Financial Crime World

AML and CFT Policy Document

Governance Model

The Board of Directors provides oversight to ensure an appropriate framework is in place for AML/CFT compliance.

Three Lines of Defence

  • First Line of Defence: Business Lines

    • Organize and conduct business in a proper and professional manner within their areas of responsibility.
    • Ensure compliance with regulatory obligations imposed by applicable laws and regulations.
    • Keep abreast of emerging risks and disseminate information to the Compliance Function in a timely manner.

  • Second Line of Defence: Compliance Function

    • Provide guidance and training on AML/CFT matters.
    • Ensure entities within the Group comply with all regulatory obligations imposed by applicable laws and regulations.
    • Carry out investigations, sample checks, reporting of compliance risk events, and compliance remediation oversight across the Group.

  • Third Line of Defence: Internal Audit Function

    • Provide independent assurance to Management and the Board of Directors on the effectiveness of AML/CFT policies and procedures.

Roles and Responsibilities

Business Lines

The business lines serve as the first line of defence, ensuring and monitoring AML/CFT compliance on a daily basis. They are responsible for:

  • Organizing and conducting business in a proper and professional manner within their areas of responsibility.
  • Ensuring compliance with regulatory obligations imposed by applicable laws and regulations.
  • Keeping abreast of emerging risks and disseminating information to the Compliance Function in a timely manner.

Compliance Function

The Compliance Function acts as the second line of defence, providing guidance, training, and oversight to ensure compliance with regulatory obligations. They are responsible for:

  • Providing guidance and training on AML/CFT matters.
  • Ensuring entities within the Group comply with all regulatory obligations imposed by applicable laws and regulations.
  • Carrying out investigations, sample checks, reporting of compliance risk events, and compliance remediation oversight across the Group.

Internal Audit Function

The Internal Audit Division functions as the third line of defence, providing independent assurance on the effectiveness of AML/CFT policies and procedures. They are responsible for:

  • Providing independent assurance to Management and the Board of Directors on the effectiveness of AML/CFT policies and procedures.

Other Stakeholders

Roles and Responsibilities

The following stakeholders have specific roles and responsibilities in ensuring AML/CFT compliance within the Group:

  • President and Group CEO: Sets the tone at the top, fosters a culture of AML/CFT compliance, and requires and reviews compliance and audit reports indicating non-compliance with regulatory and internal control requirements.
  • Audit Committee: Reviews internal and external audit reports of the AML/CFT Programme and makes appropriate recommendations to the Board of Directors in respect thereof.
  • Risk Committee: Has responsibility for the review and approval of the risk management framework, including the review of all regulatory risks and reports prepared by the head of the Compliance Function.