Why do organization need to perform AML/CFT Audit????
Kiran Kumar Shah CAMS, CAMS-AUDIT, FCCA, CISA, CISSP, DipIFRS, M.A
"AML/CFT & Cybersecurity Mentor | Empowering Risk Management Professionals and Businesses with over 15 years of expertise in AML/CFT, Audit, IT Security and Compliance."
Between the years 2010 and 2013, there have been over twenty‐five AML‐related consent orders, written agreements and cease and desist orders and more than $900 million in fines. According to a report issued by the U.S. Senate, recent prosecutions and legal actions relating to OFAC violations between 2010 and 2012 have amounted to over $1.4 billion, involving well‐known financial institutions3. Based on metrics from the U.S. Department of the Treasury, OFAC‐related penalties and settlements between January 2, 2013 and October 25, 2013 totaled $12,875,278.(Source: https://www.bankersonline.com/security/bsapenaltylist.html)
Based on a review of regulatory orders in 2012 and 2013, frequently cited AML program weaknesses included:
· Inadequate customer due diligence and enhanced due diligence practices.
· Incomplete identification of high‐risk customers.
· Insufficient policies, procedures, and training.
· Failures in monitoring and identifying suspicious activity.
· Poor reporting and filing practices relating to suspicious activity.
· Ineffective independent testing and audit functions.
Many regulators expect that organizations to be more proactive than reactive by improving their risk management practices and auditing their AML compliance program to ensure an effective AML compliance program.