Crafting Essential AML Documentation and Procedures

Entities are mandated by the Prevention of Money Laundering and Funding of Terrorism Regulations (PMLFTR) to implement robust anti-money laundering protocols, requiring annual reviews.

 

AML Manual

Our AML Manual outlines day-to-day operational guidelines, ensuring transparency in client onboarding, monitoring, staff training, and both internal and external reporting. Additionally, it encompasses procedures aligned with the Protection of Whistle-blower Act. It’s incumbent on entities to maintain the manual's accessibility and review it annually. A2CO offers bespoke Anti-Money Laundering Manuals, tailored to your firm’s specific AML regulatory obligations and internal protocols.

AML Risk Model (CRA)

Our Customer Risk Assessment (CRA) empowers you to formulate precise client risk profiles, considering customer, product/service, channel, and jurisdictional risks. Essential for new business engagements or sporadic transactions, A2CO specialises in crafting bespoke CRAs, ensuring adherence to AML statutes and local regulatory expectations. We’re proficient in developing sector-specific risk models, pivotal in upholding AML compliance and ensuring accurate customer and firm risk evaluations.

 

Client Onboarding Questionnaires (KYC)

Client Onboarding Questionnaires (KYC) Understanding your clientele is pivotaln mitigating money laundering (ML) and terrorism financing (FT) risks. A2CO assists in drafting meticulous onboarding questionnaires, enabling precise ML/FT risk assessments and ensuring continuous monitoring aligned with AML mandates. 

 

The following sets of questionnaires will be developed for you with the assistance of our professionals:

 

  • Corporate Client Onboarding Questionnaire
  • Natural Person Onboarding Questionnaire
  • Corporate Agent Questionnaire
  • Agent Natural Person Questionnaire
  • Intermediate Questionnaire
  • Corporate Client Retention Questionnaire
  • Natural Person Retention Questionnaire


Customer Acceptance Policy (CAP)

Subject persons are obliged to put in place a Customer Acceptance Policy (CAP) in order to comply with the duties established by the PMLFTR. The CAP specifies the types of consumers that your company will welcome and those that it will not serve in any capacity whatsoever. Subject persons may get assistance from A2CO Compliance Ltd. in creating a CAP that is tailored to their level of risk appetite. It is essential to keep in mind that even though the level of risk tolerance may vary from one subject person to another, a subject person's risk appetite should never be higher than what can be effectively mitigated by the measures, controls, policies, and procedures that have been adopted to address the risks that one is exposed to. This is because the level of risk tolerance may also change over time. Our group is able to provide assistance in drafting an appropriate CAP that takes into account both the risk appetite and the mitigation measures that have been established.

Jurisdiction Risk Assessment

When determining the level of risk posed by a particular client, one of the factors that must be considered is the legal environment in which the company operates. Subject Persons are tasked with deciding whether a jurisdiction should be classified as a high-risk or a non-reputable jurisdiction. According to the PMLFTR, a jurisdiction is considered to be lacking in reputation when it either has shortcomings in its national AML/CFT system or has measures for the prevention of ML/FT that are unsuitable and ineffective. Subject Persons will be provided with in-depth Jurisdiction Risk Assessments by A2CO Compliance Ltd which will grade jurisdictions as having either a low, medium, or high level of risk or as being non-reputable. When writing these types of reports, many aspects are taken into consideration, including any papers produced by the Financial Action Task Force (FATF), as well as the list published by the European Commission that identifies high-risk third countries with strategic inadequacies. After doing this analysis, the team will provide a risk categorisation that should be used whenever there is a possibility of being exposed to such jurisdiction, whether directly or indirectly. 

 

Business Risk Assessment

Our Business Risk Assessment (BRA) aids entities in identifying potential risks and vulnerabilities within their operations. Aligned with PMLFTR requirements, A2CO’s BRAs provide a thorough analysis, covering business activity description, national and supranational risk assessment analysis, ML/FT risk identification, risk model analysis, mitigation technique scrutiny, and detailed statistical analyses. Post-report presentation, company boards are tasked with a rigorous assessment and final approval of the Business Risk Assessment, ensuring a comprehensive understanding and management of business risks.

As a minimum, our Business Risk Assessments include:

 

  • A description of the business activity

  • Analysis of the National and Supra-National risk assessments

  • Identification of ML/FT risks

  • Analysis of the Risk Model of the business

  • Analysis of the mitigation techniques applied

  • Mitigation level testing

  • Detailed customer statistics and analysis of such data

  • Likelihood definition

  • Impact definition

  • Inherent Risk Grid

  • Inherent Risk Calculation

  • Residual Risk Calculation

  • Recommendations and Conclusions



CONTACT: 
CONTACT: 
John Caruana 
Anton Dalli
Compliance Director
Partner
Group 34 (1)
CONTACT:
John Caruana
Compliance Director
Group 26 (3)
CONTACT:
Anton Dalli
Partner
Related Services

AML Risk Modelling

Assistance with FIAU, MFSA
or MGA compliance visits

GDPR Consultancy

Latest Articals

12