1 / 30

OSFI Anti-Money Laundering and Anti-Terrorist Financing

Topics. Process followed by OSFI in conducting AML/ATF AssessmentsElements (Controls) we expect to find in the AML/ATF Program Finally make some General Observations that have come out of reviews conducted to date.. AML/ATF Assessment Process. Pre-Review Information RequestOnsite Work Cove

gay
Download Presentation

OSFI Anti-Money Laundering and Anti-Terrorist Financing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. OSFI Anti-Money Laundering and Anti-Terrorist Financing Elements of a Sound AML/ATF Program Information Session – November 9, 2005 Fairmont Royal York Presented by Brian Long, Director, Compliance Division OSFI

    2. Topics Process followed by OSFI in conducting AML/ATF Assessments Elements (Controls) we expect to find in the AML/ATF Program Finally make some General Observations that have come out of reviews conducted to date.

    3. AML/ATF Assessment Process Pre-Review Information Request Onsite Work – Covers three areas Oversight Oversight functions AML/ATF Program including documented policies and procedures Business Line and File review Supervisory letter Recommendations File Review Summaries Share with FINTRAC

    4. AML/ATF Program What do we look for Elements that permit FRFI to comply with legislative obligations and Elements that mitigate exposures to ML/TF risks

    5. AML/ATF Program – OSFI Expectations Compliance Obligations Proceeds of Crime (Money Laundering) and Terrorist Financing Act, regulations and guidelines OSFI’s Guideline B-8: Deterring and Detecting Money Laundering and Terrorist Financing. United Nations Suppression of Terrorism Regulations (UNSTR) Criminal Code provisions

    6. AML/ATF Program - Elements Enterprise-wide AML/ATF Policy Chief Anti-Money Laundering Officer – CAMLO Board and Senior Management Oversight Customer Due Diligence Policies and Procedures Annual Self-Assessment Program

    7. AML/ATF Program - Elements (cont’d) Independent Procedures Testing and Reporting Terrorist Name Searches (continuing basis) Identification and Reporting of Suspicious Transactions Identification and Reporting of LCT/ International EFTs

    8. AML/ATF Program - Elements (cont’d) PCMLTFA obligations integrated into Legislative Compliance Management (LCM) Record Retention Ongoing Staff Training

    9. Enterprise-wide AML/ATF Policy Board Approved Applicable to all operations Documented Covers the key elements relevant to FRFI Assigns responsibilities and accountabilities

    10. CAMLO Responsible for all aspects of AML/ATF within FI and subsidiaries (enterprise-wide mandate) Should have written mandate covering scope of responsibilities Should have appropriate resources to support role (direct or dotted line) Appointed by management/or Board or Board committee Should be independent of operations (i.e., no conflict )

    11. CAMLO (Cont’d) Should be independent of Internal Audit Reports to senior management and Board on AML/ATF matters Attends senior management and board meetings where AML/ATF matters discussed Staff accountable for AML/ATF within business lines/operations report to CAMLO on dotted line basis Responsible for reporting to OSFI, FINTRAC, RCMP, CSIS

    12. Board and Senior Management Oversight Key driver in terms of implementing controls within FI that are effective Commitments from the top to AML/ATF Are they in the loop in terms of reporting?

    13. Customer Due Diligence Enterprise-wide policies and procedures Enterprise-wide standards for acceptable documentation Enterprise-wide standards for enhanced due diligence Exceptions to meet local or business needs to be approved by CAMLO

    14. Customer Due Diligence If FI has identified higher risk customers, products or geographically regions for ML or TF risks Would expect FI to have implemented enhanced policies and or procedures that go beyond the minimum compliance requirements Supplemented by increased monitoring and surveillance to search for unusual or suspicious transaction Current Reporting systems Electronic monitoring systems

    15. Annual Self-Assessment Program OSFI Guideline B-8 requirement CAMLO coordinates annual review of self-assessments with business line personnel Designed to assess adequacy of AML/ATF policies and procedures adopted by FRFI Are policies and procedures in place? Are the procedures being followed by staff? Are there any gaps in policies and procedures to comply with regulatory obligations? Expect CAMLO to report annually to management and relevant Board committee on results. Report should include, scope of assessment, findings and recommendations and opine on the existence of appropriate polices and procedures, adherence to them and their effectiveness.

