www2.acams.org/webinars
The web seminar has not yet started: A sound check will be performed 5 minutes before the start time.
COPYRIGHT NOTICE – USE OF WEBEX LOGIN/PASSWORD FOR ACAMS WEB SEMINARS
Each site license entitles registrant to one login: one phone connection (if accessing audio via teleconference) and one Internet connection for simultaneous Webcast, in one room where an unlimited number of listeners may participate. Providing your login instructions and password to another for their use, using your login ID/password more than once, or any simultaneous or delayed transmission, broadcast, re-transmission or re-broadcast of this event to additional sites/rooms by any means (including but not limited to the use of telephone conferencing services or a conference bridge, whether external or owned by the registrant) or recording is a violation of U.S. copyright law and is strictly prohibited.
www2.acams.org/webinars
2
• Can you hear the
sound check?
• It has begun
www2.acams.org/webinars
If you cannot hear me speaking:
Listen through your computer speakers
On the Webex menu click COMMUNICATE and
AUDIO BROADCAST. During the event, if the audio stops,
just press STOP, wait 5 seconds, then press PLAY. That often fixes problems.
OR listen through your telephone
Look in your registration email to see country-specific
telephone numbers and today’s Webex teleconference “access code.”
WebEx Technical Support
Send a message to me via the Q&A box or call WebEx Technical Support:
From US & Canada 1-866-229-3239
From other countries +1-916-229-3239
www2.acams.org/webinars
4
Q & A To send a question: Locate the Q & A box on the bottom right hand corner of the WebEx platform. Type in your question and click send!
www2.acams.org/webinars
Welcome to the ACAMS Web Seminar
Focus on AML Audit:
Improving Practices & Procedures May 15, 2013
12:00 Noon– 2:00 pm ET
The web seminar has not yet started.
5
www2.acams.org/webinars
Welcome to the ACAMS Web Seminar
Focus on AML Audit:
Improving Practices & Procedures May 15, 2013
12:00 Noon– 2:00 pm ET
6
www2.acams.org/webinars
Panelists:
William Badinelli, SVP/Audit Partner Group Internal Audit- Americas, AML and Regulatory Risk Royal Bank of Scotland
Diana Liska, Esq., CAMS, CCEP, CFE Senior Auditor First National Bank of Omaha
Moderator:
Laura H. Goldzung, CFE, CAMS President & Principal Examiner AML Audit Services, LLC
www2.acams.org/webinars
Key Controls of AML Compliance Program
• Management Oversight • Written AML Policies & Procedures • Internal Controls • CIP / KYC / OFAC Screening • Transaction Monitoring & BSA Reporting • Training for Appropriate Personnel • Independent Testing
www2.acams.org/webinars
Independent Testing
• Can be performed by internal or external audit or other independent qualified parties
• Should use a risk-based approach to cover all aspects of the AML program
• Should report directly to the Board of Directors or senior management
• All testing & audit documentation must be available for review by the examiners
www2.acams.org/webinars
Regulatory Expectations for Independent Testing
• Qualified & Independent
• Frequency – Dependent on Regulator/SRO (12-18 mo)
• Assessment of:
• Risk Assessment
• Training
• Monitoring Systems
• Reporting & Recordkeeping
• Resolution of deficiencies
• Risk-based transactions testing of: • Policies, procedures, and
processes • Record keeping and
reporting • MIS • High-risk operations
• Reports to the board of directors or senior management
• Tracking & Resolution
www2.acams.org/webinars
Audit Considerations
• Ensure that proper documentation exists to support the risk assessments that were performed
• It must be clear how the risk assessment is aligned with and drives the rest of the company’s AML program
• Ensure that proper documentation exists in the KYC area, and that all necessary details are being captured to support transaction monitoring efforts
www2.acams.org/webinars
Elements of an Effective Audit Program
• Appropriate for the organization’s risk profile
• Covers all applicable regulations and guidance
• Effective discovery, scoping and planning
• Ensures proper testing and sample size
• Program covers all appropriate areas
• Work is properly documented
• Work papers are well-organized
www2.acams.org/webinars
Elements of an Effective Audit Program, Continued
• Conclusions are well supported
• Exceptions are communicated effectively
• Violations are identified and risks explained
• Includes appropriate corrective actions; and tracking
• Findings and actions are tracked
• Results are timely communicated to senior management
www2.acams.org/webinars
Key Auditable Elements Policies & Procedures
• Senior management approved program containing regulatory requirements
• Contains and describes internal controls
• Comprehensive & Tailored
• Stated AML Policy
• Applicable updated regulatory requirements
• Describes management oversight
www2.acams.org/webinars
Key Auditable Elements CIP/KYC
• Identify key risks and controls • Written Customer Identification Program and
Verification procedures / Implementation • Sufficiently documented risk-based customer due
diligence and applicable enhanced due diligence • Mitigation tactics and system for monitoring high risk
customers • Past findings / corrective actions taken • Systemic issues, if present
www2.acams.org/webinars
Key Auditable Elements Suspicious Activity Process
• Clearly stated escalation process
• Timely filings
• Quality of SAR narratives
• Actions taken following reporting
• Rationale for non-filings
• Sufficient investigative due diligence and documentation
• Experience of analysts
www2.acams.org/webinars
Key Auditable Elements Transaction Monitoring
• Verifying system testing and validation documentation
• Disposition of alerts
• Documentation around the closing of alerts
• Sufficiency of resources
• Monitoring tools
• Documentation of compliance monitoring
www2.acams.org/webinars
Key Auditable Elements AML Training
• Comprehensiveness of training
• Training mapped to regulations and business of the FI
• New hire vs. refresher training
• Targeted to job function
• Frequency / Methodology
• Content
• LMS / Tracking timeliness, record keeping
• Attendance Records, Tracking & Recordkeeping
• Senior Management & BoD Training
www2.acams.org/webinars
Key Auditable Elements Independent Testing
• Qualified and Independent
• Risk-based scope and plan
• Transactions tested (transparent)
• Quality reporting
• Corrective actions / systemic issues identified
• Action plan / risk-based timely resolution
www2.acams.org/webinars
Risk Assessment Common Deficiencies
• Risk assessments not performed or documented
• Did not incorporate all lines of business or entities
• Did not consider all major risk categories
• Policies did not specify frequency of updates
• No methodology for assigning risk rankings
• Policies and procedures not commensurate with institution’s risk profile
www2.acams.org/webinars
Independent Audit Common Deficiencies
• Audits not performed by qualified professionals
• Inadequate testing / sampling
• Not conducted commensurate with risk profile
• Deficient scoping / frequency
• Insufficient documentation and workpapers
• Lacking overall conclusion on adequacy of program
www2.acams.org/webinars
www2.acams.org/webinars
If you have additional questions for today’s experts, or
suggestions for future web seminars,
please send those to:
Thank you for joining us today!
23
www2.acams.org/webinars
24
Web Seminar Certificate of Attendance To request a certificate of attendance, please fill out the
request form, found in your reference materials, and email the form to [email protected] along with your payment information. First certificate is included in cost of seminars. There is a $40 administrative fee for each additional certificate.
You may also call +1 305.373.0020 to process payment
over the phone.
www2.acams.org/webinars
Future Web Seminars
JUNE 05 – Emerging Crime Trends in Digital Wallets and Mobile Banking Level: Intermediate/Advanced Noon to 2:00pm EDT
JUNE 12 – Effectively Analyzing, Organizing and Communicating AML Metrics Level: Intermediate/Advanced Noon to 2:00pm EDT