Do I need an AML/CTF Program?
What is an AML/CTF Program?
An AML/CTF program outlines how a regulated entity addresses the risk of facilitating money laundering and terrorist financing. It is the development and documentation of policies, procedures and controls an organisation uses to identify, mitigate and manage those risks.
An AML/CTF program is to be consistent with the guidance from both AUSTRAC and FATF on taking a risk-based approach to regulation, taking into account the likelihood your business or organisation has of facilitating money laundering and terrorist financing, based on its size, nature and complexity.
An AML/CTF program is made up of two parts. Part A must include all of the processes and procedures used to help identify, mitigate and manage any money laundering and terrorist financing risk your business might reasonably face. Part B focuses on identifying and verifying customers, including beneficial owners and customers who politically exposed persons.
It is important to note that each reporting entity will have its own set of unique money laundering and terrorist financing risks and therefore need to tailor its AML/CTF program to specific business and regulatory risks.
To dispel a common misconception, AML/CTF compliance is more than just performing KYC checks. KYC is one of many ways your business takes a risk-based approach to mitigate the risk of facilitating ML/TF.
In this post, we share a list of what is required in an AML/CTF Program and provide links to how you can achieve compliance with bronID.
Do I need an AML/CTF Program?
AUSTRAC has a tool which can help you identify whether you need to create an AML/CTF Program and comply with the AML/CTF Act. Do I need to enrol with AUSTRAC?.
Additionally you can check within Section 6 of the AML/CTF Act, in this section there is a list of all of the designated services which are required to comply with the legislation, as a general rule, businesses providing the services listed in this section will and need to have a functioning AML/CTF program before serving any new customers.
Designated services bronID has experience working with;
- Fintech platforms
- Cryptocurrency exchanges
- Crowdfunding platforms
- Securities and derivative exchanges
- Share registry services
- Currency exchange services
- Electronic funds transfer and remittance services
- Account/deposit-taking service
- Investment services
- Trustee, custodial and depository services
- Lending, financial leasing, hire purchases services
- Financial advisory services
- Venture Capital
Is your business on the list?
Part A - How to take a Risk-Based Approach
- Perform a money laundering and terrorist financing risk assessment. See Conduct a Risk Assessment
- Continual board and senior management approval and ongoing oversight of the AML/CTF program and controls.
- Designated AML/CTF compliance officer at management level who is accountable for managing your compliance obligations.
- An employee due diligence program to identify any employees who may put your business or organisation at risk of ML/TF.
- An AML/CTF risk awareness training program, for employees, so they know the risks to your organisation, how to follow the correct policies and procedures, and what they should be looking out for.
- Consider the guidance material and feedback provided by AUSTRAC both publically and directly to your compliance officer.
- Systems and controls to make sure you meet the AML/CTF reporting obligations.
- Ongoing customer due diligence (OCDD) systems and controls which ensure the information collected about the customer or beneficial owner is reviewed and kept up to date. OCDD includes transaction monitoring and enhanced customer due diligence programs.
Keep in mind that it is essential for the policies and procedures outlined in your AML/CTF program are consistent with how you execute on your compliance obligations. By using one solution for both the creation and execution of your AML/CTF Program, it becomes simpler to maintain consistency between policy and implementation. bronID can streamline the writing of your program to correspond with the AML/CTF controls available in the portal.
Part B - Customer Identification
Part B is all about the execution of an AML/CTF program it outlines the procedures for identifying customers and beneficial owners, including politically exposed persons. It comprises of how you actively take a risk-based approach to provide designated services to your customers.
- Outlining the KYC procedure, including customer information you collect and verify. Use customer due diligence procedures to your customer is whom they claim to be.
- What information to collect and verify about beneficial owners, and how you intend on doing this.
- How to determine if your customer or beneficial owner is a politically exposed person.
- How you respond to discrepancies in the customer information.
- How you decide when you should collect additional information and perform enhanced due diligence to serve a new customer.
- Enhanced due diligence with bronID
The bronID team have observed a disconnect between the software systems available for the execution of Part B (know your customer) checks and the creation of an AML/CTF program. By streamlining this process into the one platform, the bronID portal, compliance officers can easily see that their AML/CTF program aligns with the methods, policies and procedures they implement within the bronID portal to achieve AML/CTF Act compliance obligations.
It is easy to get started with bronID
Build your AML/CTF Toolkit, perform a risk assessment, generate an AML/CTF program and perform the necessary KYC checks all in one place.