13 november

2012

AML/CFT Workshop Senior Mgt. Gert Demmink

2

Corporate Governance

Good Governance

Purpose & business goals

Strategy

Objectives - policies

Policy cycle

Monitoring, Audit

Responsibilities

Liabilities

3

Corporate Governance

Internal supervision

Internal control, MLCO/MLRO, business

manager

External supervision

External accountant (management letter)

‘Composite Functions’

Audit committee

Risk committee

Compliance committee

4

Corporate Governance

Reporting Stop Assuming…….

5

Good Governance, R + C

Governance: direction & control of the

organization + accountability (share- &

stakeholders) and oversight;

Riskmanagement: elimination or

mitigation of risk (probability x impact);

Compliance: adherence to laws and

regulations, codes, best practices,

internal & external.

6

Company Culture

‘Tone at the Top’;

Is all about Attitude & Behavior of the

Executive Top;

The Right Tone at the Top is KEY to Risk

Management;

Tone at the Top is the apparent willingness of

top management to let the core values of the

organization prevail over other values, and to

expect the same from others in the

organization

7

Core Values

8

Core Values

Openness / transparency;

Respect;

Take Ownership;

A Banker’s Oath?

…………..

…………..

…………..

9

Strategy to Execution

I

• Vision

• Mission

II

• Strategy

• Objectives - policies

III

• Processes, procedures

• Roles, tasks & Responsibilities

10

Strategy

Strategy Control

Defines how organizations use their

resources to meet their objectives

Doing the Right Thing

Management Controls

Adresses the general question whether or not

employees are likely to behave properly

Doing Things Right

11

Strategy & Management Control

Connect the two and you’re doing……

12

Choice of Policy & Accountability

Policy Choice

Accountability (strategy control)

13

Governance - Policy Cycle

14

Case:

Conducting a business risk assessment:

What do we need?

What is the risk governance or compliance

governance model of your organization?

Who do we need?

Why?

How?

Is there an ML/FT risk anyway?

15

16

Money Laundering

A matter of:

Pricing;

Capacity load or utilization;

Possessing;

What is the nature of my clients’

businesses?

Which business type is more prone to

money laundering?

17

Money Laundering Case

Let’s all launder some money…….

Half of you may choose to launder

through pricing;

The other half through capacity utilization

Take 10 minutes and report back.

18

Risk Based Approach

19

BRA - RBA

Now apply the RBA in our business risk

assessment;

Please consider Risk Probability X Impact

Please do NOT apply the Example Rule

20

Business Risk Assessment

21

Policies, Procedures & Measures

Monitoring;

PPM in place?

Monitoring & Auditing

PPM effective too?

Role of Internal Control / Audit: third line

of defense or party to the overall risk

assurance framework?

22

Customer Due Diligence

A bank’s business risk assessment

should enable to determine its initial

approach to performing the CDD process,

depending on the type of customer,

business relationship, product or

transaction involved;

23

Customer Due Diligence

The customer risk assessment must

determine a risk profile of the customer

and the UBO and the extent of CDD

information that will be obtained, how that

information will be verified, and the extent

to which the resulting business

relationship will be monitored;

24

Customer Due Diligence

Care must be exercised under a risk

based approach. Being identified as

carrying a higher risk of ML or FT does

not automatically mean that a customer is

a money launderer or is financing

terrorism. Similarly, identifying a customer

as carrying a lower risk of ML or FT does

not mean that the customer is not a

money launderer of financing terrorism

25

Take Ownership - Leadership

26

Make sure MLCO/MLRO are OK

Well anchored, embedded in the

organization & processes

27

MLCO

Senior Management’s responsibility to

appoint a MLCO that:

Has sufficient knowledge and skills;

Has appropriate independence and authority;

Has sufficient resources, including sufficient

time (and support staff);

28

MLCO

Has unfettered and timely access to all

business lines, support departments and

information necessary to appropriately

perform the function;

Has direct access to the board.

29

MLRO

Senior Management’s responsibility to

appoint a MLRO that (in addition to

MLCO):

Is employed by the regulated entity or an

entity in the same group as the regulated

entity;

Is based in Aruba;

30

Summary

Governance Structure

Good Governance

Ethical Culture

Business Goals – Strategy – Policy Choice

Procedures & Measures

Monitoring & Audit

Adjustment