You Can’t Afford the Risks Anti-Money Laundering Audit | Tax | Advisory
advertisement
Anti-Money Laundering You Can’t Afford the Risks Audit | Tax | Advisory The Risks Associated With AML/Sanctions Compliance Are Just Too Great to Ignore Continued increases in regulatory scrutiny and rigorous enforcement have turned compliance with the global and U.S. sanctions and anti-money laundering (AML) regimes into a front-burner issue for providers of financial services. The European Union Anti-Money Laundering Directives and implementing legislation, global sanctions regulations, Wolfsberg Principles, and guidance from the Financial Action Task Force comprise a subset of the laws and regulatory guidance governing the global AML environment. These regulations and guidelines require businesses to be vigilant in identifying and reporting suspected money laundering, terrorist financing, and other criminal activities. Anti-Money Laundering: You Can’t Afford the Risks Parliament and law enforcement have turned up the heat, calling on regulators to look more closely for compelling evidence of good governance, effective model risk management, strong business processes and controls, and robust programme documentation. Failing programmes mandate immediate corrective actions which, more often than not, pose considerable one-time and recurring costs to the institution. Crowe Horwath can help you create a risk-based AML programme tailored to your specific needs in today’s complex environment. From large global banks and organisations challenger banks to building societies and credit unions; from gaming and casino operations to money transmit¬ters and money services businesses; from startup financial technology companies to established payment processors, and other financial services companies; Crowe services draw on years of experience and thought leadership to create customised and scalable solutions for all types and sizes of financial services companies and institutions. The risks of noncompliance are substantial: ■■ Reputation risk ■■ Regulatory compliance risk ■■ A broad range of operational and strategic risks ■■ High-value customer risk ■■ Earnings and performance risk With compliance requirements and expectations stemming from unique risk profiles, meeting evolving AML requirements has become a complex exercise involving a moving target. As businesses struggle to comply, regulatory requirements, and expectations pose another challenge: how to meet compliance obligations without damaging customer relations or impeding business growth, and innovation. Addressing AML Compliance Requirements Offers Significant Benefits ■■ Demonstrated commitment to protecting the global financial system ■■ Reduced risk of reputation damage from regulatory action and negative publicity ■■ Increased protection of corporate and shareholder value and goodwill ■■ Proactive human and technology resource planning on AML initiatives rather than regulator-driven compliance projects ■■ Cost-effective compliance with AML laws, regulations, and regulatory expectations ■■ Effective decision-making and risk management through AML analytics Leading providers of financial services are also looking at the impact of an AML programme on competition and customer relationships, viewing AML compliance as an opportunity to expand their knowledge of customers and deliver a higher level of service. crowehorwath.com 3 Crowe Horwath Crowe CLAMP®: Our AML Operating Model for Regulated Financial Services Companies The Crowe CLAMP (Crowe Closed-Loop Anti-Money Laundering Programme) operating model allows financial services companies to achieve a high level of capability maturity in nine AML areas and is designed to verify that each area interacts with the others to provide appropriate and ongoing feedback. Our model includes: 1. A Strong Enterprise Foundation 3. Demonstrated Execution 5. Activity Monitoring Every AML programme must dem- The goal of AML activity monitoring Surrounding an organisation’s AML onstrate the ability to execute on the is to identify potentially suspicious or programme is an enterprise foundation plan and the designed organisational prohibited customer activity through that determines an organisation’s components. An AML risk assessment high-quality alerts while minimising ability to respond to changes in produces a risk profile based on false positives. Meaningful transaction both the busi¬ness and regulatory products, geography, distribution analysis requires leveraging rules- environments. The foundation consists channels and customer, and account based, profiling, or machine learning of four components: corporate characteristics, resulting in a guide technologies, as well as advanced governance/enterprise risk manage- for organisational priorities. Effective analytics. Transaction monitoring ment, model risk management, and internal controls demonstrate a history systems must consider an organisa- model governance, independent audit, of adequate and sound responses to tion’s unique risk profile and inte¬grate and the ability to establish effective areas in need of attention. Staffing and with CDD to effectively detect unusual policies that have been approved by training take place at all levels of the and suspicious activity. Structured the board. organisation, especially at those with analysis, tracking, and follow-up are responsibility for the AML programme. required in order to properly manage Models and systems relied upon for each potential suspicious incident. 2. Principal Capabilities Four principal capabilities serve as the backbone of an organisation’s AML programme: an enterprisewide compliance risk assessment weighs the AML compliance must be calibrated and validated to ensure their accuracy and effectiveness. 