Have you updated your AML internal control system?

The Law on Money Laundering and Terrorism and Proliferation Financing (“Law”) obliges the Board of a company to review its AML files at least once every 18 months.

The applicable provisions of the Law underline the ‘subjects’ brought under the application of the Law must determine the inherent risks of money laundering and terrorism and proliferation financing (“AML”) of their company according to their type of business or operational activity. Within this risk assessment, the subjects of the Law must establish an internal control system (“Internal Control System”), including the development and documentation of the relevant policies/procedures approved by the Board. ^[1]

The obligation of the subject in relation to the Internal Control System includes the following obligations: (1) the Internal Control System is required to be regularly updated; and (2) to ensure employees are familiar with the company’s AML risks, applicable regulatory enactments covering AML and the activities of customer identification, risk prevention, etc. (provided for in the Internal Control System).

1) Renewal of the Internal Control System

The Law imposes an obligation upon the subjects of the Law to at least every 18 months, evaluate the effectiveness of the operation of the company’s Internal Control System. In particular, the subjects of the Law must review and update the AML risk assessment related to all customers, their country of residence or registration, economic or personal activities, the services used, products and their delivery channels, as well as all transactions carried out. [2]

If, when examining the Internal Control System, any deficiencies are uncovered  subsequent or amendments to the Law have occurred, the laws and regulations related thereto or the guidelines of the institution supervising the relevant company that affect the content of the Internal Control System, then it is necessary to update the Internal Control System. When carrying out inspections, supervisory authorities pay particular attention to a company’s Internal Control System.

2) Employee training

The Law stipulates the subjects of the Law must ensure employees, in accordance with their official duties, are familiar with the company’s AML risks, the regulatory enactments regulating AML, the customer identification and research procedures provided for in the company’s Internal Control System, signs of suspicious transactions, risk prevention activities, as well as personal data protection requirements within the scope of AML. [3] Accordingly, the subjects of the Law should regularly, preferably not less than once a year (or more often if new employees join the company), conduct employee training on this topic. The training of employees, as well as the participation of employees in the training programmes, must be documented. A supervising authority is entitled and also requires the training of employees and their attendance documentation in its inspections.

VILGERTS offer

The VILGERTS AML team regularly assists clients both in updating internal control systems and conducts training of customer employees so as to ensure clients achieve full compliance with the requirements specified under the Law.

The Internal Control System of each client is updated in accordance with the type of activity of the client, as well as the employee training program and type is prepared individually and in accordance with the type and requirements of the client’s activity.

Renewal of the internal control system: 600 EUR – 800 EUR plus VAT (according to the volume of the document).

Employee training: 1'000 – 1'200 EUR plus VAT

[1] Likuma 6.pants.

[2] Likuma 8.pants.

[3] Likuma 9.pants.