An Independent Audit (Independent Review) is an impartial assessment of your AML/CTF Program. By conducting and Independent Audit, the Reviewer checks if you’re complying with your AML/CTF Program and that your AML/CTF Program:
- properly addresses your money laundering and terrorism financing (ML/TF) risks
- complies with your legal obligations
- is working as it should.
The Independent Reviewer must be someone who:
- understands your business or organisation
- understands AML/CTF risks
- was not involved in any part of developing the Program, including assessing your ML/TF risk, developing controls or implementing or maintaining the Program.
bronID has developed a proprietary methodology to conduct Independent Audits and evaluates the following aspects of your AML/CTF Program by assessing your technical compliance, the level of execution and the level of effectiveness:
- assess the overall integrity and effectiveness of the AML/CTF Program, including policies, procedures and controls;
- evaluate the adequacy of the AML/CTF risk assessment;
- examine the adequacy of the Customer Due Diligence (CDD) policies, procedures and processes, and whether they comply with regulatory requirements;
- determine the personnel adherence to your AML/CTF policies, procedures and controls;
- perform transaction testing, with particular emphasis on high-risk operations (products, services, customers and geographic locations);
- assess training adequacy, including its comprehensiveness, accuracy of materials, training schedule, attendance tracking and escalation procedures for lack of attendance;
- assess compliance with applicable laws and regulations based on the jurisdictions in which you do business;
- examine the integrity and accuracy of management information systems used in the AML/CTF Program;
- evaluate the ability of transaction monitoring software application to identify unusual activity;
- review case management and SMR/STR/SAR systems, including an evaluation of the research and referral of unusual transactions, and a review of policies, procedures and processes for referring unusual or suspicious activity to the personnel responsible for investigating unusual activity;
- assess the effectiveness of your policy for reviewing accounts that generate multiple suspicious matter report filings, including account closure processes;
- assess the adequacy of record-keeping and record retention processes;
- track previously identified deficiencies and ensure management corrects them promptly;
- considered whether the Board of Directors was responsive to earlier review findings;
- determine the adequacy of your training program and materials;
- review disciplinary actions taken for non-compliance with internal policies and regulatory requirements.
