Our client is a subsidiary of a European commercial bank located in south East Asia. The local organisation has undergone significant change in recent years.
Based on observations from management at local, regional and head office level a local audit firm is asked to do a risk assessment on AML/CFT across the organisation.
Upon completion of the assessment i-KYC is to assess the recommendations, support the implementation, ensure that root causes are addressed and perform quality assurance on the project.
During the project the 3LoD model needs to be implemented and changes need to be carried through in a sustainable way; behavior and culture throughout the organisation need to change.
While the risk assessment was in progress, i-KYC acted as an advisor to the client, familiarized with the organisation and prepared for the implementation phase.
Upon delivery of the risk assessment report i-KYC took over, focusing on:
- Translation of the recommendations into concrete actions
- Assessing recommendations’ impact on BAU
- Quality assurance of the implementation
- Stakeholder management
- Project timelines and deliverables
- Hands-on support to the teams responsible for the implementation
At the start, the project was considered to be owned by the Compliance Team. i-KYC made the project plan together with the local team and defined work streams in accordance with the 3 Lines of Defense model. As a result the majority of actions were allocated to the 1st line of defense, with an oversight role for a dedicated Steering Committee.
The project plan had a 4 month timeframe followed by a month of aftercare and quality assurance. All milestones were delivered on time and to requirement. All operational AML/CFT processes were repaired and improved, an MLRO dashboard was introduced and the governance around management of exceptions, issues and backlogs was implemented. During the project root causes were addressed and all staff across the organization involved in AML/CFT processes received instructions and training on the new way of working.
The organization now has the required procedures and controls in the AML/CFT environment, while several steps for further developing the 3 LoD model were defined and a CDD file remediation plan was delivered.