8. Governance
Effective from 13/7/2023(AML-CFT Law Article 16.1(d); AML-CFT Decision Articles 4.2(a), 20, 21, 44.4)
In order for the AML/CFT framework of any organisation to be effective, it must be based on the foundation of a sound governance structure, and held together by a strong compliance culture.
The governance structure should take the following into consideration:
| • | Establish clear accountability lines and responsibilities to ensure that there is appropriate and effective oversight of staff who engage in activities which may pose a greater AML/CFT risk. |
| • | Have the mechanism to inform the board of directors (or a committee of the board) and senior management of compliance initiatives, compliance deficiencies, STRs filed and corrective actions taken; |
| • | Develop and maintain a system of reporting that provides accurate and timely information on the status of the AML/CFT program, including statistics on key elements of the program, such as the number of transactions monitored, alerts generated, cases created and STRs filed; |
| • | Develop and implement quality assurance testing programs to assess the effectiveness of the AML/CFT program’s implementation and execution of its requirements. |
FIs should also make sure to have management structures which are accountable for clear ML/FT risk management and mitigation measures, as well as appropriate independent control functions. Implicit in both the AML-CFT Law and the AML-CFT Decision are the elements of both, concerning which additional guidance is provided in the sections below.