Given the continuous evolution of Money Laundering (ML) schemes, it is increasingly challenging for Anti-money Laundering/Combating the Financing of Terrorism (AML/CFT) professionals to remain vigilant and detect the red flags. While institutions primarily focus on other aspects of the AML compliance program, namely, Transaction Monitoring (TM), Know Your Customer/Customer Due Diligence (KYC/CDD), and internal audit, and a comprehensive AML training program can be the first and best to combat heightened ML risk. Usually, Financial Institutions (FIs) tend to adopt a ?tick the box? approach to their AML training programs, and implement a ?one size fits all? training program. This can be problematic and result in a limited understanding of red flags across the AML compliance program, resulting in the inability to detect red flags and investigate suspicious transactions. It is no wonder that about 30% of India-based survey respondents of the Deloitte Anti Money Laundering Preparedness Survey, 2020, have prioritized investments in AML training in the next two years.
The Financial Action Task Force (FATF) and the RBI?s master direction on KYC mentions the need for an ongoing employee-training program, preferably with customized training depending on the staff?s role in the AML compliance framework.
In our experience, an effective AML training program could include the following elements:
Identifying target employees
The first step in designing an effective program is to identify the target employees. While all employees should be mandatorily trained on general AML requirements and guidance, a more targeted training program should be implemented for individuals who can directly impact the bank?s ML efforts, i.e., personnel with direct customer contact, compliance and audit personnel, senior management and board of directors, trade finance personnel, payments processing personnel, etc.
Identifying the topics for training
After identifying the target employee base, topics that need to be covered in the training should also be identified. This will vary according to the FIs, the products, and services it offers, but the following basic elements should be covered:
- General information, including background and history pertaining to ML controls, what ML and Terrorist Financing (TF) mean, why the perpetrators do it, and why stopping them is important
- Legal framework, including how AML laws apply to institutions and their employees
- Penalties for AML violations, including criminal and civil penalties, fines, jail terms, and internal sanctions, such as disciplinary action up to and including termination of employment
- How to react when faced with a suspicious client or transaction
- How to respond to customers who want to circumvent reporting requirements
- Internal policies, such as customer identification, verification procedures, and CDD policies
- Duties and accountabilities of employees
An effective training program should also include real-life ML case studies, how the activity was detected, and its impact on the FI. More specific and targeted case studies could be used to train the employees involved in areas with heightened ML risk such as account opening, trade finance, correspondent banking, private banking, etc. New hire training, whether general or targeted/role-based should be more comprehensive than the training provided to existing employees.
Identifying the ?how?
To ensure the training program is effective, a decision on whether the training should be onsite/in-person training, web-based, by external vendors or internal training by the AML team should be made. In our experience, the most effective training programs use a combination of different platforms depending on the audience and the topics that are required to be covered.
Identifying the frequency of the training
While the AML training can occur when most appropriate for the respective FI, training should be current and relevant to FIs business model and regulatory requirements. Most FIs ensure that all employees are provided a general AML training at least annually. Ongoing and targeted training can be provided quarterly to personnel who are in high-risk functions.
In addition, employees attending the training must complete knowledge assessments. Their attendance should be tracked and any unexcused absences from mandatory AML training should warrant disciplinary action. All AML training sessions should be documented, and the FI should maintain the training and testing materials, dates of training sessions and attendance records for a review.
KV Karthik is Partner – Forensic, Financial Advisory, Deloitte India and Manish Mandhyan is Associate Director – Forensic, Financial Advisory, Deloitte India