Drafting of a Business Risk Assessment
 

To be able to mitigate against Money Laundering and Funding of Terrorism risk, subject persons shall first identify such risks. Each business may have specific exposures which are brought to light through such assessment. Our experts with vast experience on conducting ‘BRAs’ will have discussions with the management of the business and the MLRO, to identify such risks. As a minimum, our Business Risk Assessments include:
 

• A description of the business activity

• Analysis of the National and Supra-National risk assessments

• Identification of ML/FT risks

• Analysis of the Risk Model of the business

• Analysis of the mitigation techniques applied

• Mitigation level testing

• Detailed customer statistics and analysis of such data

• Likelihood definition

• Impact definition

• Inherent Risk Grid

• Inherent Risk Calculation

• Residual Risk Calculation

• Recommendations and Conclusions
   

After the report is provided to the management of the business, it is discussed at Board level. It remains the responsibility of the Board to review and approve the Business Risk Assessment.

 

Designing Your AML Risk Model (CRA)
 

One of the foundations of any subject person, is the ‘Customer Risk Assessment’ (CRA), also known as the ‘AML Risk Model’. The risk model is a mathematical calculation based on at least 4 main pillars, namely, customer risk, service risk, channel risk and jurisdiction risk. Radix Compliance may design a risk model specifically for your business requirements, whilst ensuring it is in line with AML regulations and expectations of local regulators.
 

Radix Compliance may also design sector-specific risk models, including, VFA, Gaming, CSPs and other sectors.

The customer risk assessment is paramount to ensure the business is in line with its AML obligations. A weak or incorrect risk model would result in wrong assessment of customers, which in turn results in a weak or incorrect business risk assessment and an under or over application of due diligence on customers.

​
 

Drafting your AML Manual
 

Radix Compliance may discuss your internal policies, procedures and risk appetite in order to draft the internal policies and procedures manual. The manual may also include the ‘client acceptance policy’ which defines what type of customers your business will accept, and those which your business will refuse. The AML manual clearly defines your internal procedures, especially those related to onboarding of customers, ongoing monitoring obligations, training of staff, internal reporting and external reporting procedures. The AML manual is not something one buys ‘off the shelf’, rather it is tailor-made depending on your business’s requirements and internal processes.

​
 

Drafting your Country Risk Assessments
 

Many businesses fail to establish the risk of countries they are exposed to through their customers. Such risks may be direct, such as the country of incorporation of a corporate customer, or indirect, such as the countries the corporate customer is dealing with.

Since jurisdiction risk is one of the major risk pillars with the customer risk assessment (AML Risk Model), one needs to identify what level of risk or score, the model should capture when the business is exposed to a particular country.

Radix Compliance may provide a detailed analysis of a number of countries which your business may be exposed to. Our team of specialists will analyse various factors for each country, such as, the Basel index, Transparency international corruption index, world governance indicator and other similar factors. The team also analyse the FATF list of countries under increased monitoring and the list of countries having deficiencies in their AML regime as published by the EU Commission.

After analysing these factors, the team will recommend a risk classification to be applied when there is an exposure to such country. Such recommendation comes as a detailed report on the country, the risk factors mentioned above, together with its usual economic activity.

 

Assistance with FIAU pre or post-compliance visits

​

A subject person should expect a visit by the Financial Intelligence Analysis Unit (FIAU) from time-to-time. During the visit, the FIAU will be performing their usual inspections to ensure that the subject person is in line with its AML obligations.

Our specialised team may assist the subject person before, during and after the FIAU visit, especially when AML related advice or consultancy is required following requests from FIAU or other authorities.

Assistance with drafting and implementation of Action
 

Plans following a Follow-up Directive issued by FIAU

 

Following a compliance visit, the FIAU may issue a ‘follow-up Directive’ after flagging a number of breaches of AML obligations in relation to the subject person. The subject person will normally have a limited time period to draft an action plan which clearly shows how the identified breaches are resolved.

 

Our experienced team may assist your business in understanding the FIAU’s requests and expectations and providing further assistance in drafting and implementation of such action plan.

