It has been a year since the European Union approved its Fourth Money Laundering Directive and there is one year to go for the closing of the transposition period. For new sectors which will be covered under the ‘obliged entity’ definition, this means that the time is running short to ensure that proper anti-money laundering (AML) culture has soaked in the system and day-to-day checks are in place at client on-boarding and servicing. Promoting such culture requires a firm board commitment and inclusion of AML as a component of good corporate governance at obliged entities is an important requirement at Gaming entities. Directors should invest time and dedication in order to attain an effective culture change. The purpose of this article is to present the main pillars that the directors should put in place for this project which are: Communication, Leadership and Control.
Effective leadership is the catalyst of culture change. The first step is to start including AML as an item on the Board’s agenda. The directors should not just skim through the subject but should dedicate enough time to discuss the entity’s policies, how AML milestones are being achieved and whether these are effective enough. The directors should challenge and assess whether the policies, procedures and processes, are commensurate with the business risks and can effectively mitigate the money laundering risks.
For the everyday implementation, the Board should consider the delegation of this important project to a dedicated working committee. In smaller entities an individual could be appointed to oversee this project, and where necessary assisted by external expert consultants. Whatever the type of set-up opted, the Board of Directors should ensure that the persons that are involved in this project are not only knowledgeable on the subject and on the regulatory requirements but actually have hands-on experience on AML. Also, the MLRO that will be appointed is suitably qualified to lead the AML function following the coming into force of this legislation and is able to manage the AML risk efficiently and effectively. In addition, such individuals must be of an independent mind and should be provided with the right opportunity to positively challenge the system. Of course one cannot underestimate the importance of resources and the directors should actively support the provision of appropriate budgets both at the implementation of the project but in support of ongoing AML requirements.
Effective training on AML ensures that staff not only understand the regulatory requirements but also appreciate its importance. This is also an excellent opportunity for the Directors to ‘set the tone’ on the matter. In general, the training, whether online or in a classroom set-up, should at least cover the legislative framework, the entity’s policies and procedures on customer due diligence, record-keeping and reporting of suspicious transaction reporting and the name and contact details of the MLRO. Repercussions of non-compliance clearly outweigh any perceived nuisance that comes with adhering to the policy.
The final AML Policies and Procedures need to be easily accessible and in this regard the use of intranet systems are a good option to consider. Internal circulars should at least cover the need to comply with AML and such messages will have a higher weighting if this is issued directly by the Chief Executive Officer, for example, or by board members collectively. The message should be a positive one but at the same time tough on non-compliance and non-cooperation during such project and post-implementation. As goes by saying you have to be ‘cruel to be kind’ and this approach can re-align employees’ attitude.
Basic as it may sound, control involves listening. This important process will assist in understanding the drivers that are helping or hindering the right culture and good governance. However, it makes sense that any controls are calibrated. Too many controls and restrictions can hinder the business and might be excessive to the type of money laundering risk at hand. On the other hand, high money laundering risk situations call for enhanced due diligence and appropriate controls. Moreover, at each stage of this project and also post-implementation the directors need to reassess whether the control processes are efficient and effective to manage money laundering risk. This also ensures that the whole AML system is updated with the external macro and micro developments which are impacting the day-to-day evolvement of the entity’s business.
As part of the ‘listening’, the Directors should request reports by the responsible persons on AML. At AML project implementation, this needs to be presented by its respective Chairman of the working group or the person responsible on this project. As part of the AML regulatory requirements and post-implementation, the MLRO should be then the person responsible for presenting such report. During such reviewing and discussion, the Directors, in particular those occupying non-executive roles need to ask themselves whether the confirmations provided are actually closing the relative compliance gaps and where need be, they should constructively challenge the system as part of this exercise.
Another important aspect that needs to be considered are the control functions such as compliance and internal audit. Whilst noting the latter, the engagement of a compliance officer at senior management is a mandatory regulatory requirement
in terms of the Fourth Money Laundering Directive. On the other hand, the appointment of an internal auditor needs to be considered by the same directors based on the scope, scale and complexity of the entity’s activities. Going back on the principles of leadership, the knowledge and experience of persons engaged in this function is of the essence in ensuring that good filters are in place.
Final thoughts on corporate governance
This is an overall description of the good governance to AML. Yet, whilst this concentrated on AML one should not disregard the principles of good governance on a separate exercise such as having the right mix of non-executive and executive Directors which are now becoming a ‘must have’ in regulated set-ups. On the other hand, the high financial repercussions and reputational damages brought by non-compliance could put the entity at stake and Directors cannot continue to disregard this requirement and cannot afford to postpone this further. Moreover, a sensible and intelligent approach to AML achieved through proper governance can really have a positive culture change.
Author: Claire Camilleri Gauci, Compliance Specialist and Director of Aid Compliance Limited