Key Terms and Concepts in the AML Compliance Program: Strengthening the AML Foundation
Key Terms and Concepts in the AML Compliance Program: Strengthening the AML Foundation
The Singapore authorities have introduced a solid regulatory framework around Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT). These AML/CFT legislations provide that the regulated entities must develop and maintain a complete set of standards and principles to detect and mitigate financial crime risks. The measures and controls to be adopted by the regulated entities are known as the AML Compliance Program, aimed to safeguard the business against financial crimes vulnerabilities and ensure compliance with the local AML/CFT regulations.
In this article, let us discuss the AML/CFT Program and the key concepts that build the structure of an effective AML Compliance Program.
What is an AML/CFT Program under the Singapore AML Regulations?
The Financial Institutions and the Designated Non-Financial Businesses and Professions (DNFBPs) must comprehend the below concepts and adopt them while designing the AML/CFT Compliance Program to effectively manage the risks and comply with the Singapore AML laws:
Enterprise-Wide Risk Assessment or Business Risk Assessment
The AML laws of Singapore allow the regulated entities to adopt a risk-based approach to manage the risks, i.e., the higher the possibility of financial crime exploitation, the more stringent controls to be implemented. To effectively adopt this approach, the entities must conduct a business risk assessment to determine the potential risk exposure of the business to money laundering and terrorism funding.
The risk assessment must consider various risk factors such as customer base, products and services offered, geographies, nature and complexities of the transactions, delivery and distribution channels, etc. The outcome of these comprehensive enterprise-wide risk assessments serves as the foundation for developing robust and customized Internal AML Policies, Procedures, and Controls to manage the assessed risks effectively.
Internal Policies, Procedures, and Controls (IPPC)
The Internal AML Policies, Procedures, and Controls refer to a set of guidelines that help the organization spot and prevent money laundering and combat the financing of terrorism. The policies and procedures enable the company to identify suspicious transactions, detect red flags indicating high-risk activities such as trade involving products associated with ML/FT typologies, proposed business relationships with sanctioned individuals/entities, or identifying complicated delivery channels which may be an attempt to conceal the origin of the unlawful money.
This IPPC acts as a shield against money laundering and terrorism financing attempts. It lays down the foundation for the company’s employees to navigate AML compliance and contribute towards protecting the company from being misused by criminals.
Further, establishing and implementing comprehensive internal AML policies and procedures would ensure that the company adheres to the compliance obligations imposed upon under the Singapore AML regulations and avoid administrative penalties for non-compliance.
Customer Due Diligence
Customer Due Diligence is commonly known as CDD. It is the basic process regulated entities must follow to identify customers and verify their identity using reliable, independent sources. Companies need to follow the CDD process for AML compliance that involves verifying the name, address, nature of the business, etc., to determine the risk of associating with the customers and the risk they pose in money laundering, terrorist financing, or other financial frauds.
CDD primarily consists of Know Your Customer, Screening, identification of Politically Exposed Persons, conducting a customer risk assessment to develop their risk profile, Enhanced Due Diligence, and continuous transaction
monitoring to determine changes in the customer profiles during the course of business relationships. CDD is crucial to prevent money laundering attempts and financing of terrorism, and thus, a mandatory control to be adopted while onboarding the customers.
Know Your Customer (KYC)
Know Your Customer or KYC, as we all know, is the primary step in a customer onboarding journey and an integral part of Customer Due Diligence. KYC is a process of collecting customer information to accurately verify their details, including name, addresses, contact numbers, background, etc., with the documents furnished by the customers. To verify the customer identity, the regulated entities may rely on independent resources and establish whether the person is actually the one he is declaring as.
KYC must also include identification and verification of the beneficial owners of the customers, who are legal persons.
Enhanced Due Diligence
Enhanced Due Diligence (EDD) is a type of CDD followed in case of high-risk customers or transactions. EDD involves implementing additional checks and verification measures to establish high-risk customers’ identities and manage increased financial crime risks.
As part of EDD, the regulated entities are required to obtain information about the customer’s source of funds and wealth, verifying it against reliable sources, obtaining management approval before establishing a business relationship or executing transactions with such high-risk customers, followed by ongoing monitoring of the customer’s profile at increased frequency.
Beneficial Owners
In the case of a legal person or legal arrangement, natural persons manage the operations under the corporate veil. Such individuals are the person who ultimately owns or controls the corporates or arrangements – Company, Trust, Foundation, etc. These are the natural persons who eventually benefit from financial transactions.
The regulated entities can identify the beneficial ownership based on the number of shareholding patterns, the voting rights, or the controlling rights of the person. In some exceptional cases, even the customer’s senior management can be classified as the beneficial owners.
Politically Exposed Person
A Politically Exposed Person (PEP) is essential in the AML Compliance Program. PEPs are the natural persons entrusted with the functioning of a prominent public position and can influence public funds. PEP also includes individuals closely associated with people holding influential positions in the government.
When establishing a business relationship with a customer, the regulated entities must determine whether the person is a PEP or a close associate of the PEP, as PEP is generally treated as high-risk from a money laundering perspective, given their powers to exercise significant influence and access to government resources.
Suspicious Transactions
Suspicious transactions refer to financial transactions with a reasonable belief or grounds to suspect that they may be conducted for concealing the source or owner of the illegal money or is funded using proceeds of crime.
The transactions may arise from complex arrangements making it challenging to trace the source of the funds or where multiple parties are involved, making it challenging to identify the beneficial owner. Frequent cash deposits and immediate withdrawals are bound to raise suspicions. Transactions involving high-risk countries or individuals and large amounts made just within the permissible threshold are some red flags businesses should look for to identify suspicious transactions.
The regulated entities must define the red flags and risk indicators that suggest potential suspicious transactions and assist the employees in detecting and reporting the same timely.
Sanctions
“Sanction” is a punishment or coercion measure imposed by a government on a person, community, or another country to prevent businesses from dealing with such sanctioned country or designated person. Singapore’s regulated entities must follow the Designations by the UNSC Committee and the Domestic Designations under the Terrorism (Suppression of Financing) Act.
Sanctions compliance generally involves screening the customers against the Sanctions List, applying freezing measures, and timely reporting the designated person to the relevant authorities (Suspicious Transaction Reporting Office (STRO) or the Monetary Authority of Singapore (MAS))
AML Compliance Officer
An AML Compliance Officer is the designated person responsible for designing the AML Program and ensuring that the company diligently follows the same to fight financial crime and fulfill AML obligations.
The Compliance Officer is also responsible for conducting the business risk assessment, imparting AML training to the team, reporting the observed red flags by filing Suspicious Transaction Report (STR), etc. In all, the AML Compliance Officer is the backbone of the AML Program and is entrusted with overseeing the entity’s AML measures and combating the money laundering and terrorism financing activities.
Let AML Singapore assist you in strengthening your AML Compliance Program
About the Author
Jyoti Maheshwari
CAMS, ACA
Jyoti has over 7 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.