ICCL

24/09/2021

根據於8月30日的【明報專訊】(附超連結)，警方國安處早前引用《港區國安法》要求支聯會提交多項資料，包括自2014年起的在港資產、收支及會議紀錄等。當中引述《大公報》消息報道，警方或調查為支聯會核數的公司有否協助處理涉勾結外國勢力資金或協助逃稅等，該會計師行回覆明報的查詢稱已於今年1月28日辭任支聯會核數師職務。警方沒回應報道內容是否屬實，稱會按實際情况依法採取執法行動。

上述【明報專訊】引述《大公報》消息報道，警方或會對支聯會作全面的財富調查，並調查其核數公司有否協助處理涉及「勾結外國勢力」的可疑資金、其他犯罪得益或協助逃稅等罪行。

根據香港會計師公會的反洗錢和反恐融資指引(AMLO GUIDELINE)，除非會計師自願採取良好做法(GOOD PRACTICE)，會計師為客戶提供的服務倘涉及”指定活動”(例如代客戶處理資產或提供和公司秘書相關服務等)時才需強制進行客戶盡職調查(CDD) 和記錄保存(RECORD KEEPING)等要求，否則提供一般核數服務時只需符合可疑交易報告和制裁名單篩查(SUSPICIOUS TRANSACTION REPORTING AND SANCTION SCREENING)要求。

就上述提及警方或會對支聯會作全面的財富調查，並調查其核數公司有否協助處理涉及「勾結外國勢力」的可疑資金、其他犯罪得益或協助逃稅等罪行，事實上，當在採取CDD程序情況下，會計師行一般會在簽署受聘協議前了解客戶背景、受益人、包括評估組織操作、財務狀况、股東架構、董事及主席有否牽涉訴訟或政治關聯人物(PEP)等，並以風險為本(RBA)方法評估風險，再採取相應風險緩減措施，甚至不會接納為客戶提供核數服務；但若會計師行不是採取GOOD PRACTICE而沒有進行CDD，或在進行”指定活動”時接納有關客戶後方發現沒有按CDD要求作評估，或評估粗疏而未留意潛在風險，會計師行便可能無法及早發現問題而呈交可疑交易報告(STR)，且面對可能違反AMLO的法律和合規風險。

根據《文匯報》早前報道， 民建聯立法會議員葛珮帆表示，「支聯會」賬目不清、資金去向不明，有可能觸及洗黑錢及偽造賬目等罪，而且被懷疑與「支聯會」有財務往來的「華人民主書院」亦曾經從「美國國家民主基金會（NED）」取得資金，更令人質疑「支聯會」與外國勢力千絲萬縷，警方務必徹查。她又呼籲任何人或機構若發現與「支聯會」相關的違法行為，應報警跟進。此外，全國政協委員、工聯會理事長黃國指出，「支聯會」的賬目向來備受外界質疑，而該會計師行的做法更反映事件不尋常，有理由相信「支聯會」的實際財務狀況或與外國組織有密切關聯，更可謂深不見底，警方務必徹查。民建聯立法會議員葛珮帆表示，「支聯會」賬目不清、資金去向不明，有可能觸及洗黑錢及偽造賬目等罪，而且被懷疑與「支聯會」有財務往來的「華人民主書院」亦曾經從「美國國家民主基金會（NED）」取得資金，更令人質疑「支聯會」與外國勢力千絲萬縷，警方務必徹查。

據報導警方已去信支聯會多名常委，表示有合理理由相信支聯會屬「外國代理人」，要求他們於指定日期前提交指明資料。《文匯報》及《大公報》引述消息報道，警方或調查協助支聯會核數的公司有否協助處理涉「勾結外國勢力」可疑資金、逃稅或其他犯罪得益等。

會計師可如何自保?

我們建議會計師行應增加資源投放在AML/CFT COMPLIANCE方面(可包括考慮聘用外部的專業AML/CFT顧問作一次性的服務或外判服務)，並盡快就其客戶群特色和行業，並服務範圍等進行公司風險評估(FIRMWIDE RISK ASSESSMENT)，盡量採用香港會計師公會 AMLO GUIDELINE 內的GOOD PRACTICE，即在SANCTION SCREENING和SUSPICIOUS TRANSACITON REPORT最基本的法例要求以外，對所有客戶進行CDD和持續監控，以及早發現客戶可能出現的狀況和有效地及早向JFIU 呈交可疑交易報告，增加自身在法律下可以得到的保障和在已進行CDD的情況下給予辯解的理由。此外，也需特別留意NGO類別客戶的背景，了解其資金來源和財富來源(SOURCE OF FUNDS AND SOURE OF WEALTH)並作分析和記錄。例如:會否有向會員或公眾收集資金，其對手的資金來源和金額等，以在接納客戶(CLIENT ACCEPTANCE)階段及早作出評估和作出相應的風險緩減措施。

