Developing Effective Anti-Money Laundering Internal Controls

April 20, 2017 Chris Doxey

The International Compliance Association (ICA) defines money laundering as:

“...the process by which criminals disguise the original ownership and control of the proceeds making said proceeds appear to have derived from a legitimate source.”

The crime of money laundering includes three stages: 1) placement, 2) layering or “washing,” and 3) integration. Sometimes these three stages can overlap in the process of “legitimizing” the funds.

desktop of AP specialist tasked with implementing effective anti-money laundering controls

Investing in a solution

Mitigating money laundering risk is now a focus, as evidenced in the 2016 survey conducted by Risk.net. The results show a significant growth of investment in anti-money laundering (AML) and particularly non-AML compliance: 51.5% of respondents said that AML budgets would increase.

Who does money laundering impact?

Money laundering doesn’t only impact banks and financial services companies. According to Provitivi’s guidance, "Guide to U.S. Anti-Money Laundering Requirements", the following businesses can be impacted by money laundering crimes:

  • Check cashers and money transmitters
  • Broker-dealers in securities
  • Casinos
  • Insurance companies
  • Real estate businesses
  • Exporters and importers
  • Retailers focusing on luxury items

Anti-money laundering/combating the financing of terrorism (AML/CFT)

According to the International Monetary Fund (IMF):

“money laundering requires an underlying, primary, profit-making crime (such as corruption, drug trafficking, market manipulation, fraud, tax evasion), along with the intent to conceal the proceeds of the crime or to further the criminal enterprise.”

The IMF has recommended some critical internal controls and self-assessments for combating money laundering and terrorist financing. These controls should include a review of the following high-risk transaction types and products:

  • Large cross-border cash money transactions over $10,000
  • Funds and wire transfers
  • Monetary instruments (bank checks, cashier’s checks, money orders, and traveler’s checks)
  • Prepaid access devices

AML/CFT internal controls

  1. Pre-screening: Many companies have consolidated their screening and due diligence efforts to incorporate all compliance requirements for both their customers and suppliers into one program which includes the following:
  • Office of Foreign Asset and Control (OFAC)
  • Office of Inspector General (OIG)
  • Know Your Customer (KYC) & Customer Due Diligence (CDD)
  • Politically Exposed Persons (PEP)
  • Establishing Roles and Responsibilities for an AML Internal Controls Program: Determine who has overall responsibility for the program. This person's duties should include developing an AML policies and procedures manual, training, communication of record keeping requirements, monitoring adherence to AML policies, reviewing effectiveness of procedures, and assessing and managing risk.
  • Reporting: The Money Laundering Report Officer (MLRO) that you have assigned your program most prepare a series of reports and determine if there are sufficient grounds for suspicion provide a report to National Crime Agency (NCA). The MLRO acts as a liaison with the NCA after the Suspicious Activity Report (SAR) is filed.
  • Training: Your AML/CFT training program should be tailored to fit the needs of your firm and should be scheduled according to changes in laws or when a critical case occurs. Usually AML awareness is provided with ethics training and other corporate training for new employees and is refreshed annually.
  • Reporting Suspicious Activity: There should be a system for employees to report a suspicious financial transaction either through their management reporting chain or an employee “hotline.” Empowering employees to assist in combating financial crimes can strengthen your system of internal controls.
  • AML/CFT Self-Assessment Process: To ensure that these procedures are working, we suggest that the process owners impacted by AML control requirements implement a quarterly self-assessment. This process will ensure compliance with laws and regulations, and will protect the reputation of your company.

About the Author

Chris Doxey

Chris Doxey, CAPP, CCSA, CICA is an independent management consultant providing Internal Controls and Business Process Best Practice Solutions. She has extensive experience in procurement, accounts payable, internal auditing, internal controls, Sarbanes-Oxley compliance, payroll, logistics, financial systems strategy, and financial integration at Digital, Compaq, Hewlett Packard, MCI, APEX Analytix, and Business Strategy, Inc. She was recruited to assist MCI (formally WorldCom) recover from their internal control challenges. She has a bachelor's degree in English, a bachelor's in accounting, a master's in business administration, and a graduate certificate in project management. Chris has written numerous articles and published two handbooks: AP Leadership Skills and Implementing a Controls Self Assessment Program for Your Accounts Payable Department.

Follow on Linkedin Visit Website More Content by Chris Doxey
Previous Article
When and Why Do I Apply KYC Controls to My Organization?
When and Why Do I Apply KYC Controls to My Organization?

When and why to apply the Know Your Customer (KYC) laws are complicated. Here are 4 ways to reduce the comp...

Next Article
Cyber Fraud: Common Schemes & How to Protect Your Business
Cyber Fraud: Common Schemes & How to Protect Your Business

With the increased use of technology in our lives, cyber criminals have more chances to steal. A list of c...