AML KYC Tutorial | Internal Control and structure in banks

Internal Control and structure in banks

In order to control money laundering, it is important that the Internal Control and structure in banks are stated clearly, banking by nature faces a huge amount of risk and thus the internal control systems in the context of banking organizations have special importance for sound operations. All kind of organizations has similar basic elements of an internal control system. The type of organization and the complexity of its business are deciding factors of the structure, nature, and extent of internal controls. A robust internal control system ensures that the bank objectives long-term profitability targets are met. Also, it ensures that reliable financial and managerial reporting is maintained. A robust internal control system can also help to ensure compliance with laws and regulations as well as policies, plans, internal rules, and procedures, and decreases the risk of unexpected losses or damage to the bank’s reputation.

Roles and Responsibilities of the Staff

Must have access to AML information relevant to their role or position.
Reporting of suspicious transactions.
Banks need to take appropriate measures so that relevant employees are aware of,
Policies and procedures put in place to prevent money laundering.
The legal requirements contained in the PMLA and the rules and regulations framed thereunder.
KYC/AML guidelines issued by the RBI from time to time.

Roles and Responsibilities of the Board of Directors and Senior Management

The Board of Directors and the senior management of the bank have the responsibility to ensure that the bank’s control processes and procedures are appropriately designed and implemented, and are effectively operated to reduce the risk of the Bank which may be used in connection with money laundering or terrorist financing.

Following measures is the responsibility of senior management:

Appointment of Principal Officer: It is the responsibility of the Board of Directors to appoint the Principal Officer (PO). PO must have a sufficient level of seniority within the bank and sufficient resources, including sufficient time and (if necessary) support staff. The level of resources should be according to the size, complexity, and geographical spread of the bank’s customer/product base and should include arrangements to apply in the event of the temporary absence of the PO.
Managing the risk of money laundering: The senior management of the bank is required to ensure that appropriate risk-based policies are in place across different aspects of the business. The banks should adopt an approach to avert themselves of the risk of being used for the purposes of money laundering or terrorist financing. Senior management must be entirely engaged in the decision-making and must take ownership of the risk-based approach since they will be held accountable if the approach is inadequate.
Guidance against “Tipping off”: Senior management should provide sufficient guidance to staff to ensure that the customers are not informed (i.e. tipped off) that his/her accounts are under monitoring for suspicious activities and/or that a disclosure has been made to the FIU-IND. The Bank can however make normal inquiries to learn more about the transaction or instruction to determine whether the activities of the customer arouse suspicion. Where it is known or suspected that a Suspicious Transaction Report has already been made internally or externally, and it then becomes necessary to make further inquiries, care must be taken to ensure that the suspicion is not disclosed either to the client or to any other third party. Subject to internal procedures, such inquiries should normally/only be made as directed by the Principal Officer (PO).

This module covers the following topics: