Skip to main content
Entire section Custom print Text Only Rich Text Print

Part III—Mitigation of ML/FT Risks

Effective from 13/7/2023

The Elements of an AML/CFT Program

Commonly referred to as the three lines of defense, the basic elements that must be addressed in an AML/ CFT program are

 
  
A system of internal policies, procedures and controls, including an ongoing employee training program (first line of defense);
 
A designated compliance function with a compliance officer or money laundering reporting officer (second line of defense); and
 
An independent audit function to test the overall effectiveness of the AML program (third line of defense).
 

In setting up these three lines of defense, FIs can take into account their business nature, size and complexity.

(AML-CFT Law Article 16.1(b), 16.1(d); AML-CFT Decision Articles 4.2 , 4.3)

FIs are obliged to take the necessary measures to manage and mitigate the ML/FT risks to which they are exposed. Both the AML-CFT Law and the AML-CFT Decision provide that FIs may utilize a risk-based approach with respect to mitigation of ML/FT risks.