AML (anti-money laundering) and CTF (counter-terrorist financing) will be pushed further into the regulatory spotlight in coming months as China gears up for the fourth round of mutual evaluations led by the FATF (Financial Action Task Force) and APG (Asia/Pacific Group on Money Laundering). Whatever the results of the exercise, it will serve as a clear reminder that banks need to take proactive steps to meet inevitable regulatory demands.
Scheduled for June/July 2018, the FATF/APG review will determine whether China’s legal and institutional framework meets requirements based on FATF recommendations for an effective AML/CTF approach. The results and a summary report will be published on the FATF website, most likely in spring 2019. The stakes are high, and if China’s approach is found to be lacking, policymakers will likely attempt to dig out the root cause by examining regulatory decisions and inefficiencies across the entire financial system more closely – and future requirements for banks may get tougher.
Wolters Kluwer sees significant deficiencies found as unlikely given recent efforts to enhance the national AML/CTF framework. Regulators have been engaging in capacity-building initiatives, such as a second workshop for judges and prosecutors on AML/CTF challenges and best practices early this year, organised by the FATF and regional bodies and hosted by the PBOC (People’s Bank of China) with the support of the Shenzhen Municipal Government.
Even if the evaluation result is positive, banks can expect further scrutiny of AML/CTF practices and should plan approaches and infrastructure to match. Over the past decade, the PBOC has carried out more than 25,000 on-site inspections and fined more than 2,500 institutions for violating AML regulations. Constant and increasingly rigorous AML supervision has become an important impetus for regulated institutions to improve their risk prevention and control capabilities.
AML/CTF is a constantly evolving field, and it will never be possible for banks to insulate themselves from all related risks. More important is developing an approach that identifies and mitigates the specific risks an institution is most likely to face, which will allow the bank to allocate limited resources in a targeted manner. A scoring model that ranks risk factors such as geography, customer type, and products and services is a good starting point.
CDD (customer due diligence) is the foundation of any effective AML/CTF program as the more a bank knows about its customers, the better it can mitigate AML/CTF vulnerabilities. CDD could be viewed as a sliding scale, with enhanced due diligence measures reserved for customers exhibiting high risk factors.
A step-by-step approach to compliance
The other key steps to developing AML/CTF controls capable of withstanding FATF scrutiny include:
- Gathering and preparing AML compliance policies, procedures and controls for assessment
- Examining FATF requirements and benchmarking internal practices against these
- Building a dedicated project task force that includes all relevant stakeholders, such as:
- Front office staff: As the ‘first line of defense’ and primary direct contact point for customers, the front office should be trained to understand and identify risks, and to follow proper CDD and other procedures in a variety of scenarios
- Operations team: Also part of the first line of defense, operations helps identify red flags and unusual activities, and reports these to compliance departments
- Compliance department: The second line of defense, compliance helps coordinate and monitor the bank’s day-to-day AML/CTF operations
- Audit department: The third line of defense, audit conducts independent assessments of the efficiency and effectiveness of AML/CTF programs, factoring in the demands of regulators
- IT department: IT typically manages the implementation of automated AML/CTF systems based on user requirements
- Senior management/board of directors: While it may not be involved in day-to-day AML/CTF matters, senior management plays an important role in the oversight and approval of AML/CTF policies. Management support for investment in and the implementation of AML/CTF programmes is critical to success
- Setting steps for the project team to follow, with progress regularly tracked and evaluated
Addressing the automation puzzle
Banks must also consider the technology aspects of compliance. Meeting more stringent standards involves the processing and handling of vast amounts of customer and transaction data that make at least some level of automation fundamental.
The choice comes down to whether to invest in an automated AML solution from an external vendor or to develop one in-house. Most banks quickly realise the costs, know-how and complexity involved make working with an external vendor a more feasible option – especially as IT teams are often already heavily engaged in developing other systems or simply supporting the ‘business as usual’ scenario.
When evaluating a vendor, it’s important to consider several factors. One is the ability to provide modular solutions, which allow banks to scale up AML programs incrementally according to their needs and regulatory trends, rather than forcing institutions into a ‘big bang’ approach that is potentially more resource-intensive and disruptive. This is particularly relevant to smaller institutions that need to achieve compliance goals on a limited budget. Modular systems also have the inherent flexibility needed to cope with future regulatory change.
Another consideration is the vendor’s area of specialisation. The intricacies of AML mean solutions should be embedded with a high degree of expertise and domain-specific knowledge. While the bank is the ultimate owner and manager of the solution, solutions from external vendors with industry expertise come built with essential functionalities and features based on that knowledge, meaning the institution can essentially import best practices from industry peers.
As the FATF evaluation comes into focus it is understandable banks will feel a degree of pressure. But like many other challenges, AML can be successfully tackled by careful planning, drawing on the support of experts – and taking it one step at a time.
This article was co-authored by Ben AuYeung, Product Manager, AML, and Yaqi Bao, Product Manager, at Wolters Kluwer’s Finance, Risk & Reporting business.