 

Such follow-up Directives usually involve regular meetings with FIAU representatives who will analyse the business’s progress in relation to the action plan’s implementation. Our team may attend these meetings as your consultants in order to ensure the implementation is in line with the FIAU’s expectations.

​
 

Outsourcing of AML Compliance Functions
 

Radix Compliance may provide outsourced experts in the area of AML to perform AML related tasks on your behalf, such as:

• Reviewing of your customer files

• Updating of existing customer files

• Onboarding of new customers

• Performing a Customer Risk Assessment

• Performing of name checks and adverse media checks using your in-house screening tool

• Uploading due diligence to your digital system

Radix Compliance may provide experts to be present at your business’s offices or work remotely, upon your request.

Please note that the role of MLRO cannot be outsourced.

​
 

AML Review & Health Check

 

It is always better to independently check your in-house AML processes and procedures, together with other documentation you should have in place as described by local AML regulations. Our team of AML specialists may perform a general AML review & health check in order to flag any potential breaches of the regulation.

 

Our AML reviews & health checks include at least the following:

 

• Review of your business’s AML Manual & Client Acceptance Policy (CAP)

• Review of your Business Risk Assessment

• Review and testing of your AML Risk Model (Customer Risk Assessment)

• Review and testing of a sample of your customer files

• Interviews with key personnel such as Directors, Compliance Officer and MLRO, to establish their knowledge of the inhouse AML processes and AML regulation

• Review of your country risk reports

• Review of your ongoing monitoring, including the ongoing sanction monitoring processes

• Review of your in-house screening methodology

• Review of your onboarding questionnaires

• Review of your internal and external reporting procedures, especially those related to STRs

• Review of your record keeping procedures
   

Please note that a general review and health check should not be taken as an Independent and full AML audit. Such independent audit will include an audit report which involves a higher degree of testing.

 

 

Full AML independent Audit
 

Radix Compliance will conduct a detailed analysis of your internal policies, procedures, record keeping and due diligence documentation. The full independent audit is conducted by a CISA qualified internal auditor and an official report with findings is provided. Such report may be provided to relevant Authorities upon request.

 

​

Drafting of Client Onboarding Questionnaires (KYC)

 

One ofthe foundations to prevent Money Laundering and Funding of Terrorism is to understand and know your customer. The level of information your business should ask for is therefore paramount to ensure such mitigation is applied.

 

Our team of experts may assist your business with drafting your onboarding questionnaires, in order to ensure you are obtaining the right information to establish the proper ML/FT risk of your customers and to ensure you are able to perform ongoing monitoring of such business relationship in line with your AML legal obligations.

​

​

Ad-Hoc Consultancy in relation to AML
 

Our AML Consultants may provide your business with an ad-hoc consultancy services upon request.

 

​

Assistance with filing of the REQ
 

One of the biggest concerns of MLROs and Directors of Subject Persons, is the filing of the Risk Evaluation Questionnaire (REQ). The return is required to be provided to the FIAU on a yearly basis in order for the latter to establish the ML/FT risk of your business, to ensure your business is following certain AML obligations, and to understand the holistic ML/FT risk of the country.
 

Our team of experts are experienced with the completion of the REQs for various sectors and would be able to assist you with the completion of the REQ subject that your business provides the required information.

 

​

Professional AML Training
 

Radix Compliance may provide your team with a tailor-made AML training, which includes your internal policies, procedures and reporting lines. Radix Compliance will also provide a copy of the presentation material together with a certificate of attendance. The training is provided by an experienced and qualified trainer and lecturer.

 

​

The Full AML Compliance Start-up Package

 

There are certain legal obligations which are initiated once your business becomes a ‘Subject Person’ as defined by the Prevention of Money Laundering and Funding of Terrorism Regulations. It is of utmost importance that your business starts off on the right foot when it comes to its AML obligations. Certain breaches of your business’s AML obligations will be carried by your business for many years with likely serious repercussions.
 

Our team of experts may assist start-ups or businesses which are aiming to start providing ‘Relevant Activity’ or ‘Relevant Financial Business’ in the near future, to ensure that they are well prepared and trained in relation to AML matters with such a strategic move.