendations often state an end-goal for the policy but rarely provide actionable guidance or suggestions as to how businesses can carry them out. Communicating the gap between practicality and policy is where your AML policy can show its effectiveness to the regulator.  

Practical steps for creating an AML policy

At Sentinels we are specialists in transaction monitoring and AML, we know what it takes to keep up with ever-increasing AML regulations. One of the best ways to do this and ensure that your firm’s AML compliance is always in tip-top shape is to build a robust AML policy.

Here are 10 actionable steps that compliance officers can take to do just that.

Step 1: Define the purpose of the policy

It’s important for financial institutions to define the purpose of their AML policy. This includes:

  • Defining what is meant by money laundering
  • Defining what is meant by related and predicate offenses, i.e., terrorist financing or trafficking
  • Explaining why the policy is necessary, i.e., its mission statement
  • Explaining how regular reviews will be carried out

Step 2: Appoint a responsible person or team

Appointing a dedicated compliance officer or compliance team provides accountability and reduces the possibility of compliance issues going undetected. This gives you the confidence that you have the necessary expertise in place to safeguard against financial crime risks.

Step 3: Consider your company’s AML risk

Think about the money-laundering risks that your firm is exposed to. What industry do you operate in and what impact does this have? What red flags exist within? What’s your risk appetite? These factors can help shape your AML policy.

Step 4: Account for regulatory requirements

AML policy requirements can vary depending on where you operate and you’ll be subject to different laws. It’s important that these are accounted for when building an AML policy otherwise your firm could fall foul of compliance and risk regulatory action.

Step 5: Disclose measures for due diligence

Financial firms must conduct thorough customer due diligence such as identity checks, sanction list screenings, and transaction monitoring. It’s important that these are described within your AML policy and should cover:

  • What information is collected
  • How this information is verified
  • Procedures if false information is disclosed
  • Procedures if a client can’t be identified
  • Whether any due diligence is outsourced

Step 6: Define record-keeping procedures

In addition to the above, it’s also important to define and disclose measures taken to keep track of all AML-related information, procedures, and documents, and how long information and documents are kept for. This can easily be achieved with an automated audit trail.

Step 7: Cover suspicious activity reports

Suspicious activity reports (SARs) are the cornerstone of AML. They’re a mechanism for alerting law enforcement and regulatory bodies of potential money laundering or terrorist financing by filing them with your jurisdiction’s Financial Intelligence Unit (FIU). Your procedure for generating and filing these is an important component of your AML policy, especially as this process can be an onerous task, systems that automate aspects of your SAR filing policy can be helpful in creating a more efficient compliance function.

Step 8: Build communication procedures

Communication procedures give practical guidance to employees of all levels about who they should talk to about certain issues and how specific activities should be acted upon. There should also be clear direction as to when issues should be escalated to senior compliance staff and the Money Laundering Reporting Officer (MLRO) for the company.

These procedures should also cover the process for reporting to FIUs, that should be included with the escalation guidance, and for sharing information and data with other financial institutions.

Step 9: Implement staff training process

All employees with roles falling under the scope of the policy, i.e., those who deal with clients and/or transactions, must be aware of the policy and given appropriate training.

This training should give employees knowledge on what AML is and what AML regulations are. It should also equip employees with the skills needed to identify techniques used by money-launderers, detect when money laundering might be taking place, and take appropriate action, such as filing SARs.

Step 10: Undergo an independent audit

An independent audit of your systems, processes, and AML policy is vital. It examines and evaluates the adequacy and effectiveness of systems and policies, and of the controls and procedures adopted by your firm to ensure compliance with AML regulations.

An audit can also make recommendations in relation to your systems, processes, and policies to ensure continued compliance.

AML compliance is a continuous process 

The field of AML is constantly expanding. With new developments taking place every day, AML compliance is a continuous process. While your AML policy is not the only element of your compliance efforts, it’s a major component and it’s crucial that all financial institutions have a thorough AML policy in place. 

Not only does it serve as an important reference point for your employees, but it is in many cases a requirement for achieving licensing requirements in the first place. Without one, your firm could be subject to severe penalties. 

The crucial role your AML policy plays therefore means that your compliance experts must constantly revisit and re-assess your AML policy to ensure that it’s kept up to date with the latest regulatory changes and developments.