6. Investigations and Reporting Suspicious activity, regardless of its origin, requires detailed investigation risk of legal or regulatory sanctions, 4. Customer Due Diligence and documentation by qualified financial loss, or damage to reputation The goal of customer due diligence individuals. Requests for investiga- and franchise value; comprehensive (CDD) is to identify, screen, and tions may be initiated through the processes guide the development, manage the organisation’s new and organisation’s CDD efforts, sanctions implementation, and use of models for existing customers that present a screening, activity monitoring systems, AML compliance; effective monitoring higher risk for money laundering and or fraud detection processes, or and self-testing of AML controls by terrorist financing. CDD provides the externally via production orders and the AML group prepares the organisa- mechanism to implement the due subpoenas or other avenues. Unusual tion for review by indepen-dent audit; diligence and sanctions screening activity deemed to be suspicious is and written procedures reflect the processes required for every customer reported to law enforcement on a institution’s current AML programme. and the enhanced due diligence pro- suspicious activity/transaction report. cesses required for customers posing a higher risk. 4 Anti-Money Laundering: You Can’t Afford the Risks “CLAMP” and the CLAMP AML framework diagram are protected intellectual property of Crowe Horwath LLP. 7. Single Customer View 8. Data and Document Management 9. Programme Management An organisation must have the ability to demonstrate that it understands its The Money Laundering Regulations includes project and regulatory rela- customer information and has properly 2007 and other mandates require tionship management. Organisations associated linked relationships both maintenance of documents and should dem¬onstrate an ability to plan, within a line of business and across historical data for minimum durations. organise, and manage AML projects subsidiaries. The convergence of Backups and archives must be set through a programme office. Further- expected and actual risk requires that up to allow retrieval in an organised more, projects must be consistently an organisation not only understand and timely manner. Audit trails track executed on time and within budget who the customer is, but also what data and enable document capture to to create regulator confidence in an he or she is doing. A robust single assist with information and document institution’s ability to deliver on what customer view will help drive use of warehousing, which in turn help is promised. advanced analytics to further manage improve management and operational AML risk and increase programme reporting as well as compliance and efficiency. litigation support. crowehorwath.com Effective programme management 5 Crowe Offers a Comprehensive Closed-Loop AML Solution Crowe brings together an integrated team of financial services industry professionals specialising in the areas of: ■■ Regulatory compliance ■■ Enterprise risk management ■■ Business process management ■■ Customer experience management ■■ Technology systems integration and implementation Our unique combination of in-depth industry knowledge, broad-based business competencies, and the Crowe CLAMP operating model offers our clients a comprehensive, closed-loop AML solution. Our solutions are configurable: they can be implemented holistically for organisations with high regulatory expectations or as point solutions targeting specialised areas of need for organisations with specific regulatory requirements. Anti-Money Laundering: You Can’t Afford the Risks AML Solutions to Match Your Risk Profile Our team of AML specialists can help you create a risk-based AML compliance programme tailored to your organisation’s specific needs. Because there is no such thing as a one-size-fits-all programme, Crowe AML solutions are customised to your organisation based on risk profile, business model, size, location, customer base, corporate culture, delivery channels, products, and service offerings. Crowe AML/BSA Services and Solutions At Crowe, we view AML compliance as a continual process of vigilance grounded in a proactive programme that raises red flags when significant changes, variances, and contradic¬tions occur. Our AML solutions can be implemented as a comprehensive compliance programme or customised to focus on specific challenges. Model Risk Management With the legislation from the Fourth Money Laundering Directive and SYSC rules, financial institutions, need to adapt their existing AML risk management programmes to the most current industry and regulatory standards. Crowe has an established model risk management methodology and framework that help organisations meet regulatory expectations. These services include: ■■ Identifying and managing the AML model inventory ■■ Assessing AML model risks ■■ Developing and implementing AML models and systems ■■ Validating models relied upon for AML compliance ■■ Calibrating or optimising AML system parameters ■■ Establishing governance and oversight for the model risk management programme AML Analytics and Reporting Independent AML Testing Services crowehorwath.com Enhanced analytics and statistical techniques are necessary to effectively analyse and calibrate AML models to provide accurate customer risk rating, transaction monitoring, and sanctions screening capabilities. Other critical components of a strong AML programme include data warehousing, integration, and governance, as well as effective data visualisation and dashboards to provide management with enhanced visibility. Crowe services include: ■■ Defining AML analytic programmes ■■ Calibrating AML system parameters ■■ Establishing programme KPIs and KRIs ■■ Designing and developing management reporting capabilities Crowe conducts annual AML/CFT and sanctions independent testing services for more than 100 financial institutions around the globe through a dedicated professional team with AML and audit experience. The Crowe approach is designed to adapt to each of our clients’ unique AML risk profiles, empowering institutions to satisfy regulatory requirements while applying our leading perspectives. Our experiences and approach have withstood the scrutiny of examination and review in some of the most intense regulatory environments in recent history. 