Building an anti-money laundering culture

By Tim Goodrick, Senior Manager, Forensic, KPMG, TINZ Board Member with Delegated Authority for AML, OECD, UNCAC

The implementation of effective anti-money laundering and countering financing of terrorism (AML/CFT) controls are part of the requirements of the new organisations crime and anti-corruption legislation – 15 Acts that passed into law last November. Even once they are formally implemented, they can be undermined by a poor culture of compliance.

Tim Goodrick

Tim Goodrick has developed expertise on the issue of anti-money laundering over a number of years at a global level. He was on the 2014 G20 anti-corruption working group in Australia and this was a fundamental issue for that group which includes representatives from the UN, World Bank, FATF, and OECD

In contrast, a strong AML culture can help to prevent shortcomings, identify issues before becoming a concern and lead to more efficient compliance solutions.

But what does it mean to have a strong AML culture? Although ‘AML culture’ is not a defined term, it generally refers to refers to the beliefs and behaviours of a company that determine how its employees and management interact and do business.

This concept is gaining increasing attention from AML/CFT regulators globally. A review of significant enforcement action for violations of sanctions and AML laws globally has identified common issues with the culture of compliance and management oversight. The importance of this is highlighted by the growing number of corporate scandals relating to issues such as such as sanction violations, financial misconduct, Libor rate rigging, bribery and corruption.

Actual experience with financial institutions in New Zealand has found that a strong AML culture leads to successful compliance outcomes.

The following seven building blocks assist in building a strong AML culture and have been identified as milestones that can be measured and improved:

  1. Tone from the top: Setting the tone for a strong AML culture comes from the top – with C-suite leaders promoting a positive and consistent message.
  2. Leadership engagement: Ultimate responsibility lies with your leadership team – so they must understand the risks, and ensure robust compliance structures. Board members play a key role by asking the right questions.
  3. Quality monitoring: Ongoing monitoring and compliance management is an AML requirement. It should cover all AML activities and be fit-for-purpose and clearly articulated.
  4. Balanced interests: In pursuing markets or clients, risk personnel should be at the table to balance the business case against risk appetite tolerances.
  5. Sufficient resourcing: It’s essential to allocate sufficient resources to AML/CFT compliance – including technological resources, process management, and expert personnel.
  6. Business as usual: Effective AML/CFT controls should be integrated into business processes, so that compliance becomes BAU. For example it’s more efficient to collect all relevant information from a customer at the on-boarding stage (rather than follow-up later).
  7. Training and communication: It’s important that staff understand both the ‘what’ and the ‘why’ of compliance. Communicating the real value of their work will lead to enhanced compliance.

These seven building blocks work are for all types of organisations. Through this, it’s possible to generate increased returns, higher profitability and productivity.