Main
>
Legal Framework
>
14.6. Audit
FINANCIAL SERVICES LEGISLATION
RULES
ANTI-MONEY LAUNDERING AND COUNTER-TERRORIST FINANCING AND SANCTIONS RULES
Figure 1 – The Risk Based Approach
Figure 2 – Customer Risk Assessment
Entire Act

14.6. Audit

14.6.1. Audit obligation

An Authorised Person must ensure that its audit function, established under GEN 5.5.1 includes regular reviews and assessments (not less than once in two years) of the effectiveness of the Authorised Person's AML policies, procedures, systems and controls, and its compliance with its obligations in these Rules. Guidance on audit

  1. (a) The review and assessment undertaken for the purposes of AML 14.6.1 may be undertaken:
  2. (i) internally by the Authorised Person's internal audit function; or
  3. (ii) by a competent firm of independent auditors or compliance professionals.
  4. (b) The review and assessment undertaken for the purposes of AML 14.6.1 should cover at least the following:
  5. (i) sample testing of compliance with the Authorised Person's CDD arrangements;
  6. (ii)the adequacy of the Authorised Person's AML/CFT Systems, ML/TF risk assessment framework and application of risk based approach;
  7. (iii) the effectiveness of the system for recognising and reporting suspicious transactions;
  8. (iv) an analysis of all notifications made to the MLRO to highlight any area where procedures or training may need to be enhanced; and
  9. (v) a review of the nature and frequency of the dialogue between the senior management and the MLRO;
  10. (vi) the level of awareness of staff having AML/CFT responsibilities.