7 Crowe Horwath Regulatory Response and Remediation Crowe has extensive experience working with regulators to help institutions address examiner concerns and offers a broad array of AML-specific services for institutions facing regulatory issues and enforcement actions. These credible and respected services include: ■■ Independent third-party monitoring services ■■ AML look-back reviews ■■ Consent order validation and independent testing services ■■ Financial investigation services for either ongoing support or special assignments ■■ Exam preparation and management AML Programme Enhancement Services As part of its broad AML programme enhancement services, Crowe frequently is called upon to provide programme oversight and compliance integration services in addition to specific enterprise risk assessment efforts. Crowe services include: ■■ Enterprise compliance, AML, and sanctions risk assessment ■■ Formulation of policies, procedures, and programme standards ■■ AML programme assessment and future-state road map documentation ■■ Formation and optimisation of financial intelligence units ■■ Convergence of financial crimes programmes ■■ Merger and acquisition management ■■ Ongoing advisory services and thought leadership ■■ Business-as-usual support and optimisation ■■ Annual and ongoing AML, and Sanctions training Crowe also has extensive experience helping institutions with exam preparation and management and maintaining compliance with global trade and economic sanctions requirements. Customer Due Diligence Know your customer (KYC), CDD, and accurate customer risk rating capabilities are essential components of an effective AML programme. Crowe offers in-depth knowledge and technological expertise in helping institutions: ■■ Establish enhanced due diligence (EDD) processes and procedures ■■ Support business-as-usual EDD reviews ■■ Design and develop customer risk rating models ■■ Implement CDD and single-customer-view systems ■■ Design and execute calibration for customer risk rating models ■■ Validate CDD and customer risk rating models 8 Anti-Money Laundering: You Can’t Afford the Risks Suspicious Activity Monitoring Crowe offers ongoing support in the design, development, and implementation of transaction monitoring systems, including system assessment, system enhancement, and pre- and post-implementation calibration and validation. Services include: ■■ Alert triage to support business-as-usual processes ■■ Designing, developing, and implementing suspicious activity monitoring models ■■ Designing and executing calibration for suspicious activity models ■■ Validating suspicious activity models Investigations and Reporting Along with supporting regulatory mandated look-backs, Crowe provides suspicious activity monitoring, enhanced due diligence, and sanctions alert review services. Crowe brings experienced investigators to support business-as-usual processes and also assists with the optimisation of AML compliance operations teams and investigations units. Data Management As BSA/AML programmes increase their reliance on technology for effective and efficient compliance, data management, and quality grow in importance. Crowe provides services to assist with: ■■ Mapping and integrating data sources to AML systems ■■ Assessing data quality and completeness ■■ Developing data management strategies ■■ Leveraging data visualisation tools to support AML compliance and reporting Technology Through collaboration with clients and extensive experience, Crowe has developed technology solutions that support and bring efficiency to AML programme components. This technology includes: ■■ Crowe Model Risk Manager – assists institutions with supporting an end-to-end model risk management programme ■■ Crowe Dynamic Customer Insight – facilitates the collection of customer information, evaluation of customer risk rating, and execution of enhanced due diligence, and high risk customer reviews ■■ Crowe Caliber – assists institutions in calibrating their transaction monitoring systems and the associated parameters, adding efficiency to the tuning process ■■ CARS® (Crowe Activity Review System) solution – leverages dynamic questioning and automated narrative generation to significantly reduce the amount of effort required to review suspicious activity alerts crowehorwath.com 9 Anti-Money Laundering: You Can’t Afford the Risks Crowe Horwath LLP: The Unique Alternative® Crowe Horwath LLP (www.crowehorwath.com) is one of the largest public accounting, consulting, and technology firms in the United States. Under its core purpose of “Building Value with Values,®” Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk, and performance services. With offices coast to coast and 3,000 personnel, Crowe is recognised by many organisations as one of the country’s best places to work. Crowe serves clients worldwide as an independent member of Crowe Horwath International, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 120 countries around the world. crowehorwath.com 11 Contact Information Clayton Mitchell +44 (0) 20 3457 7129 clayton.mitchell@crowehorwath.com www.crowehorwath.com/AML @Crowe_AML © Crowe Horwath Global Risk Consulting, Independent Member of Crowe Horwath International RISK-16001-011B
