Azərbaycan Respublikası Mərkəzi Bankı Banklara Nəzarət Departamenti

Yüklə 4,9 Kb.

ölçüsü4,9 Kb.
1   ...   17   18   19   20   21   22   23   24   ...   36

Supervision Department - AML/CFT Training 
Sanctions and Asset Freezing - Governance
- An individual of sufficient authority is 
responsible for overseeing the financial 
institution‘s adherence to the sanctions regime.   
- It is clear at what stage customers are 
screened in different situations (e.g. when 
customers are passed from agents or other 
companies in the group).   
- There is appropriate escalation of actual 
target matches and breaches of    sanctions. 
Notifications are timely.   
- The financial institution believes payments to 
sanctioned individuals and entities are 
permitted when the sums are small. Without a 
license from the Asset Freezing Unit, this could 
be a criminal offense.   
- No internal audit resource is allocated to 
monitoring sanctions compliance.   
- Some business units in a large organization 
think they are exempt.   
Examples of GOOD Practice
Senior management should be sufficiently aware of the financial institution‘s obligations regarding 
financial sanctions to enable them to discharge their functions effectively.
Self-assessment questions:
• Has your financial institution clearly allocated responsibility for adherence to the sanctions 
regime? To whom?
• How does the financial institution monitor performance? (For example, statistical or narrative 
reports on matches or breaches.)
Examples of POOR practice

Supervision Department - AML/CFT Training 
Sanctions and Asset Freezing - Risk Assessment
- A financial institution with international 
operations, or that deals in currencies other 
than sterling, understands the requirements of 
relevant local financial sanctions regimes.
A small financial institution is aware of the 
sanctions regime and where it is most 
vulnerable, even if risk assessment is only 
- There is no process for updating the risk 
- The financial institution assumes financial 
sanctions only apply to money transfers and so 
has not assessed 
its risks.
Examples of GOOD Practice
A financial institution should consider which areas of its business are most likely to provide 
services or resources to individuals or entities on the Consolidated List.
Self-assessment questions:
• Does your financial institution have a clear view on where within the financial institution 
breaches are most likely to occur? (This may cover different business lines, sales channels, 
customer types, geographical locations, etc.)
• How is the risk assessment kept up to date, particularly after the financial institution enters a 
new jurisdiction or introduces a new product?
Examples of POOR practice

Supervision Department - AML/CFT Training 
Sanctions and Asset Freezing - List Screening
- The financial institution has considered what 
mixture of manual and automated screening is most 
- There are quality control checks over manual 
- Where a financial institution uses automated 
systems these can make ‘fuzzy matches’ (e.g. able 
to identify similar or variant spellings of names, 
name reversal, digit rotation, character 
manipulation, etc.).   
- The financial institution screens customers‘ 
directors and known beneficial owners on a risk-
sensitive basis.   
- Where the financial institution maintains an 
account for a listed individual, the status of this 
account is clearly flagged to staff.   
- A financial institution only places faith in other 
financial institutions’ screening (such as 
outsourcers or intermediaries) after taking steps to 
satisfy themselves this is appropriate. 
 The financial institution assumes that an 
intermediary has   
screened a customer, but does not check this.   
- Where a financial institution uses automated 
systems, it does not understand how to calibrate 
them and does not check whether the number of hits 
is unexpectedly high or low.   
An insurance company only screens when claims 
are made on a policy.   
- Screening of customer databases is a one-off 
- Updating from the Consolidated List is 
haphazard. Some business units use out-of-date 
- The financial institution has no means of 
monitoring payment instructions.   
Examples of GOOD Practice
A financial institution should have effective, up-to-date screening systems appropriate to the nature, size 
and risk of its business. Although screening itself is not a legal requirement, screening new customers and 
payments against the Consolidated List, and screening existing customers when new names are added to the 
list, helps to ensure that financial institutions will not breach the sanctions regime. (Some financial 
institutions may knowingly continue to retain customers who are listed under    sanctions: this is permitted if 
the Asset Freezing Unit has granted a license.) 
Self-assessment questions: 

When are customers screened against lists, whether the Consolidated List, internal watch lists 
maintained by the financial institution, or lists from commercial providers? (Screening should take 
place at the time of customer take-on. Good reasons are needed to justify the risk posed by 
retrospective screening, such as the existence of general licenses.)   

If a customer was referred to the financial institution, how does the financial institution ensure the 
person is not listed? (Does the financial institution screen the customer against the list itself, or does 
it seek assurances from the referring party?)   

How does the financial institution become aware of changes to the Consolidated List? (Are there 
manual or automated systems? Are customer lists rescreened after each update is issued?)   
Examples of POOR practice

Dostları ilə paylaş:
1   ...   17   18   19   20   21   22   23   24   ...   36

Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur © 2019
rəhbərliyinə müraciət

    Ana səhifə