Training and AML/CFT

By

 Money laundering is defined as criminal proceeds finding their way into the formal economy via a web of transactions that conceal their true origins. Terrorist financing can come from rogue regimes or terrorist organisations that feed their cells worldwide under trade payments, investments, remittances and money for education.

 

Financial institutions are required by their regulatory authorities to provide all employees with an annual anti-money laundering certification training.  Regular AML/CFT Risk Awareness training enhances employees’ vigilance against the latest ML/TF risks faced by the business and their role in mitigating this risk

 

The RE may get the AML/CFT framework designed and invest in the best of the AML technology, but it is of no use unless it has well-trained and competent manpower to effectively implement this AML framework or optimally use the AML software.


Objectives of AML/CFT Training and Awareness Program


The AML training must be designed considering the nature of the business, customers and products/services the entity deals with, the entity’s identified ML/FT risk and vulnerabilities, etc.

The AML/CFT training must ensure that all the core aspects necessary to identify and combat money laundering and terrorism financing are discussed, which enables the employees to:

  1. Understand the applicable AML/CFT regulatory landscape, following PMLA 2002
  2. grasp the internal AML/CFT policies, procedures, systems and controls developed and deployed by the entity, including its periodic amendments
  3. Realize own roles and responsibilities around AML when dealing with customers or handling transactions which may be associated with financial crime typologies
  4. Thoroughly understand the red flags and ML/FT trends specific to the industry in which the entity operates
  5. Timely detection of suspicious activities that may involve proceeds of crime or any association with financial crime
  6. Responsibly report the observed risk indicators to the AML Principal Officer
  7. Evaluate and comprehend the international best practices that may enhance the effectiveness of the implemented AML program

Employee contribution and engagement at all levels are significant for the efficacy of the AML measures. Hence, the training session must include the entity’s senior management, operational staff, employees who engage with customers or manages business relationship, and any other employee who is expected to encounter any potential financial crime risk during regular business activities. For new employees, the regulated entity must ensure that AML training and awareness session is conducted at the earliest possible post-joining.

BIS on Employee Training



The Basel Committee on Banking Supervision issued on 02 July 2020, the updated version of its guidelines on Sound management of risks related to money laundering and financing of terrorism, with guides on the interaction and cooperation between prudential and anti-money laundering and combatting the financing of terrorism (AML/CFT) supervisors.

According to BIS, there are three lines of defense against ML/FT risks. First. The Front Office supported by Board approved policies and procedures, second the Compliance Officer and third the Internal Audit.

 

 As part of the first line of defence, policies and procedures should be clearly specified in writing, and communicated to all personnel. They should contain a clear description for employees of their obligations and instructions as well as guidance on how to keep the activity of the bank in compliance with regulations. There should be internal procedures for detecting and reporting suspicious transactions.

 

 A bank should have adequate policies and processes for screening prospective and existing staff to ensure high ethical and professional standards. All banks should implement ongoing employee training programmes so that bank staff are adequately trained to implement the bank’s AML/CFT policies and procedures. The timing and content of training for various sectors of staff will need to be adapted by the bank according to their needs and the bank’s risk profile. Training needs will vary depending on staff functions and job responsibilities and length of service with the bank. Training course organisation and materials should be tailored to an employee’s specific responsibility or function to ensure that the employee has sufficient knowledge and information to effectively implement the bank’s AML/CFT policies and procedures. New employees should be required to attend training as soon as possible after being hired, for the same reasons. Refresher training should be provided to ensure that staff are reminded of their obligations and their knowledge and expertise are kept up to date. The scope and frequency of such training should be tailored to the risk factors to which employees are exposed due to their responsibilities and the level and nature of risk present in the bank.

 

As part of the second line of defence, the chief officer in charge of AML/CFT should have the responsibility for ongoing monitoring of the fulfilment of all AML/CFT duties by the bank

 

Internal audit, the third line of defence, has to check periodically  the effectiveness of the bank’s training of relevant personnel.

 

Reporting of suspicious transactions

 

Ongoing monitoring and review of accounts and transactions will enable banks to identify suspicious activity, eliminate false positives and report promptly genuine suspicious transactions. The process for identifying, investigating and reporting suspicious transactions to the FIU should be clearly specified in the bank’s policies and procedures and communicated to all personnel through regular training. These policies and procedures should contain a clear description for employees of their obligations and instructions for the analysis, investigation and reporting of such activity within the bank as well as guidance on how to complete such reports

 

Outsourcing/agency

 

In practice, banks’ third parties need to have the necessary technical expertise, knowledge and training to apply customer identification and CDD measures of the bank. In some cases, where third parties’ business models are based on acting for several banks, they usually develop significant in-house expertise of their own. However, third parties are not always themselves subject to AML/CFT obligations, although many often are. Whether or not this is the case, however, the third party is always in the position of applying its principal’s identification and CDD requirements (which in turn must conform to legal requirements)

 

Cooperation and exchange of information in the authorisation process: Licenses of a Bank

 

The prudential supervisor should consider the bank’s envisaged risk mitigation system, internal control system and adequacy of governance and organisational structures to properly manage ML/FT risks presented in the authorisation process. Examples include but are not limited to: (a) assessments of the adequacy of AML/CFT policies and procedures of the bank; (b) the organisation of the bank’s AML/CFT function, including the adequacy of financial resources, staffing levels, training, and the information technology (IT) supporting the bank’s AML/CFT unit; and (c) governance and management oversight of the bank’s ML/FT risk exposures and risk management system.


