What is AML Compliance?

This document explains the AML Compliance in the context or domain of Money Service Business (MSB).

The competitive world of foreign exchange business and new regulatory environment, have created an increasing pressure on MSB and other financial companies to conform with new government Anti-Money-Laundering AML regulations. AML Compliance is a short term for referring to all systematic methodologies used to conform with these regulations.

A complete AML program should consist of:

  • Record Keeping Systems satisfying minimum KYC requirements
  • Automated Systems for Record Validation and Verifications
  • Transaction Monitoring
  • Risk Assessment and Rating
  • Risk Reviews and Systematic re-evaluation of records
  • Government Reporting
  • AML Audits
  • Automatic Tools

What is a Money Service Business (MSB)?

Money Service Businesses (MSBs) are businesses offering check cashing, money orders, travelers checks, money transfer and remittance service, currency dealing or exchange, and pre-paid access (formerly stored value) products.

Money Services Businesses in the United States are subject to Bank Secrecy Act requirements and must register with FinCEN. In Canada, these companies should comply with FINTRAC regulations.

Elements of an AML Compliance Program

  • Preparation of a Compliance Manual
  • Assigning a compliance officer
  • Period Internal audits (normally every year)
  • Periodic External audits (normally every 2 years)
  • Implementing a Compliance Training program
  • Implementing an compliant Record-Keeping System
  • Comprehensive KYC (Know-Your-Customer) program
  • Systematic Reporting (LCTR, EFTR, STR)
  • Archival of important paper documents and communications with authorities, banks, people, customers, and other documents of due diligence
  • Internal Control Procedures
  • Periodic review of the compliance program
  • Management of Risks

What are the most common deficiencies?

  • Incomplete Registration
  • Incomplete or outdated compliance regime
  • Poor Risk analysis and mitigation
  • Poor KYC on customers (e.g. lacking full occupation)
  • Poor PEP determination program
  • Poor Third-party determination
  • Insuficcient record on corporate structure
  • Insuficient KYC record on beneficiaries
  • Poor due diligence on source of funds
  • Late reporting
  • Lack of trainng documentations
  • Lack of systematic reporting for suspicious transactions (STR)
  • Lack of timely external audit

What to prepare for your AML Audit?

For your next AML Compliance audit make sure you have the following documents in order:

  • Updated Compliance Manual (Compliance Regiment)
  • Compliance Training Log Book
  • Corporate customers documents should be complete
  • Customer information (KYC due diligence) should be complete and entered in your electronic record-keeping system (e.g. occupation, address, DOB, etc...)
  • Prepare the requested queries and documents in advance
  • Prepare your staff for personal Interviews and ask them to review their material
  • Compliance officer will be Interviewed
  • Methods of Risk Assessment may be enquired about (how to determine high risk or PEP customers)
  • It is recommended to have your F2R reports ready and have the confirmation numbers entered in your electronic system.

What to include in your AML Compliance Training Log?

  • Subject of training material
  • Date, time and place the training took place
  • Compliance training material attached
  • List of attendees with their signature

What is an AML & ATF Compliance Manual?

The AML & ATF Compliance Manual (Anti-Money-Laundering & Anti-Terrorist Financing) is a documentation that outlines the policies and procedures of how an MSB organization is addressing its Anti-Money-Laundering obligations under the law.

How long does it take to prepare an AML Compliance Regime?

This may depend on the size of your company and different products and services that you offer. It may also depend on the availability of our compliance staff. We normally outsource your compliance program to individuals and companies that we have come to trust over the years. Since our core business is software development, we will not charge any extra fees or commissions as a middle men. Our goal is to make sure that our customers stay in business and we will make sure to guide them every step of the way.

Why are the banks closing down Money Exchange business accounts?

If you are not aware, there has been an increasing trend about banks and other financial institutions closing down accounts of MSB (Money Service Businesses). This phenomenon is more prevalent in the US and Canada, but have been followed in other countries such as Australia, UK, New Zealand, and so on.

This question may seem out of place, but we have been continuously receiving this question for several years. If you are a new Money Service Business, you have to stop and read this before you approach your bank. Remember that you only get one chance to make it right, so you better prepare for this challenge ahead of time. We certainly recommend that you talk to an AML expert before you approach your bank. This short note will explain what you need to know ahead of time.

The general impression is that banks are trying to kill their competition by eliminating their ability to bank. Although this may seem like a valid incentive, it is not the real reason behind their decision.

Why are the banks refusing to open accounts for Currency Exchange Businesses?

The reason comes down to risk-control and mitigation. MSBs are inherently very risky clients for the banks, as they are easy targets for money launderer and terrorist financers. The banks do not have the time and resources to make sure all their clients are following the rules and regulations, so they try to mitigate their risk by elliminating the cause. Having said that, we are not trying to imply that it is impossible to open a bank account in any financial institution, but it is definitely a big challenge.

There are more than one factor or two that determine the risk score of an MSB. Banks have to go through a very sophisticated and thorough process of risk-assessment to evaluate the capacity of an MSB in terms of fighting money laundering and terrorist financing. Basically, you have to make it easy for the banks to realize that you have thought of their problem and approached them with a feasible solution.

You may be aware of the concept of a score-based risk evaluation. Perhaps you know that when an individual applies for a loan, the creditor will evaluate the risk based on different factors. One of these factors is the credit score of the individual. This credit score is calculated and evaluated over the years.

you Banks have different risk-assessment matrix but they all share some common properties. These are some of the issues that could influence the bank's decision one way or another:

  • Computerized Record Keeping System (the system that you are using must be compliant with regulations). MSBs that are using manual record-keeping system will have a very difficult time to keep their accounts operational.
  • Your management should be aware and trained on all the regulations for AML and ATF. You should keep and provide evidence of your management training in regulatory safeguards, record-keeping and reporting.
  • The variety of services that your MSB offers (remittance, cash, cheque cashing, dealing precious metals, etc...); more services is usually riskier. As the bank will have to report your MSB's transaction to your regulator, they want to know how much reporting cost you will bring them.
  • AML (Anti-Money-Laundering) & ATF (Anti-Terrorist Financing) program in place (manual of AML and ATF custom-made for your business). Your compliance manual should mention how you will perform your KYC, KYA (Know Your Agent) , KYE (Know Your Employee) , 24-hr rule, sanction list checks every time you deal with recurring clients. A generic compliance manual will not be acceptable by the banks anymore.
  • Background checks against sanction lists: must be automated, banks will not accept manual systems. Your list must be updated at least on a weekly basis. Most Canadian banks are partners with US banks and therefore, must comply to US banking regulations. As a Canadian MSB who want to maintain your banking relationship, you must ensure to check OFAC' SDN list as well as OSFI list. You also should let you bank know how you achieve this.
  • Reporting program. Please keep all records of your reporting.
  • As an MSB, you are prone to having suspicious transactions. You must keep the evidence and provide it to the bank.
  • Interview: you will be interviewed and the branch manager will put their own recommendation. Some interviews are unofficial and may be done over the phone. You should be very well prepared to answer questions from the bank regarding your compliance program.
  • Training program: you should have regular compliance training program for your staff. Keep a record of all training and provide to the bank as proof of your training program in action.
  • Internal Audit program: You must mention in your compliance manual that you have provisioned an internal risk-assessment program. Your internal audit should take place at least once a year.
  • External Risk Audit: You may be required to do an external audit by auditors such as Grant Thornton, KPMG, Ernst & Young, or other AML auditors.