In the dynamic landscape of financial compliance, the role of the MLRO / AMLCO is positioned as a bastion against financial crime. However, the role is often begrudgingly taken on, with it being just another job to do and advice like “don’t agree to be the MLRO!” given to newbies. Although it’s said tongue-in-cheek, it has more than a strong hint of truth attached.
But financial crime risk management, and compliance by association, is important. It’s quickly gaining gravitas, much like cybersecurity did back in the mid-2010s after a few too many breaches. Management & boards cannot put their head in the sand on the matter – indeed, the board bears the ultimate responsibility for compliance in entities captured by money laundering regulations.
“Have an independent AML audit carried out which will pick up any gaps in your processes...it helps you identify where your programme is lacking or needs further attention.”
- Michelle Garlick, The Future of Financial Crime Compliance
So how can you ensure that you have the relevant information readily available for the board upon request, steer clear of legislative pitfalls, and make your job easier and more fulfilling? In this blog, we draw on research and advice from our clients globally giving tangible actions to help overcome resource constraints and make your life as the MLRO / AMLCO all that much better.
Appoint the right person.
If someone doesn’t want to have the AML responsibility, they won’t give it the due effort it requires. We hear time and again from clients that "The AMLCO touches every part of the business, so hire the right person and give them time to do the role. They focus on quality assurance, process, efficiency, training and reporting. They have to deal with high turnover, front-line staff frustration and non compliance.”
Krystie Moynihan, Finance Director at leading law firm Meredith Connell concurs, "[Appoint] people who understand what they are doing – not only the steps that need to be taken but also spotting things that might have been missed, or knowing the right questions to ask.”
If this isn’t what interests you (or who you have appointed / nominated) then make a change.
Change the mindset from ‘cleaning up’ to ‘keeping clean’.
MLROs / AMLCOs seem to be forever on the back foot, never having enough time to proactively assess, let alone address, gaps. Michelle Garlick, MLRO at UK firm Weightmans and former Manchester Law Society president, explains:
“Have an independent AML audit carried out which will pick up any gaps in your processes – it is a requirement of the regulations anyway, and a gap analysis will then help you identify where your programme is lacking or needs further attention.”
"[Appoint] people who understand what they are doing – not only the steps that need to be taken but also spotting things that might have been missed, or knowing the right questions to ask."
- Krystie Moynihan, Finance Director, Meredith Connell
Krystie Moynihan adds, “If you understand the context, why and what you’re actually trying to achieve, then it makes for a more effective compliance team. Gaining a really solid understanding of what the risks are enables you to address them, while having a robust review process ensures that things are picked up quickly.”
Having the necessary pieces in place enables you to position compliance as an internal consultancy, aiding in tasks within the confines of what’s allowed both legally and ethically, rather than being an impediment. It also moves the mindset of the organisation from compliance being someone else’s job to cleanup, to everyone’s job is to keep the compliance house clean.
Integrated KYC - context for priorities.
“KYC is not just about doing AML. It’s important to take into consideration the context of the client and transaction. When carrying out compliance processes, we always start from our existing knowledge about the client – what does this client do, what’s the purpose of this transaction?” Jennifer Li, former AMLCO at commercial real estate agents Colliers explains how they avoid box ticking and focus on what matters.
Michelle Garlick also echoes this sentiment. “Separate out the urgent from the important. To do this, you need to:
- Understand your firm, its clients, its people and its AML risks.
- Understand what and where the “pain points” are for your teams and clients during the onboarding process.
- Know what the regulations expect of you
- When using technology, understand what the provider is offering, what it can (and can’t) do and how it will work for your firm in practice.”
They’re not the only ones. In a recent whitepaper on building a strong AML culture, KPMG noted that “closer integration of risk assessment, investigative and due diligence processes, breaks down silos and provides a more contextual basis for determining risk and thereby helping prioritise tasks. Where AML/CTF efforts are integrated and there is a sound understanding across the business, businesses are more efficient at identifying and managing risks and more efficient in carrying out AML tasks.”
This ethos is why MLROs / AMLCOs are increasingly demanding more than an Excel spreadsheet or paper form for risk assessments. They’re requesting dynamic risk assessments to enable them to really understand institutional risk, not just a point in time siloed view of the client or transaction.
Reconsider how you do your training.
Compliance lives and dies by the efforts of many to spot the unusual. Business units are the first line of defence and need both regular and relevant training to keep money laundering and financial crime top of mind.
Regular, bite-sized training sessions are essential and Jennifer Li adds, “It’s really important to make the AML process more interesting so that our [front line staff] feel more engaged with the process – so I will include topical examples from the news to make it more real, and ask them what they think of the case.”
Embrace integrated tech.
These days, compliance complexity and regulatory requirements lead most reporting entities to rely on multiple tech platforms to meet their obligations. One recent prospect we spoke to used nine separate systems in their AML process: eIDV, PEP and sanctions screening, secure data storage, cyber security for PII etc. While this is extreme, recent research found that, over half (57%) of respondents use 3 or more third party technological subscriptions to manage their AML compliance.
Kat Wellum-Kent from Fractional Finance explains why embracing an integrated or end-to-end solution helps maximise her time and minimise effort. “While [point] solutions appear cheaper at a glance, it isn’t factoring in the time I’d spend using each tool, figuring out my next step, and following up without automations.”
“It’s really important to make the AML process more interesting...include topical examples from the news and ask [front line staff] what they think of the case."
- Jennifer Li, AMLCO, Colliers
'Add in the risks of data double-handling, disjointed information and constant task switching and it’s easy to see why all-in-one solutions are the tool of choice for stretched MLROs / AMLCOs.
This was also noted by Deloitte in their white paper The Future of Financial Crime Compliance,
The changing [financial crime] landscape not just necessitates business transformation but also compliance transformation.
Regulators [require reporting entities] to prevent, detect, and predict illicit money flows. The issue is exacerbated when legacy methods, disjointed operational frameworks, technology systems and financial crime controls remain unchanged despite criminal sophistication.
Success will be driven by the seamless integration of business strategy, regulatory compliance, risk management, technology, and operations.
Conclusion
The role of the MLRO / AMLCO cannot be understated, yet the individual in that role often faces challenges that hinder their effectiveness. To maximise efficiency and overcome resource constraints, it's essential to adopt proactive strategies.
Appointing the right person is crucial. Passion and expertise drive quality assurance, process efficiency, and compliance effectiveness. Moreover, shifting the mindset from reactive "cleaning up" to proactive "keeping clean" fosters a culture of compliance throughout the organisation.
In essence, a holistic approach that integrates people, processes, and technology is key to maximising resource optimisation, overcoming constraints, and making a transformative step toward sustainable compliance outcomes. And, who knows, it might even prevent future MLROs from advising the next generation, “don’t agree to be the MLRO!”
About First AML
First AML simplifies the entire anti-money laundering onboarding and compliance process. Its SaaS platform, Source, stands out as a leading solution for organisations with complex or international onboarding needs. It provides streamlined collaboration and ensures uniformity in all AML practices.
First AML transforms an otherwise complex and manual process into one that is simple, cost-effective, and compliant for businesses. By delivering efficiency and time savings, it protects reputations and enables companies to stay on the right side of history in the face of global threats.
Keen to find out more? Book a demo today! No time for a long demo? No problem. See what Source by First AML can do for your business in 2 minutes – watch the short demo here.