AML SUPPORT SERVICES FOR CREDIT UNIONS

WDA have designed a comprehensive support service for the implementation of an effective AML Compliance Universe (Stage 1 below) and a follow on Support Service to provide Credit Unions with assurances regarding the on-going compliance and monitoring of AML controls (Stage 2 below).

Stage 1 has been tailored specifically for  roll out with redflare software users as it had the facilities to support the multiple registers and compliance plans required to effectively manage AML compliance in the current environment.

• AML Set-up and Implementation

WDA will design and set-up an AML specific dashboard within Red Flare to include 9 individual tiles, see sample dashboard below

• AML Risk Register

WDA will import the CU’s AML Risk Register from the AML Risk Framework document.  If you don’t have an AML Risk Register, we will import a standardized AML Risk Register. Inherent and Residual Risks will be scored in line with current AML Risk Framework:

• AML Risk Appetite Statement

WDA will design an AML Specific Risk Appetite Statement for BOD approval, incorporating Risk Appetite, Risk Capacity and Risk Tolerance.  This AML RAS will be imported into Red Flare as a new category to map against AML Risks.

• AML Compliance Register

WDA will design an AML Compliance Register specifically aligned to the CBI AML CU Guidance document issued in 2015. There are 76 separate AML compliance obligations captured within this register for ongoing assessment by the MLRO on a periodic basis.

• AML Libraries & MLRO Reports

WDA will design and set-up AML specific libraries within Red Flare, to capture AML Training, AML Supporting Documentation and MLRO Reports.  Historic data will be imported into these libraries i.e. past 12 MLRO reports or historic training material.

• AML Internal Audit Recommendations

If the CU has received an AML themed Internal Audit, we will import in the recommendations and update their status.

• AML Assurance Testing

WDA will design an assurance testing schedule for 12 months covering all risk transactions and trigger events.

• AML Monitoring Schedule

WDA will design a monitoring schedule for 12 months covering all risk transactions and trigger events.

• AML Governance

WDA will review the minutes for the past 12 months and import in specific references to AML within the BOD minutes and tread discussion.

• Training and Handover

WDA will train MLRO in the navigation and use of new AML dashboard, and walkthrough each tile.

• AML Policy, Risk Assessment & Framework – Step 1

WDA will review the existing Money Laundering policy and AML Policy within the CU and recommend the necessary updates as per the Criminal Justice Act 2010 to the management team and board for consideration if required.

•  AML Identification & Risk Register– Step 2

WDA will review the status of the current AML Risks within the risk register to identify any potential gaps / omissions. The AML risk register will be an orphaned Risk Register i.e. it will not be reflected within the Consolidated / Main CU risk register.

•  AML Duties – Step 3

WDA will produce monthly Management Information to the Board regarding AML/CFT activities at the credit union. This will consist of sufficiently detailed reports designed by WDA staff to ensure that the Board is able to make informed and appropriate decisions based of the information provided by the MLRO.

• Risk Assessment / Treatment / Mitigation – Step 4

WDA will assess the AML risk register on a quarterly basis and consider residual assessment scoring. Internal controls / treatments to mitigate against any AML/CTF risks and their potential impact on the CU will be discussed with management. WDA will assess the risks and ensure that there are sufficient controls in place to avoid any potential breaches in the operating procedures. These tasks will be allocated to responsible staff members for performance tracking to the MLRO. Assurance testing will be done periodically to ensure that records are being retained and in line with the CU policy. A Top 10 AML residual risk report will issue each quarter for BOD review.

• AML Compliance Monitoring – Step 5

WDA will assess on an ongoing basis the CU against the AML compliance obligations within the AML compliance register.  An AML compliance status report will be provided to the BOD for review each quarter indicating areas of compliance, partial compliance, and non-compliance.

Any non-compliant or partially compliant obligations (breaches) will be added to the compliance breach register and mitigation tasks will be designed to remediate identified weakness and then assigned the management team.

• AML Assurance Testing – Step 6

WDA will conduct monthly assurance testing on a sample basis against documented internal controls. Sample sizes and trigger events will be agreed with CEO and incorporated into an AML Plan.  This will enable the MLRO to provide assurances to the BOD as to the level of effectiveness of the controls.  All testing will be uploaded on an excel spreadsheet into the assurance library for monitoring on an on-going basis

• AML Monitoring – Step 7

WDA will monitor on an on-going basis various transactions and trigger events and upload this document to the monitoring library within Red Flare.  Key Risk Indicators will also be tracked and linked to specific risks.

• AML Reporting & AML Recommendations – Step 8

WDA will produce reports on a monthly basis for the MLRO to review and edit accordingly.  Reporting is prepared on an arrear’s basis, i.e. the month of September will issue to the CU by 21^st October.

As there isn’t significant changes in AML/CTF Risk & Compliance status month to month, WDA adopt two styles of reporting, being Full and Limited reporting.

Full report will issue every quarter and the limited will issue twice a quarter.  These reports will be uploaded to Red Flare (MLRO Library). Reports will issue to the CEO & MLRO for review initially and then they will be released to the Board of Directors. The design and content of these reports will be agreed at the commencement of the engagement.

Where a significant event or breach occurs, WDA will bring this to the attention of the CEO and MLRO immediately. Identified AML Recommendations will be allocated against internal controls and will also be produced on a monthly basis within the MLRO Report and tasks will be assigned to the individual users responsible.

• Annual AML Report to BOD – Step 9

It is also good practice for the MLRO to produce an Annual MLRO Report comprehensively detailing the work of the MLRO and Money Laundering/Terrorist Financing risks facing the credit union. WDA will prepare the annual report to BOD as required within CBI Guidance.

• Annual AML Training to BOD – Step 10

WDA will provide certified AML training (LIA and ILCU) to the BOD on an annual basis.  This training can be online or in person subject to BOD preference.

WDA will be not responsible for the day-to-day monitoring of transactions or review / processing of suspicious transaction reporting (STR).  We will track STRs within our report based off management information provided.