After undertaking an AML Risk Assessment and implementing AML Governance, your firm needs to ensure that the AML policies and procedures are working as specified.
AML Monitoring must be conducted on a scheduled and repeating basis at a frequency determined by the risk. At the very least, AML monitoring has to be done annually.
AML Monitoring has to be formally executed and the results reported. Regulators usually specify key areas that the AML Monitoring should cover, including:
- AML Deficiencies: List all material deficiencies identified by monitoring in the current period or open at the end of the last monitoring period, including a description of actions taken/being taken to resolve them.
- Internal Controls: The success or failure of current internal processes, systems and controls in preventing or identifying money laundering over the period.
- Resourcing: An assessment of the adequacy or otherwise of existing AML resources (staffing, systems, data, etc.).
- Suspicious Transactions: The number of internal suspicious transaction reports and those which were investigated and subsequently reported to the national AML agency.
GRC-Maestro keeps the records you need to show that AML Monitoring was performed, issues flagged and resolutions implemented.