Column: Are You Ready For An AML/ATF Audit?
[Column written by Melissa Rodrigues McBeath]
As you will be all too familiar to our regulated sector, keeping on top of the continuous changing landscape can be challenging. This is the case from an anti-money laundering and anti-terrorist financing ["AML/ATF"] perspective, during 2023, with the issue of revised Guidance Notes for AML/ATF Regulated Financial Institutions on Anti-Money Laundering and Anti-Terrorist Financing, and the latest publication of 2020 National Risk Assessment [which was not previously released], as well as a number of other AML/ATF and international sanctions related notices published by the Bermuda Monetary Authority [the "BMA"].
As 2024 rapidly passes, it is imperative that all Regulated Financial Institutions maintain awareness and stay prepared for any imminent audit conducted by the BMA.
By making sure that your AML/ATF and international sanctions compliance framework is not only compliant and up to date, but also robust, we can assist your organization to effectively and efficiently adapt with the ever changing regulatory landscape and new technological trends.
With this in mind, we have compiled the below list of key points to help to be ready for your next BMA audit:
- Do not wait until the last minute to tackle any outstanding tasks. Try to view an impending AML/ATF audit as an opportunity to get your ‘ducks in a row’ compliance-wise and to test the robustness of your policies, procedures and controls.
- Gather all of your AML/ATF and international sanctions policies in one place, so that they can be readily assessable and ensure that they remain current and take into account any new applicable changes to the laws, regulations and Guidance as well as the 2020 National Risk Assessment;
- Ensure that your Business Risk Assessment and Customer Risk Assessment are current and reviewed at least annually or more regularly if, for example, your business has materially changed or if you have introduced new products or services;
- Ensure your annual independent AML/ATF audit requirement has been met, reviewed, any recommendations have been adopted;
- Ensure all previous remedial work has been completed to the extent possible and have a schedule of any that remain outstanding;
- Ensure that all systems and controls in place remain current either by testing internally or engaging an independent professional to do so;
- Clear out any backlog on your CDD and ongoing monitoring of clients and make sure that your associated record keeping is current and up to date;
- Have a report ready that contains an overview of your client or customer risk ratings as this will assist the auditor when they seek files for review as part of the audit;
- Be prepared to respond quickly to questions concerning the overall risk profile of your business; including all applicable pillars of risk;
- Ensure that the annual requirement for AML/ATF training has been met and that training logs are maintained and readily available;
- Be prepared to engage on a transparent basis with the auditor and be prepared to explain your business and its risks in an easily understandable manner [avoid being defensive].
Try to bear in mind that it is highly unlikely that your business will receive a clean bill of health following an AML/ATF audit but by being organized and willing to discuss and, if necessary, remediate any findings on a prompt basis, you will put your best foot forward.
If you require assistance with any of the above objectives, make sure that you engage with a qualified professional that fully understands your business model and is experienced in conducting AML/ATF audits. Walkers Regulatory Compliance Services [Bermuda] Limited can assist you to meet all of the above objectives and ensure you are in the best position to tackle the AML/ATF audit.
- Melissa Rodrigues McBeath, Vice President, Compliance Services of Walkers Corporate [Bermuda] Limited