Lines of AML Defence
If you were to assess whether a single bank staff member responsible for monitoring and controlling Anti-Money Laundering activities is effective in their job function, you could perform this assessment by asking the staff member six dependently and serially linked questions.
Do you know what Anti-Money Laundering is?
Have you attended formal training on AML?
Do you believe AML is part of your job function?
Have you read the AML policy for your institution?
Do you know the difference between a good and bad customer?
Do you know the difference between a good and bad customer~facility mix?
Theoretically speaking, if a staff member responsible for AML control is unable to confirm each question level, it would be fair to say they aren't capable in meeting this compliance requirement.
The question set above is just a simple example of the query sets we put to bankers and bankers are required to evidence their capability in meeting each question level. The questions sets we often use are also far more complex than the six examples we have shown here but when the questions are serially interlinked, it allows assessment of potential control quality to be determined for each staff member.
The Binomial Assessment Level Model | Martin Davies
Causal Capital recently engaged this quality control test for AML policy effectiveness with an Asian bank. The bank will remain anonymous but the results from this internal assessment have been displayed below.
Firstly, we didn't inform the staff being assessed that Ant-Money Laundering was part of their job function but they were selected from a pool of employees working with customers and these employees should have tested positive for control effectiveness.
Assessment Response for an Asian Local Bank
Given the results shown above, on a good day that is, the bank we assessed will have an average of 6% of its staff responsible for Anti-Money Laundering compliance, capable of serving this mandate.
That's six people out of hundred staff members fully capable of performing their work effectively.
Seems pretty shocking doesn't it and it would be fair to say that our bank doesn't have too much of a grip over this compliance control. We also reviewed internal AML policy for the bank and found it to be lacking with respects to the way it referenced current Financial Action Task Force guidelines.
So if you reckon 6% compliance is a terrible score, I haven't told you the bad news yet. We have to be real with ourselves because the quality of this 'overall control' is far worse than that what the report states ... Why is that?
Quite simply there is a dependency relationship within each question set so the auditor must assume the one strike rule and you are out case needs to apply. This one strike rule and you are out substantially reduces the survival rate of the sampling method used.
Let's be concise for a moment, 12% of AML control staff assessed had actually little or no awareness of Anti-Money Laundering control or FATF for what it's worth. Unfortunately that position excludes them from being compliant with every subsequent question level beyond the starting point. Even if these employees have some insight into what might be a suspicious client transaction when such an event materializes, we still can't deem them compliant because they won't know the reason why AML compliance is important.
The assessment methodology carefully mapped out compliance effectiveness sequencing, as shown with X marks in the chart above and unfortunately for the bank this strict audit methodology resulted in a very low coverage score.
What a sobering thought all of this is and clearly more work needs to be done at this bank when it comes to meeting compliance and risk requirements.