AML 4 MSB 14. Review, Test & Amend
There you go. It’s all done. If you have been following along, then you have, to a large extent, followed the approved guidance for MSB from HMRC on AML & CTF.
That wasn’t so bad, was it?
Now - start again.
The bad guys read the regulations too. They seek out loopholes and weaknesses. When they find one, they exploit it. For this reason, we are constantly reviewing our risk assessments and procedures. Are we seeing new issues? Are we seeing more transactions just beneath limits? Are we selling a new product that represents a different risk? Have the regulations changed?
In general terms - whenever there is a change in regulation, or a new product or even a new branch, you should renew your risk assessment. However - even when there has been no triggering event, you should review your assessment and procedures annually.
This is where good document management is important. The first thing an auditor looks for is a review sheet with a nice, neat timeline of reviews both regular and extraordinary. This is a great opportunity to demonstrate to an auditor that the document is living - regularly reviewed and updated.
Procedures are great - but they need to be followed. The majority of fines levied on MSB are because the business has not followed its own procedures. You need to test your people. Lime recommends some mystery shopping and some straightforward simple auditing. Pick a random day, start at the transaction log, and drill down. Are ID procedures followed? PEP checks? Business monitoring? SAR? Perform the checks and document them as done.
Believe me - if procedures are not being followed, better than you find out, rather than have it explained to you by a regulator or law enforcement agency.
If you do find weaknesses in your procedures, then amend them. Tighten them up, and DOCUMENT that you have done it.
Need help? Get in touch. Lime has helped many MSB companies, and maybe it can help you?