    16. Independent Procedures Testing Internal Audit normally- but could be other function independent of operations and CAMLO (e.g. external audit) Purpose is to review the Self-assessment and identify and report deficiencies noted in testing undertaken during year Identify follow-up actions complements and verifies Self-assessment process Tests staff knowledge to ensure ongoing understanding Test procedures and systems implemented to verify working as intended Testing can be carried out on a stand alone basis or embedded as a component of other reviews such as a business line reviews or IT reviews Expect Internal Audit to report at least annually to the Audit Committee on findings related to AML.

    17. Terrorist Name Searches (Continuing Basis) Obligations under UNSTR and Criminal Code Must search on continuing basis to determine whether FRFI is in possession or control of terrorist assets. Must report to RCMP, CSIS and FINTRAC if there is reason to believe that they are in possession or control of terrorist assets. Must provide monthly report to OSFI on results.

    18. Terrorist Name Searches (Continuing Basis) For DTIs OSFI expects continuing basis searching to be At least one a week and ASAP for newly posted terrorist names. For DTIs processing wire transfers All incoming and outgoing wires should be scrubbed against OSFI terrorist list.

    19. Terrorist Name Searches (Continuing Basis) For Life Companies A minimum of once a month but could be weekly depending upon company’s or product’s susceptibility to terrorist financing and ASAP for newly-posted terrorist names.

    20. Identification and Reporting of Suspicious Transactions Suspicious Transaction Reporting (STR) process documented and understood by involved staff Relevant employees trained to identify suspicious transactions Process may be supported by Management reports that identify unusual trends for further analysis Sophisticated rules –based software for surveillance and monitoring transactions for unusual patterns CAMLO must be involved as part of process for FINTRAC Reporting Reporting to FINTRAC should be in electronic form containing information and within time parameters prescribed under PCMLSTRR

    21. Identification and Reporting of LCT/ International EFTs Large Cash Transactions If cash is accepted there must be procedures in place to electronically report transactions of $10,000 or more to FINTRAC FRFI must be able to aggregate transactions that exceed $10,000 in 24-hour period where it is known that the transaction is conducted by or on behalf of the same person. A written policy prohibiting the acceptance of cash negates this requirement

    22. Exemptions to LCTR requirements An FI may exempt certain customers from LCTR process ONLY IF all of the criteria established under the PCMLTA are met. Most FIs have decided not to maintain exempt lists.

    23. Identification and Reporting of LCTs/ International EFTs International Electronic Funds Transfers Procedures are required to aggregate and report to FINTRAC EFTs of $10,000 or more if you are the financial institution that is the first in or last out of Canada in the transaction process. Must scrub all wires against OSFI terrorist list.

    24. Compliance obligations under PCMLTFA Legislative Compliance Management (LCM) provides a control framework to mitigate exposure to all regulatory risks in FIs and is subject to OSFI Guideline E-13. PCMLTFA, regulations, OSFI Guidelines B-8, UNSTR and applicable Criminal Code sections should be integrated into LCM framework and controls.

    25. Record Retention The PCMLTFR mandates the retention of Records for purposes of AML/ATF. Record retention standards should be included in the FI’s AML/ATF policy and procedures, assessed in the Self-assessment and verified by internal audit.

    26. Ongoing AML/ATF Training Key element in a sound AML/ATF Program Who should receive training Employees directly exposed to AML/ATF risks Business line staff whose products are subject to ML or TF risks Staff working in back office operations whose function may identify suspicious transactions Staff working in control functions that may assess ML/TF risks Senior management All staff?

    27. General Observations Have found issues in all elements identified above Self-assessments not performed or deficient Self-assessment not being presented to the Board by CAMLO Independent procedures not carried out and not scheduled annually

    28. General Observations (cont’d) Independent procedures testing not being reported annually to Audit Committee Legislative Compliance Management does not include AML/ATF obligations (PCMLTFA, PCMLTFR, UNSTR, Criminal Code and/or OSFI Guideline B-8) Training is lacking, insufficient or was initially undertaken but little or no follow-up

    29. General Observations (cont’d) Training not regularly scheduled or business line specific Training not tied to testing Training not taken by management, resulting in lack of understanding of issues and compliance obligations OSFI often told a FI is not exposed to money laundering because it does not deal with cash

    30. General Observations (cont’d) Just-in-time compliance Third-Party Determinations - the weakest link Looking at AML/ATF as only a compliance exercise to satisfy regulator instead of protecting the FRFI’s reputation and franchise Doing it to meet regulator’s needs and not that of the FI’s Do not appreciate risk this has to the institution’s reputation Look at customer due diligence as a compliance issue instead of looking at it as a good business practice to know your customer better

    31. Thank You

More Related