FATF Recommendations on AML/CFT Training

 

The following is the Recommendations about training in AML/CFT given by the international standard setting body, FATF.

15.* Financial institutions should develop programmes against money laundering and terrorist financing. These programmes should include: a) The development of internal policies, procedures and controls, including appropriate compliance management arrangements, and adequate screening procedures to ensure high standards when hiring employees. b) An ongoing employee training programme. c) An audit function to test the system.

 

16.* The requirements set out in Recommendations 13 to 15, and 21 apply to all designated nonfinancial businesses and professions, subject to the following qualifications: 

a) Lawyers, notaries, other independent legal professionals and accountants should be required to report suspicious transactions when, on behalf of or for a client, they engage in a financial transaction in relation to the activities described in Recommendation 12(d). Countries are strongly encouraged to extend the reporting requirement to the rest of the professional activities of accountants, including auditing. 

b) Dealers in precious metals and dealers in precious stones should be required to report suspicious transactions when they engage in any cash transaction with a customer equal to or above the applicable designated threshold.

c) Trust and company service providers should be required to report suspicious transactions for a client when, on behalf of or for a client, they engage in a transaction in relation to the activities referred to Recommendation 12(e). 

Lawyers, notaries, other independent legal professionals, and accountants acting as independent legal professionals, are not required to report their suspicions if the relevant information was obtained in circumstances where they are subject to professional secrecy or legal professional privilege.

RBI, India on AML/CFT Training

MD dated 25 Feb 2016 last updated on Jan 04,2024, mandates the following:

 Hiring of Employees and Employee training

a.       Adequate screening mechanism, including Know Your Employee / Staff policy, as an integral part of their personnel recruitment/hiring process shall be put in place.

b.      REs shall endeavour to ensure that the staff dealing with / being deployed for KYC/AML/CFT matters have: high integrity and ethical standards, good understanding of extant KYC/AML/CFT standards, effective communication skills and ability to keep up with the changing KYC/AML/CFT landscape, nationally and internationally. REs shall also strive to develop an environment which fosters open communication and high integrity amongst the staff.

c.       On-going employee training programme shall be put in place so that the members of staff are adequately trained in KYC/AML/CFT policy. The focus of the training shall be different for frontline staff, compliance staff and staff dealing with new customers. The front desk staff shall be specially trained to handle issues arising from lack of customer education. Proper staffing of the audit function with persons adequately trained and well-versed in KYC/AML/CFT policies of the RE, regulation and related issues shall be ensured.


Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) training is important for employees to understand their roles and responsibilities in preventing financial crime. Training can help employees: 

  • Understand the regulatory landscape for AML/CFT 
  • Understand the internal policies and procedures for AML/CFT 
  • Understand the red flags and trends for money laundering and terrorist financing 
  • Learn how to identify and report suspicious activity 
  • Understand the international best practices for AML/CFT 

Some topics that may be covered in AML/CFT training include:


  • Money laundering and terrorist financing techniques
  • The international context and standards for AML/CFT
  • The regulatory compliance requirements for AML/CFT
  • How to escalate suspicious activity 
  • Regulatory authorities often require financial institutions to provide annual AML/CFT certification training for all employees. 


Employees must know the importance of AML compliance to protect the operations from money laundering risks and understand the consequences of non-compliance to AML requirements. They must learn to shoulder new responsibilities, use new software, and become more responsible towards identifying money laundering risks.

Further, the Prevention of Money Laundering Act, 2002 (PMLA) also mandates the regulated entities to ensure adequate AML training for its employee to implement the AML laws effectively. That is why AML training is essential for employees. It creates awareness amongst the staff and makes them more skilled and competent from an AML perspective. Only with a well-trained AML team can you implement your AML/CFT frameworks and policies more effectively.

Training Logistics

Your AML/CFT program must detail how you will run your AML/CFT risk awareness training program for employees. It is best practice to include:

  • Which employees need training, such as new employees, employees being promoted or transferred, senior managers, consultants and new directors
  • What the training intends to achieve
  • The frequency of the training
  • The delivery methods of the training
  • How and where training and completion dates will be recorded, and
  • Whether and how employees will be assessed after completing the training.


Dimensions of AML/CFT Training

According to BIS, the three pillars of successful AML/CFT programme are the Front office supported by Board approved Policies & Procedures, The Compliance Officer and the Audit.

