The Board of Directors of a financial institution has a fiduciary duty to ensure that a robust compliance programme is in place within the firm and that a solid and effective control framework is in place. The Board needs to set the “tone from the top” to ensure that the firm is effectively promoting a “culture of compliance”.
Most financial institutions have well established procedures and policies for dealing with credit risk and market risk but the practice of dealing with Know Your Customer (KYC) and Anti-Money Laundering (AML) risk is not nearly so well advanced. As a result, the flow of critical information to risk committees and boards is often not fit for purpose.
Why is a Board-level AML Masterclass for NEDs and Executive Directors needed?
Enforcement - Fines for AML failures in recent years have been very large:
For example, $8.9bn for BNP Paribas and $1.9bn for HSBC.
Operating licenses can also be revoked.
Global scope – The EU Fourth (4MLD) and Fifth (5MLD) Money Laundering Directives have tightened the requirements around EEA parent companies’ oversight of global subsidiaries:
There is a requirement to have group wide policies and procedures.
The parent Board must ensure that EEA subsidiaries conform to local regulations and that non-EEA subsidiaries comply with the parent-country regulations.
If the latter can’t be achieved due to local legislation, then it should be reported.
Transparency & Visibility - Boards and sub-committees are responsible for the firm’s AML Risk Appetite/Tolerance, AML Framework and on-going AML compliance yet Management Information (MI) given to Boards regarding AML is often weak to non-existent:
The Board of directors must have a solid understanding of its own role in the oversight of the AML programme.
Executive Directors and NEDs need to know the right questions to ask.
Executive Directors and NEDs should know what best practice is in terms of AML MI and oversight for Boards.
Reputational Risk – Chief Executives and even Chairs may lose their job, not necessarily because of the scale of any given failure but because of the damage that can flow from being judged not to be taking sufficient steps to protect society from criminals, fraudsters and terrorists.
Key Components of a Board-level AML Masterclass for NEDs and Executive Directors
Board members are not required to be experts in AML but, in order to effectively exercise their oversight responsibilities, are required to understand the fundamental aspects of the firm’s AML Risk Control Framework, including:
The Regulatory environment and Enforcement Actions
A basic understanding of the regulatory environment in which the firm operates.
Applicable regulations, including relevant requirements around the globe.
Enforcement - consequences of non-compliance with these regulations.
Roles & Responsibilities:
Role of the Board in AML compliance.
Role of the Money Laundering Reporting Officer (MLRO) and the role of the Board in supporting this person.
Personal responsibilities and liabilities under local regulations, e.g. SEAR (Ireland) and SMCR (UK.)
The 3 Lines of Defence model and the role that the front office, compliance and audit function play as part of the AML Controls Framework.
Global oversight of AML.
The firm’s AML Risk Framework & AML Controls Framework:
1. The key aspects of an AML risk model and framework:
Risk Appetite/Tolerance - How to relate best practice to your specific business.
Risk factors and Risk Models.
Core requirements of an AML Framework and Operating Model.
2. A basic understanding of the firm’s AML Risk Rating Methodology (how is AML risk calculated, what factors are considered and what is the Risk Based Approach) – this will enable them to set the correct risk tolerance for the firm.
Board-level MI for AML:
Risk profile of the customer base:
AML Risk levels
2. Status and backlogs:
3. Weak areas in the firm’s AML controls
4. Suspicious Activity Reports (SARs)
5. Status of any regulator action or enforcement scenarios across the firm
6. Training and competency across the firm
Staff Training Programme (who the firm trains on what and how often)
7. Snapshot and trend-based analysis of the above
Lysis Academy can deliver the above as a generic masterclass. In addition, bespoke masterclasses which additionally focus more on a specific firm’s AML Framework and Controls could be written and delivered by tailoring the generic masterclass.
For more information please contact firstname.lastname@example.org.