The 6 Principles of AML Compliance

by | Feb 24, 2024 | Blog, News

There are at least six principle aspects of the AML legislation that accountants in practice must cover in order to comply with the law.

 

  1. Policies, Controls & Procedures

There must be an AML Policies, Controls & Procedures Manual which is appropriate to each firm, and which describes the specific AML policies and procedures which the firm really implements.

The Manual needs to be specially tailored to what services the firm provides and copying the one from a friend from down the road (without to specific tailoring) will just not be good enough. In other words you need to know what you are doing.

 

2 Firm-wide Risk Assessment

Every firm must have to have a Firm-Wide Risk Assessment (FWRA) document (also known as a Business-Wide Risk Assessment or BWRA).

This must be relevant and specifically tailored to the firm and not simply a copy of a standard template with your firm’s name inserted into the heading.  The FWRA must show that you have thought about your firm, it’s clients and the services provided (all under 5 main headings) in the context of ML risk.

 

3 Client Risk Assessments

This is the most onerous part of the AML law. For every client there must be written assessments of the risk of ML or terrorist financing associated with that client.

These risk assessments must be reviewed regularly and the review recorded.

Typically these reviews conclude for each client that the risk is either ‘low’ (usually for stock exchange listed companies and their subsidiaries and clients that are Government agencies and clients from other designated bodies regulated for ML), ‘normal’ (most clients are likely to be in this category – also called ‘medium’ risk), or ‘high’.

Where the client risk is high, there must be a record of additional steps taken to address that high risk (called ‘enhanced due diligence’).

 

4 Know Your Client or Client Due Diligence Records

On an individual client basis there firstly need to be records demonstrating that the firm has gathered information about each client (and their beneficial owners) to confirm their identity and the client’s financial activities in outline.  This is commonly referred to as KYC or CDD. This information is collected when the firm commences to act for a new client and reviewed, and updated if necessary, at least annually).

Commonly referred to as KYC or CDD – there must be appropriate records that demonstrate sufficient background knowledge about each client (and their beneficial owners) to confirm their identity and the client’s financial activities and justify the risk category allocated.  This CDD/KYC data needs to be reviewed, and updated where necessary, at least annually).

 

5 MLRO

Ensure that there is at least one person who has overall operational responsibility for operating the AML Policies Controls & Procedures. Often this person is described as the Money Laundering Reporting Officer (or MLRO), although that title is not mentioned in the AML laws.

 

 6 Training

The MLRO and all relevant staff must have received up to date training in relation to money laundering and terrorist financing, and there must be a record of that training having been undertaken by them. The training needs to be refreshed regularly.

 

All our courses are listed here.

 

Please also go to our website to see our:

 

  • Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • AML Webinar (December 2023) available here, which accompanies the AML Manual. It explains the latest legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • letters of engagement and similar templates. Please visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
  • ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by e-mail at john@jmcc.ie.

 

  • We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.