From this it can be deducted that these three functions require specific training in the respective areas. Also the top management needs insight as to exploring new typologies, reporting STRs and risk management. The middle level needs in-depth knowledge on STR processes and confirmation. The lower level, especially the front office needs specific training in understanding customer behavioral trends that cause reasonable suspicion. The onboarding section staff may need training in identifying PEPs and Beneficial Owners.  These are in addition to introductory training on AML/CFT laws and regulations including sectoral regulators guidelines and rules

Types of Training


You can determine the types of training you provide for employees based on your ML/TF risks and the roles and responsibilities of your staff.

Options may include:

  • Online training courses
  • In-house or external training with an instructor
  • On-the-job training, especially if the risks are specific to a certain role
  • Induction training for new employees and existing employees who take on new roles or positions, and/or
  • Regular communication to employees via email, notices or bulletins about any changes or updates to your ML/TF risk systems, controls and procedures, including appropriate follow-up with employees to ensure that the information has been read and understood.

Frequency of Training

Freshers when inducted into service can have initial training to famliarise the AML/CFT environment of the firm.

The content and frequency of the training will depend on their roles in the organisation and the ML/TF risks your business may face.

Employees should have an understanding of the changing behaviours, techniques and practices, including relevant risk assessments and risk profiles, of money launderers and people engaged in terrorism financing. RE can incorporate this information into training materials and special purpose training provided when company  introduce a new product, service or technology. RE should also take into account any changes to the AML/CTF regulatory framework including the AML/CTF Act and Rules and any enforcement updates from the AML/CFT regulator  that may be relevant to RE’s  business. 


Certain events may trigger training requirements, such as:

  • Employees moving between jobs or responsibilities
  • New methodologies or indicators relevant to your business emerge, including new information about ML/TF risks in your sector
  • Employees failure to comply with your AML/CTF program
  • AML/CFT regulator -issued guidance or feedback on ML/TF risk in your sector
  • AML/CFT regulator’s  feedback on RE’s AML/CTF compliance.

 RE should give all relevant employees regular AML/CTF risk awareness training, including board members, directors, operational staff, contractors and consultants who are involved in providing designated services to its customers, in line with the ML/TF risk assessment to the extent they need to know.

The Trainers for AML/CFT

 There are internationally and locally recognized institutions that offer certified AML/CFT programs.  Additionally, there are competent professionals that conduct AML/CFT seminars and workshops.  If the latter is the option, it is recommended that the training facilitator have extensive knowledge of the AML/CFT legislation and experience in AML/CFT.

FIU Outreach

The FIU may conduct outreach and awareness seminars for our Supervised Entities at periodically.  These sessions are usually sector specific except where a session is conducted for all sectors.

It should be noted such outreach seminars should not be deemed AML/CFT training.  The content of the FIU seminars generally focus on:

  • General awareness of legal obligations;
  • How to report effectively to the FIU;
  • ML/FT/PF trends identified by the FIU.

AML/CFT training is critical to any Supervised Entity’s compliance with the laws and guidelines.  Although the Compliance Officer and/or staff assigned to the entity’s compliance unit are required to perform specific functions, all directors and staff of a Supervised Entity should receive AML/CFT training relevant to their job function.  So for instance the courier/messenger is not involved in business transactions but should be aware of the fundamentals of delivery and receipt of correspondence are important in record keeping obligations.

 

The HR dept in consultation with the Principal Officer must draw the schedule of training before the commencement of the year and communicate same to all concerned. The faculty members for delivery of course, Course material, Mode of delivery, Location, Language, Tools and techniques to be used must be decided well in advance to avoid last minute glitches. An employee training plan is a written resource that details how your company will approach a specific training initiative. 

 

For example, some individual contributors at your organization might be interested in becoming people managers. Your learning and development (L&D) team could support them by creating a leadership training plan that is results-driven, effective, and aligned with company goals. 

Training plans for employees play a central role in advancing specific learning initiatives. They shouldn’t be confused with development plans,  which are long-term guidelines for individual employees. In contrast, staff training plans are skill-based guides for groups or the entire company. These plans are valuable tools for addressing short-term skill gaps identified in personal development plans.

A well designed training plan has the following components:

  • Target Audience
  • Course Objective
  • Type of Training: [Budget, Objective, Target audience needs]
  •  Duration
  • Establish method for Measuring Effectiveness [Test score, Case study analysis, On- the-job performance]
  • Scheduling Sessions within allocated hours
  • Training Material Development
  • Pre-Requisites 
    • Faculty members
    • Location/Mode of Delivery[Self Learning Videos, Write-ups & Weebsite resources, Online/Offline; Physical Classroom]
    • Language
    • Tools& techniques

 

Happy Reading,


Those who read this, also read:


1. AML/CFT Risk Management at RE level

2. Obligations by RE under PMLA 2002

3.RBI Guidance on Record Management

4. Suspicious Transaction -AML/CFT

Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more