The Institute of Continuous Professional Training and Education (ICPTE) offers an extensive variety of Pre-Recorded and Live Online Courses created by Professional and qualified Instructors with years of experience in their field.
ICPTE platform allows You the flexibility to watch online pre-recorded seminars at Your own convenience, at Your own pace, in Your own time and place. Start watching a seminar today and complete it at Your own time. You can have access from anywhere. We work with professional and qualified instructors with years of experience in their field.
Firms should implement 2 basic steps.
Step 1: Identify the ML/TF risk factors in accordance with the risk appetite of the Firm.
Step 2: Assess the level of risk from the identified ML/TF risk factors
Risk assessments should assist Firms to understand their exposure to ML/TF risk and identify and prioritize the areas which focus should be placed in order to combat ML/TF.
Step 1: Identify the risk factors
The risk areas that arise from a client-specific risk assessment can be divided into the following:
a) Client risk; What are the types of Clients serviced by the Firm?
b) Service/transaction risk; what services/transactions does the client require and could they be used to launder money or finance terrorism?
c) Country/Geographical risk; what countries/geographical areas does the client operate in, reside in or the country of citizenship?
d) Delivery Channel Risk; how and by whom are the clients introduced to the Firm?
In practice, these risks may overlap and should be viewed as inter-related. There is no single methodology to apply to these risk categories, and their application is merely intended to provide a suggested framework for approaching the management of potential risks.
When implementing a RBA the assessment of risks may change according to time and global developments, therefore it must be highlighted that this is a dynamic process and must be maintained. A static implementation of the RBA may lead to a distorted picture and complicated circumstances, increasing the business risks of each firm.
Identification, recording and evaluation of risks
The MLCO has the responsibility to identify, record and evaluate all potential risks. The successful establishment of measures and procedures on a risk-based approach requires the clear communication of the measures and procedures that have been decided across the Company, along with robust mechanisms to ensure that these are implemented effectively, weaknesses are promptly identified and improvements are made wherever necessary.
A risk-based approach designed and implemented by the Company should involve the identification, recording and evaluation of the risks that have to be managed. The Company shall assess and evaluate the risk it faces, for usage of the services provided for the purpose of money laundering or terrorist financing. The particular circumstances of the Company determine the suitable procedures and measures that need to be applied to counter and manage risk.
In the cases where the services and the products that the Company provides are relatively simple, involving relatively few customers, or customers with similar characteristics, then the Company can apply procedures that focus on those customers who fall outside the ‘norm’.
The identification, recording and evaluation of risk that the Company faces presupposes the finding of answers to the following questions at a minimum:
a) What risk is posed by the Company customers? For example:
i. complexity of ownership structure of legal persons;
ii. companies with bearer shares;
iii. companies incorporated in offshore centres;
iv. politically exposed persons;
v. customers engaged in transactions which involves significant amounts of cash;
vi. customers from high risk countries or from countries known for high level of corruption or organized crime or drug trafficking.
b) What risk is posed by a customer’s behaviour? For example:
i. customer transactions where there is no apparent legal financial/commercial rationale;
ii. situations where the origin of wealth and/or source of funds cannot be easily verified;
iii. unwillingness of customers to provide information on the beneficial owners of a legal person.
c) How did the customer communicate the Company? For example:
i. non face to face customer, or transactions, without certain safeguards, such as electronic signatures;
ii. customer introduced by a third person;
iii. face to face clients.
d) What risk is posed by the services and products provided to the customer? For example:
i. services that allow payments to third persons;
ii. large cash deposits or withdrawals;
iii. services, products or transactions which may favour anonymity.
e) In which countries and geographical areas the customer and beneficial owner are based, their main places of business are and have relevant personal links? For example:
i. countries identified by the Commission as having strategic deficiencies in their AML/CFT regime, in line with Article 9 of Directive (EU) 2015/849;
ii. countries identified by credible sources, such as mutual evaluations, detailed assessment reports or published follow-up reports, published by the Financial Action Task Force, as not having effective AML/CFT systems;
iii. countries identified by credible sources as having significant levels of corruption, organised crime, tax crime and serious fraud;
iv. countries identified by credible sources as not been compliant with international tax transparency and information sharing standards;
v. countries subject to sanctions, embargos or similar measures issued by, for example, the Union or the United Nations;
vi. countries providing funding or support for terrorist activities, or that have designated terrorist organisations operating within their country.