A policy and suite of procedures are ineffective if you don’t give your teams the tools they need to carry out your IWT due diligence and controls.
To support each business unit, what are the systems and tools you need so that your business teams can operate these procedures?
This can be a mix of custom built internal resources (including spreadsheets, databases, risk maps and calculators etc) as well as external technology and platforms that can help you complete your customer, supply chain or staff due diligence and monitor your customer transactions and payments.
Customer Risk Assessment: In line with FATF recommendation 3, firms should conduct due diligence on a risk based approach. A good customer risk assessment strategy will include analysis of the clients’ profile, their jurisdiction, the financial product(s) they are talking and the channels they receive these through.
Customer Due Diligence: it is important to complete full financial crime checks (including Politically Exposed Persons (PEPs), Sanctions, Adverse Media and Legal checks) on all customers, staff and suppliers. Enhanced due diligence (EDD) should be conducted for high risk clients, or where there is a PEP or Correspondent Banking Relationship.
Ongoing Monitoring: firms where possible should automate the ongoing monitoring of clients, staff and suppliers to capture new financial crime risks stemming from a change in profile or business activity.
Real time Payments & Sanctions Screening systems are important to ensure no payments are received or made from sanctioned individuals or entities. Where there is a true match, payments must be held back until verified by the MLRO or appropriate approver.
Transaction Monitoring is a way of spotting historic suspicious activity by analysing key trends and patterns of behaviours against a set of red flag indicators, key word searches and thresholds related to your specific business profile.
Trade-Based Money Laundering (TBML): where firms have identified specific TBML risks in their risk assessment, they may want to consider specific systems to screen ports and vessels or other specific trade entities.
Customer Due Diligence (CDD) is conducted on all clients as well as 3rd party suppliers, investors and investments.
Systems are profiled with thresholds dependent on the nature of your typical business activities and risk profile.
Configure detection logic in existing technologies. Ensure that the testing, tuning, optimisation and ongoing monitoring of existing AML/CFT technologies is carried out to optimise effectiveness and efficiency in detecting IWT.
Consider implementing new RegTech (regulatory technology) solutions to combat IWT, built specifically to help banks with the implementation of IWT controls.
Transaction monitoring systems should be developed to incorporate IWT specific key word searches and red flag indicators.
When an IWT event occurs, such as media reports of a seizure, internal systems are checked to ensure there is no exposure to the parties involved.
Where IWT is identified, organisations are encouraged to conduct network analysis on these parties to identify any further links in the criminal chain.