如想了解更多有關AML/CFT的服務或需要有關合規咨詢，請瀏覽我們的網頁並聯絡我們(www.icclconsultancy.com)。

https://m.mingpao.com/pns/%E8%A6%81%E8%81%9E/article/20210831/s00001/1630346692013/%E6%9C%83%E8%A8%88%E5%B8%AB%E8%A1%8C%E7%A8%B11%E6%9C%88%E5%B7%B2%E8%BE%AD%E6%94%AF%E8%81%AF%E6%A0%B8%E6%95%B8

27/08/2021

TCSPs: Are you ready for the Companies Registry (CR) AML/CTF Inspection?

According to a CR’s briefing session to TCSPs in Dec 2020, it was noted that as at 30 Nov 2020, the CR had conducted 3,188 inspections and 1,952 interviews for Anti-Money Laundering/ Counter-Terrorist Financing (AML/CTF) review on Trust or Company Service Providers (TCSPs), with 859 warning /advisory letter issued and 1,380 summonses issued. It was noted that the results revealed that there were serious compliance gaps of TCSPs in relation to AML/CFT matters. It is important to note that for serious cases, the CR may suspend, revoke or not to renew TCSP’s license.
Since the implementation of the CR’s Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers (The Guideline) in March 2018, it is a regulatory requirement for TCSPs to take all reasonable measures to mitigate the risk of ML/TF, and to ensure that the AML/CTF requirements under the AMLO are complied with. It was noted that it may be common that Practices also operate TCSPs for company secretarial business and to adopt the HKICPA’s sample guideline for Practices also to their TCSPs business operations. However, it is necessary to note that different industries exposed to different AML/CFT risks hence there exists some different industry emphasis and regulatory focus from different regulators that need some refinements.

If you are a TCSP, during an inspection by CR, there will be an intensive review placed on the TCSP’s implementation of risk-based approach and risk assessment, the adequacy of their internal AML/CFT manual to comply with the Guideline, AML/CTF sanctions and PEPs screenings, on-going monitoring, record keeping and the implementation of Customer Due Diligence (CDD) and KYC of beneficial ownership information and persons purporting to act on behalf of customer etc. To fulfil the above-mentioned obligations, TCSPs must assess the ML/TF risk of their businesses, develop and actually implement their internal AML/CTF manual on risk assessment, CDD measures for different types of clients, perform ongoing monitoring of customers; develop suspicious transactions reporting mechanism, maintain record keeping and to conduct staff training etc. according to the Guideline.

We recommend TCSPs should manage the AML/CTF compliance for inspection process proactively and as early as possible in order to reduce surprises when they cover the key risk areas mentioned above. It is also important to train and brief your staff of all the policies and procedures before the inspectors of CR arrive. In case you have already encountered some shortcomings after the CR’s inspection, we may assist to work out the remedial measures for the findings according to the requirements of the CR.

Interestingly, according to a news report of Ming Pao finance (attached link) on 20 Aug 2020, it was noted that the HKICPA has taken a more stringent approach in enforcements recently for inspections and investigations of Practices’ possible non-compliance cases. As discussed in our five previous posts in relation to the common deficiencies of controls for AML and CTF for Practices as discussed in ACMR reports, it was noted that AML/CTF non-compliance reflected serious compliance gaps for Practices hence it is important for Practices to take a more serious and proactive approach to enhance their AML/CTF compliance to cope with the upcoming HKICPA inspections and future FRC’s regulatory approach, together with the CR’s inspection and enforcement for their TCSP’s business.

In case your Practice or TCSP needs external professional compliance support for AML/CFT matters, please contact us for assistance (www.icclconsultancy.com).

https://www.mpfinance.com/fin/instantf2.php?node=1629451639812&issue=20210820
【李曉佳專欄】會計師公會似「跑數」 向政府爭權 (18:00) - 20210820 - 即時財經新聞 - 明報財經網 (mpfinance.com)

【明報專訊】香港政治環境突變，不同行業的專業團體都陸續被清剿，例如擁有48年歷史的教協，早前已宣布解散；香港金融圈一定利字當頭，少談政治，理論上影響較小，不過會計師公會亦面臨危機。早前財務匯報局開聲要收....

