●● Enhance transparency of the supervisory framework and make available information on AML/CFT enforcement measures imposed on institutions; ●● Ensure that the respondent banks have no business relationships with shell banks, wherever located; and ●● Strictly supervise the AML/CFT compliance framework of respondent banks and ensure that they meet their AML/CFT obligations, including enhanced customer due diligence measures on nested correspondent accounts and on customers who directly access payable-through accounts. For banks whose accounts have been terminated, supervisors should investigate the exacerbating factors and circumstances and take the necessary supervisory and corrective measures where deficiencies are identified. In developing a risk-based AML/CFT supervision plan, supervisory authorities should be aware that “de-risking can frustrate AML/CFT objectives and may not be an effective way to fight financial crime and terrorism financing. By pushing higher-risk transactions out of the regulated system into more opaque, informal channels, they become harder to monitor” (World Bank 2016). Supervisory authorities have a key role to play in strengthening the AML/CFT regime and providing guidance on the AML/CFT requirements to ensure their consistent implementation.
EXAMINATION FINDINGS AND THE EXAMINATION REPORT Examiners should determine the level of compliance with each specific requirement being examined, based on a general classification of how the findings will be assessed. For instance, table 5.1 presents an example of a classification of compliance with the requirement to identify and verify the identity of a customer.
TABLE 5.1 Example of an Assessment of Compliance with an AML/CFT Requirement Customer due diligence: identification and verification of the identity The identification of a client and the verification of the identity of the client should be done on the basis of documents, data, or information obtained from a reliable and independent source. Expected behavior
Compliant
The institution has policies and procedures for identifying and verifying the identity of customers, and those procedures are implemented adequately. Evidence of this verification is recorded in the customer files.
There are clear procedures for verifying the identity that describe the documents to be used and in which cases a certified copy or an apostille is required. Procedures are applied in practice, and documents are present in the examined customer files.
Largely compliant
Partially compliant
Not compliant
There are mostly clear procedures for verifying the identity that describe the documents to be used.
The procedures only give some examples of documents that can be used to verify the identity of customers.
The procedures do not describe the documents to be used.
Procedures are not always applied in practice, and required documents are not always present in the examined customer files.
In several examined customer files, incorrect documents are found or ones not duly certified.
In the examined customer files, there are hardly any documents indicating that the identity of the customer has been verified.
Source: World Bank.
Chapter 5: On-Site Risk-Based AML/CFT Supervision
113
