AML Monitoring and Risk Assessment Processes
Anti Money Laundering Monitoring
- AML Monitoring and Risk Assessment Processes to Ensure effective on-going monitoring policies and procedures are in place including full review and consideration of all trigger events.
- undertake monitoring on an ongoing basis for patterns of unusual or suspicious activity to ensure that higher risk activity is
- in practice, for intermediaries this might occur where there is an early surrender of a policy, encashment or where the payer of the policy changes.
- Employees should be adequately trained to identify such unusual business and report to the designated person’s Money Laundering Reporting Officer (MLRO) (insert firms MLRO name).
- For example, employee training should cover encashment fraud attempts with the recent increase in encashment requests being made from client emails to transfer funds to a particular account, where it transpired the client had no knowledge of the encashment request.
- Where an encashment request is received, it is recommended to take additional measures to ensure the request is genuine, for example:
- Phone the client to confirm the details/instruction
- Cross reference proof of ID and residency with existing proof of identity and residency on file
- The firm must undertake and document a comprehensive risk assessment of the business, it should demonstrate that all potential Money Laundering/Terrorist Financing risks pertinent to their business have been fully considered and challenged such as :
- The nature of the products being sold in the firm
- The delivery mechanism or distribution channel used to sell the product
- The profile of the customer
- The customer’s geographical location and source of funds
- The outcome of the risk assessment should inform the firm’s risk-based approach and the design of AML/CTF controls.
- The firm’s risk assessment should be subject to regular and scheduled reviews, senior management must at least on an annual basis review and approve this risk assessment.
Distribution Risk – may alter risk
“Face to Face” contact with no facility to take copies of ID
Where the interaction with the customer is on a face to face basis, you should have sight of the original document(s) and appropriate details should be recorded. Where you visit the customer at his/her home address, you should make a detailed record of the visit. This would include, for example, taking details of passport or driving license numbers.
It is recommended that in such scenarios, you request the customer to forward you a copy of the relevant ID and cross reference it with the details which were recorded at the point of sale.
Distribution Risk – may alter risk
- The extent of the Customer Due Diligence in respect of non face-to-face customers will depend on the type of the product or service requested and the assessed money laundering risk presented by the customer.
- Where the customer is not physically present (e.g. by post, telephone or over the internet) for identification purposes additional measures should be undertaken to establish the customer’s identity.
- Telephone the customer on a home or business number which has been verified (electronically or otherwise).
- Communicate at a verified address with account opening docs for example, which might have to be returned or acknowledged .
- First payment by the customer through a bank in the State or other EU Member State or certain specified acceptable countries.
- Internet sign on with details sent by mail to a verified address.
Third Party Reliance
Third Party Reliance – A designated person is permitted to rely on another designated person to identify and verify its customers for AML purposes. Designated persons who rely on third parties will remain liable for any failure to comply not withstanding their reliance on the third party.
The primary responsibility for supervising intermediaries lies with the Central Bank of Ireland, however Product Providers as a third party retains responsibility for ensuring that customer due diligence obligations have been met by the Intermediary.
Note: Product Providers are legally obliged where an intermediary fails to meet the customer due diligence requirements to report this to the Central Bank of Ireland.
In order to comply with the Third Party Reliance requirements, Product Providers depending on their internal processes may require either:
- Copies of all underlying documentary evidence from the Intermediary for applicable products.
Confirmation of Verification of Identity, where the Product Provider has the right of audit to ensure that the intermediary has the necessary documentary evidence.
Failure to establish a customer and/or beneficial owner’s identity
Where an intermediary can not establish the identity of a customer and/or beneficial owner, as a result of the failure of the customer to provide the designated person with documents of information required, then an intermediary must:
- Not provide a service to the customer, and
- If an existing customer, must discontinue relationship with the customer.