What's new

P2.T7.20.5. Management of risks associated with money laundering and financing of terrorism (ML/FT) (Carey)

Nicole Seaman

Director of FRM Operations
Staff member
Learning objectives: Explain best practices recommended for the assessment, management, mitigation, and monitoring of money laundering and financial terrorism (ML/FT) risks.


20.5.1. A person named Jack Ryan has applied to open a new account at Quadstreet International Bank. The bank has a modern, well-established, and compliant customer acceptance policy. Immediately the bank is able to determine two facts: Jack is a high-risk customer but he previously had an account at another large bank. Further, Quadstreet does conduct business with Jack's previous bank and considers it to be reputable. With respect to money laundering and terrorism financing (ML/FT), which of the following statements is TRUE about Jack Ryan's application?

a. Jack's identity must be established and verified before carrying out any transactions
b. Because Jack is a high-risk customer, the bank is required to avoid him like any high-risk customer
c. Because Jack already has an account at a reputable bank, he can be classified as low-risk and well-identified
d. If Jack is a politically exposed person (PEP), he can be classified as low-risk on the assumption that the media already vets him and he cannot evade scrutiny

20.5.2. In the context of money laundering and financing terrorism (ML/FT) risks, which of the following statements is TRUE about the appropriate role of correspondent banking?

a. Correspondent banking should be avoided entirely due to its inherent ML/FT risks
b. Correspondent banking should be actively preferred due to its natural protections against ML/FT risks
c. ML/FT risks are lower when the transaction activity involves nested respondent banks so nested relationships should be preferred
d. Because the correspondent bank does not have a relationship with the ultimate customer, it must perform due diligence on the respondent bank

20.5.3. After reviewing and updating its money laundering and financing of terrorism (ML/FT) policies, a certain international bank internally propagates the following policies to its staff:
  • We classify ML/FT risk as an operational risk but owing to the intensity of the issues and risks, ML/FT risks will receive special attention (and resources) as an emergent sub-field of operational risk.
  • With respect to ML/FT risk, we will maintain three lines of defense: the business units; the chief ML/FT officer who reports to the CRO; and internal audit.
  • For each customer or business relationship, a profile of normal activity should be built to support the identification of abnormal activity.
  • Because we (our bank) has a presence in multiple countries, we should understand and abide by laws and regulations in each country. If a country’s laws and regulations prevent adequate management of ML/FT risks, we should consider the cessation of business in the country.
  • Subsequent to the KYC process, our customers are entitled to absolute confidentiality and privacy so that neither their activity can be monitored nor can we proactively report suspicious activity to law enforcement authorities (we can only reactively respond, on a case-by-case basis, to specific queries).
Which of these five policies is a problem and needs to be revised; i.e., which of the following statements is TRUE?

a. None are a problem: all five of these policies are sound
b. The bank cannot generate profiles of customers due to discrimination laws
c. The three lines of defense do not apply to ML/FT risks because only two can effectively play a role
d. Absolute confidentiality is incorrect because the bank must monitor (and document) activity and should report suspicious activity

Answers here: