Running a payments business requires compliance with many local, state, and federal regulations. But anti-money laundering (AML) regulations and laws are changing all the time and growing ever more complex. To comply with these rules and avoid massive fines (and even prison time), your company must have a robust AML compliance program with five key elements.
1. Compliance officer
You need to hire or appoint a dedicated compliance officer who stays knowledgeable about the ever-changing AML landscape and creates and enforces a robust AML program. They should also oversee your company's AML training for employees. Without a compliance officer, your AML program will likely never launch successfully or will lack the required rigor and oversight.
2. Risk assessment
A risk-based approach to AML ensures you monitor your customers based on the level of risk they present to your business. The Federal Financial Institutions Examination Council (FFIEC) specifies that the process should include the following steps:
Identify the company's risk categories — Determine which products, services and locations are at highest risk for financial crime.
Analyse data in the high-risk categories — Examine transaction data like international fund transfers in certain locations or in certain accounts.
Regularly update risk profiles — Reassess your clients’ risk profiles on an ongoing basis.
3. Employee training
Your training program should teach employees what they need to know to maintain AML compliance for your specific industry. This training should be repeated at regular intervals to ensure retention of the important details and to update them on any changes in regulations.
The training should also cover the history of anti-money laundering regulations to help them understand why their efforts are important. And be sure to train them on practical examples of suspicious transactions and why criminals commit money laundering in the first place.
4. Systematic internal controls
The foundation of your AML program is the internal controls you develop, execute and monitor. These controls include company policies, processes and procedures aimed at identifying and reporting any irregularities or suspicious activity.
Your policies will include guidance on transaction monitoring, recordkeeping, and ongoing process evaluation. Your internal controls should also include technology source oversight, dual control of some measures, board of directors’ involvement, and continuity plans.
5. Independent audit
Regulators require you to create a compliance program and ensure you remain compliant. In addition to regular internal reviews of your program, an independent audit is key to finding gaps. In large companies, employees independent of departments at risk of money laundering can perform the audit. Other companies may need to hire a third party to conduct an independent review.
The audit should review your financial activity reports, evaluate your AML training program, test your transaction monitoring and customer screening processes, and review your AML policies. The audit should help you identify outdated or missing safeguards and fix any problems before regulators knock on your door.
Summary
A successful AML compliance program will enhance your company's reputation as a trustworthy entity and protect you from massive fines and prosecution. Although it may seem like a daunting task, setting up your program correctly from the beginning and choosing the best AML compliance solutions will pay huge dividends. Careful planning now will save you time, money, and problems with regulatory agencies down the road.
To learn more, download Jumio’s guide to creating and running your AML program.
About Jackie Wheeler
Jackie is Senior Director of AML Content at Jumio. She has been writing professionally since the 1990s and specialises in compliance, open source, enterprise software, and developer content.
About Jumio
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now