20/08/2021

RE: How to address the weaknesses identified in ACMRs? .5: Insufficient Staff Training and Hiring

According to the report of ACMRs, effective staff training and hiring procedures can facilitate practices to prevent and detect ML / TF activities. The AML Guidelines of HKICPA require practices to provide appropriate and adequate AML / CTF training to staff members and to establish policies and procedures to ensure integrity of new employees. In ACMRs, the HKICPA found that some practices had not implemented sufficient procedures to achieve compliance with staff training and hiring requirements.
In respect of staff training, the ACMRs reminded practices should pay attention to the following:-
• Provide regular AML / CTF training to all relevant staff members
• Training materials should cover all essential topics (e.g. suspicious transaction reporting, restrictions relating to tipping off and CDD procedures)
• Implement measures to monitor training effectiveness (e.g. arranging a quiz and monitoring the compliance of staff with the practice’s AML/CFT controls so that further training needs may be identified and appropriate action can be taken)
In respect of staff hiring, the ACMRs reminded practices should pay attention to the following:-
• Implement procedures (e.g. name screening) to ensure integrity of new employees
• Equip new employees with AML / CTF knowledge before they commence work (e.g. conducting new joiner AML / CTF training)

Although Section 670 (staff training and hiring) of the AML Guidelines is mandatory for practices providing Specified Transaction work or having adopted good practices, the HKICPA still recommend other practices to provide relevant AML / CTF training to employees to ensure they at least understand the following areas:
• What is ML / TF?
• The need and how to identify and report suspicious transactions to the money laundering reporting officer; and the offence of tipping off
• Policies and procedures concerning financial sanctions and terrorist financing

Apart from the issues raised in the ACMRs above, it is also noteworthy that practices are expected to establish, maintain and operate appropriate procedures in order to be satisfied of the integrity of any new and existing employees. In addition to conduct name screening, practices may also consider to put the following staff declaration in the employment letter:-

"I confirm that for the term of this employment neither I nor, to my knowledge, is the target of economic or financial sanctions measures imposed by the United Nations, the European Union, the United Kingdom, the United States or any relevant and applicable jurisdiction."

The same declaration may also be put in the engagement letter with client as a kind of AML/CFT risk management measure:-

"I confirm that for the term of this engagement neither I nor, to my knowledge, any relevant persons (e.g. directors, authorized signers or persons purporting to act on our behalf etc.) or beneficial owners are the target of economic or financial sanctions measures imposed by the United Nations, the European Union, the United Kingdom, the United States or any relevant and applicable jurisdiction."

According to the IAASB ISQM 1 in relation to Resources, there are four components in this area. They comprise human resources, technological resources, intellectual resources and financial resources. Resources should be allocated and assigned that are consistent with the firm’s commitment to quality. In respect of human resources, they include both individuals in the firm and individuals external to the firm used in the SOQM or performance of engagements, i.e., individuals from within the firm’s network or employed by a service provider. In order to release invaluable human resources so that they can concentrate on audit engagement, practices may consider to employ service provider or expert providing consultation, especially on the evolving and complicated compliance issues arising from AML and CFT.

In case your practice needs an economical package for providing introductory training for all your new staff and refresher training for all existing staff to comply with the requirements and recommendations of the HKICPA, please contact us for assistance (www.icclconsultancy.com).

30/07/2021

RE: How to address the weaknesses identified in ACMRs? .4: Failure to comply with all CDD requirements

According to paragraph 620.2.1 of the AML Guidelines, CDD (Customer Due Diligence) information is an important element to determine whether there are grounds for knowledge or suspicion of ML / TF. While reporting of suspicious transactions is compulsory for all Practices as it is a statutory obligation regardless of the scope of services to be provided, it is important that Practices could form a reasonable belief that they know the true identity of each client and, with an appropriate degree of confidence, know the type of business and transactions that the client is likely to undertake and the source and intended use of funds. At a minimum, a standard level of CDD measures expected of Practices on a client includes:
• Identification of the client, its beneficial owner(s) (“BO”) and the person(s) purporting to act on behalf of the client (“PPTA”)
• Verification of their identities and PPTA’s authority to act
• Obtaining information on the purpose and intended nature of the business relationship

In ACMRs, samples of CDD performed for Practices revealed that there were instances where they failed to comply with all CDD requirements. Below are some examples where some elements of CDD may not be up to standard. In respect of client risk assessment, some Practices may fail to assess ML / TF risk of each client and to take into account the client type, geographical location, services offered by the practice and mode of delivery of the services in the assessment. In respect of PPTA, Practices may fail to regard the person who is authorized to act on behalf of a client to establish a business relationship with the Practice (i.e. the person who has signed or will sign an engagement letter on behalf of the client) as the PPTA. Practices should verify the PPTA’s identity, as well as his / her authority to act, in all types of CDD, including simplified CDD. For Politically exposed person (“PEP”) and client not physically present for identification purpose, issues and reminders please refer attached table.

