Innovations in Identity

weak aml compliance program

The 5 Most Common AML Compliance Program Deficiencies

weak aml compliance program

Republished: November 14, 2017, updated to reflect the latest industry news, trends and insights.

Anti-money laundering compliance is a very difficult task. The number of risks is exponential. AML compliance officers have an innovative and rich history of compliance techniques and strategies.

In the end, AML compliance depends on: accurate and comprehensive risk assessments; pre-screening of customers through appropriate KYC programs; and audit and monitoring of transaction and customer activity.

Despite the commitment and dedication of AML compliance professionals, financial institutions continue to suffer from enforcement actions, compliance failures and weak internal controls.

In my view, AML programs do not get sufficient support and exposure from top-level management. A compliance failure usually can be traced back to the lack of tone and commitment to ethics. This basic deficiency results in blatant, systemic problems that plague AML programs: poor or outdated technology; weak controls that can be overridden by business needs; and commitment to revenue at all costs.

AML compliance programs consist of multiple elements, any one of which is critical to the overall effectiveness of the program. Five of the most common AML program deficiencies are:

AML compliance officer and lack of resources

In many financial institutions, AML chief compliance officers suffer from lack of stature and resources. AML compliance officers often have to string together resource requests, tie them to specific new business opportunities and argue for elevated authority and independence in the organization. All too often, AML officers are a background voice in a business operation, usually relegated to a lower level of importance and sometimes even ignored.

Business ownership of compliance function

AML compliance depends on business employees exercising responsibility for compliance functions. A compliance program, in the end, is only as good as marketing and client/account representatives are made aware of their compliance obligations.

AML compliance officers often urge business employees to assist and exercise caution when dealing with high-risk account holders and transactions. Against this influence, a financial institution without any culture of compliance will readily ignore these risks in favor of more business from high-risk candidates.

Risk Sensitivity and Documentation

Financial institutions do not allocate enough resources, time and technology to support adequate risk management. Financial institutions have become adept in the last ten to fifteen years in papering AML compliance programs, risk assessments, and KYC due diligence. Unfortunately, financial institutions need to dedicate much greater effort to measurement and management of risks, starting with an enterprise risk assessment, a real system for customer risk assessments, and an OFAC/sanctions risk assessment.

Even assuming such risk assessment mechanisms are put in place and followed, this information has to be incorporated into transaction monitoring standards, customer acceptance rules and guidelines and monitoring/audit programs.

Poor SAR procedures and standards

Financial institutions are often proud of their SAR procedures and filing protocols. The government regulators do not share such a positive view. In fact, the government has been complaining that financial institutions are now submitting too many SARS, and that the SARs often fail to contain adequate information to warrant the filing of the notice.

Financial institutions need to ensure that the board and senior management are apprised of SARs filings, reviewing, monitoring and oversight of the program. A top-to-bottom oversight program for the SARs program is a required practice to ensure effective operation of the SARs program.

Over-reliance on software technology

AML compliance cannot be reduced to mechanization. Technology and software programs are essential to identify potential suspicious transactions in the haystack of transactions. But there are more important elements to an effective AML compliance program than just using technology to spit out potentially suspicious transactions. A software program is one of many tools, along with auditing and monitoring programs that can be used to supplement day-to-day software screening of transactions.

This article originally appeared in Corruption, Crime & Compliance.

AML Compliance Updates

AML Watchlist TechnologyAutomation Driving AML Compliance Costs Down

Compliance failures can be costly — $13.4 billion in 2014 according to Booz Allen Hamilton. In its report on automation in anti-money laundering (AML) investigations, the consultancy notes that financial firms have been hiring rapidly, some increasing head count in their AML operations by 500 percent over a few years.  Clearly AML is ripe for automation — to reduce costs and to develop, retain and disperse consistent information to internal users and regulators.


transaction-filteringNew AML Compliance to Require Transaction Monitoring, Filtering Program

New York-regulated financial institutions are starting to re-evaluate their approach to anti-money laundering (AML) compliance to meet the new rule adopted by The New York Department of Financial Services (NYDFS), which will require transaction monitoring and filtering. While NYDFS rules apply specifically to New York State, many compliance programs operate at the enterprise level, thus requiring those financial institutions to make changes.


AMLD 4.1 for European ComplianceStaying on Top: AML Directive 4.1

The need for effective AML procedures to limit corruption, terrorist funding and other illegal activities goes without questioning. However, the cost of compliance, both in terms of resources and time, creates a substantial burden on financial industries. Adding electronic ID in the 4.1 AML Directive acknowledges digital identity techniques can be done in a manner that is just as secure as any paper-based technique – a major step forward in AML compliance.


Watchlist ChecklistChecklist for Global AML Watchlists: Are Your Systems Proficient?

Is your financial institution (FI) set when it comes to operating a successful AML watchlist? Is your watchlist screening efficient, comprehensive, cost-effective and reliable? According to the Financial Crime Survey 2016 done by Operational Risk magazine and BAE systems there is an “increasing development and focus of sanctions regimes introduced by governments around the world to target organized crime and stem the funding of terrorism.”


AML Compliance Building Compliance-Respect Through InnovationAML Compliance – Overcoming Regulatory Barriers with Innovative Solutions

Existing procedures are not cutting it. Manual processes are time intensive, expensive and prone to errors. To help grow their role and create effective change, compliance needs to embrace the process and tools of change, innovation and technology.


AML/KYC Compliance for Legitimate BusinessesAML, KYC, OMG: How to manage compliance with a smaller team and a better UX

Beneficial ownership laws now extend to all business relationships. Learn how companies can protect themselves with an effective AML (anti-money laundering) and KYC (know your customer) compliance program.



AML, KYC, OMG - How to manage-compliance smaller team better UXAML/KYC Compliance for Legitimate Businesses

How can a regulated startup manage AML (Anti-Money Laundering), KYC (Know Your Customer), and KYB (Know Your Business) compliance without breaking the bank – or the team?



New technologies and AML complianceNew Technologies and AML Compliance

To help provide clarity, the Financial Conduct Authority in the UK (FCA) published a report New Technologies and Anti-Money Laundering Compliance. The research offers insight about various emerging AML technologies, implementation by regulated firms, and the role of the FCA.

Michael Volkov, CEO and owner of The Volkov Law Group, LLC, has over 30 years of experience in practicing law. A former federal prosecutor and veteran white collar defense attorney, he has expertise in areas of compliance, internal investigations and enforcement matters.

Mr. Volkov maintains a highly popular FCPA blog – Corruption, Crime & Compliance. He is a regular speaker at events around the globe, and is frequently cited in the media for his knowledge on criminal issues, enforcement matters, compliance & corporate governance.

The information in this blog is intended for public discussion and educational purposes only. It does not constitute legal advice.

No Comments
Post a Comment