KPMG Insights
The revised circular of BNM on AML/CFT Compliance Officer Appointment Notification Method and Targeted Financial Sanctions Reporting Forms together with the new AML/CFT training e-platform is levelling the playing field for digitalisation of AML/CFT processes of traditional banks and the upcoming digital banks which will be licensed in 2022. The question for all RIs remains; whether resources are adequately upskilled to embrace digitalisation of AML/CFT processes.
A move away from physical processes is driven not only by technological advancement, but also by the effects of the Covid-19 pandemic, changes in demographics and the growing pervasiveness of digitalisation.
Taking into consideration the willingness of BNM to embrace technological advancement, we can expect other RIs who had yet embrace technology to follow suit and digitalise its AML/CFT processes. We foresee that RIs would pursue digital control measures in their reporting systems to be in further compliance with BNM guidelines.
What does this mean for digital banking licence applicants?
Applicants of the digital banking licences would do well to showcase their capabilities in complying with the AML/CFT requirements at this early stage - if only to reassure BNM that they have a clear understanding of the AML/CFT laws and regulations and share BNM's commitment to this purpose.
Where to start?
Applicants should first identify and assess the potential money laundering and terrorism financing ("ML/TF") risks posed by their intended customer bases and business offerings.
Hard-hitting questions need to be asked, such as:
- What is my level of exposure to ML/TF risks if I allow accounts to be opened through agents?
- What is the likelihood that scammers or "money mules" will open a digital bank account?
- How might the transaction channels I am offering be misused for ML/TF?
These pulse checks will help identify the control measures needed to mitigate such risks and allow digital banks to set their risk appetite.
It does not stop there. Applicants should thereafter outline the AML/CFT compliance programme to be implemented should they successfully receive a digital banking licence. Here, applicants need to prove they can and will mitigate ML/TF risks identified and comply with regulatory requirements. This includes but is not limited to:
- determining the governance and oversight functions as well as resources;
- drafting policies and procedures
- developing plans to identify customers such as via electronic-know-your-customer ("e-KYC"); and
- identifying user and system requirements for transaction monitoring and name screening systems.
The outline of the applicant’s AML/CFT compliance programme should be part of their proposal to BNM as an assurance that they have a thorough action place in place.
|