Where the client is not physically present for identification purpose and the client is unable to produce original documents on-site, Practices may consider accepting documents that are certified to be true copies by an independent qualified person (e.g. banks, SFC licensed persons, authorised insurers and DNFBPs etc. or such persons in an equivalent jurisdiction) to guard against the risk that documentation provided does not correspond to the client whose identity is being verified. However, Practices should exercise caution when considering accepting certified copy documents, especially where such documents originate from a country perceived to represent a high risk, or from unregulated entities in any jurisdiction.

While for PEP identification and monitoring, Practices should subscribe a commercial database (or to utilize relevant services provide by an independent consultant) to perform name checks to identify if a client or BO is PEP during client onboarding and regular review, and to perform necessary risk assessments and to adopt relevant risk mitigation measures.

As mentioned in our last post, one of the most important implications of the Financial Reporting Council (Amendment) Bill 2021 that gazetted on 16 July 2021 is that under the new regime the Financial Reporting Council (FRC) has powers to inspect, investigate and discipline non-PIE auditors. In view of above, it is important for non-PIE auditors to get prepared early for compliance with the weaknesses identified under the ACMRs. In case Practices do not have adequate resources, expertise and an independent party to implement the above, they may lack the necessary defense or being put in a disadvantaged position under practice review and FRC’s inspection in future. According to the findings of ACMRs, it is revealed that ML/TF requirements and procedures are very technical and specific that Practices may not have adequate time and effort devoted for compliance, after engaged in daily work of audit and other routine services. Hence, Practices should consider outsourcing all or part of the works in relation to AML/CTF to an independent outsourced service provider, in order to mitigate the relevant reputation risks and legal risks arising from the regulatory compliance issues in relation to ML/TF.

To facilitate your preliminary assessment in this area, we can provide a complimentary on-site self-assessment for your company to identify the actual and potential compliance gaps and to discuss how our captioned services may help to address the issues identified. If you need specialized and independent compliance consultancy package in relation to above, please contact us for assistance (www.icclconsultancy.com).

23/07/2021

RE: How to address the weaknesses identified in ACMRs? .3: Insufficient sanctions screening

According to section 650 of the AML Guidelines published by the HKICPA, it is mandatory for all practices to comply regardless of the services provided. There are several pieces of legislation in Hong Kong prohibiting persons from making available financial assets or financial resources to terrorists and individuals and entities sanctioned by the United Nations. The AML Guidelines state that practices must comply with their legal obligations in relation to targeted financial sanctions and the financing of terrorism and proliferation of weapons of mass destruction. Practices must establish financial sanctions and counter-terrorist financing policies and procedures and take measures to ensure compliance with the relevant laws and regulations.

Name screening against sanctions or terrorist lists is an important measure for practices to identify whether their clients are sanctions subjects or terrorists. The ACMRs found that some practices had not implemented sufficient sanctions screening procedures. Please refer the key reminders of the work required for sanctions screening, including both initial screening and on-going screening (attached table) for practices that do not use a commercial database or have subscribed to a commercial database. It is also important to note that screening should be performed for all clients regardless of the services provided and to keep evidence of screening for audit trail and future regulatory inspections.

We propose practices to make reference with below useful tips for compliance in this area:

 Practices must maintain policies and procedures to ensure compliance with relevant regulations and legislations on TF and staff training must be provided to ensure suitable guidance available to them
 Practices should ensure to maintain a database (or to subscribe a database maintained by third party service providers) of names and particulars of terrorist suspects and designated parties which consolidates the various lists that made known to them for screening purposes and to ensure that their sources of information are up to date. The United Nations Consolidated List could be accessed through the link: https://www.un.org/securitycouncil/content/un-sc-consolidated-list
 Ongoing regular screening by practices of their complete client base (where relevant, including connected parties of the client, say beneficial owners, directors and persons purporting to act behalf of client) is important to prevent TF and sanction violations
 Screening results before client onboarding and ongoing screening alert results must be properly documented to demonstrate compliance
 If practices suspect that an activity or transaction is terrorist related, they must make an Suspicious Transaction Report to the JFIU

The Financial Reporting Council (Amendment) Bill 2021 was gazetted on 16 July 2021 to further develop the Financial Reporting Council (FRC) into a full-fledged independent regulatory body for the accounting profession. Under the new regime, regulatory powers vested with the Hong Kong Institute of Certified Public Accountants will be transferred to the FRC, including issue of practising certificates, registration of practice units and local public interest entities (PIE) auditors, inspection, investigation and discipline over practice units as well as investigation and discipline over certified public accountants. One of the most important implications is that under the new regime the FRC has powers to inspect, investigate and discipline non-PIE auditors, on top of the current functions and powers of the FRC became effective on 1 October 2019 when it assumed responsibility for regulation of audits of PIE, mainly companies listed in Hong Kong. In view of above, it is important for non-PIE auditors to get prepared early for compliance with the weaknesses identified under the ACMRs. In case Practices do not have adequate resources, expertise and an independent party to implement the above, they may lack the necessary defense or being put in a disadvantaged position under practice review and FRC’s inspection in future. “Independence” and “Competence” are always the two important matters for CPAs (especially auditors) to conduct their daily work or routine services. Practices should consider outsourcing all or part of the above works to an independent outsourced service provider, in order to mitigate the relevant reputation risks and legal risks arising from the regulatory compliance issues in relation to ML/TF.

To facilitate your preliminary assessment in this area, we can provide a complimentary on-site self-assessment for your company to identify the actual and potential compliance gaps and to discuss how our captioned services may help to address the issues identified. If you need specialized and independent compliance consultancy package in relation to above, please contact us for assistance (www.icclconsultancy.com).

09/07/2021

RE: How to address the weaknesses identified in ACMRs? .2: AML /CFT policies, procedures and controls

Further to our discussion of practices’ insufficient understanding of AML obligations in our last post, we now come to the second issue. Section 610.1 of the AML Guidelines requires practices to put in place internal policies, procedures and controls to address money laundering and terrorist financing (“ML / TF”) concerns and compliance with existing legal requirements on AML / CTF, and communicate these policies and procedures clearly to employees. Practices that do not provide Specified Transaction work under the AML Guidelines should, at minimum, establish policies and procedures to address suspicious transaction reporting and financial sanctions and terrorist financing, together with the relevant supporting for audit trail and regulatory inspection. Practices should ensure that their AML / CTF policy manuals reflect their circumstances, including whether good practices are to be applied. Common issues identified in practices’ AML / CTF policy manual from ACMRs include:

• Having adopted the example policy set out in the AML Procedures Manual for Accountants published by the HKICPA without appropriate tailoring to suit the circumstances of the practices. This resulted in practices that did not provide Specified Transaction work having adopted all good practice procedures even though they had no intention to apply them as they had no Specified Transaction work. If a practice chooses not to apply good practices, it should not state in its AML / CTF policy manual that CDD and ongoing monitoring procedures are applied to all clients. Instead, its policy manual should state that CDD and ongoing monitoring procedures are applied to only clients, whether new or existing clients, whose engagements involve Specified Transactions (page 38 of HKICPA’s Quality Assurance 2020 Annual Report).
• Insufficient policies and procedures in practices’ AML / CTF policy manuals. Examples of contents not covered include policies and procedures relating to financial sanctions and terrorist financing which is applicable to all practices. While for practices providing Specified Transaction work / having adopted good practices, the frequency of a periodic review of standard and simplified CDD information on their clients as required by paragraph 620.4.2 of the AML Guidelines; and a definition of what constitutes an event that triggers a review of CDD information (e.g. material changes in the client’s ownership and/ or activities) as required by paragraph 620.10.7 of the AML Guidelines were not covered.

As such, the ACMRs also reminded practices providing Specified Transaction work or having adopted good practices to address the two requirements, that is, Firmwide ML/TF Risk Assessment (to understand the ML/TF risk of practice by using the RBA approach, then design appropriate policies and procedures to address the ML/TF concerns) and Compliance Review (to assess regularly the implementation and effectiveness of the practice’s AML/CFT policies and procedures) under the AML Guidelines that have commonly been overlooked when establishing and implementing AML/ CTF policies, procedures and controls. For details of the purpose and difference of Firmwide ML/TF Risk Assessment and Compliance Review, please refer attached table.

In light of above, practices without providing Specified Transaction work while claiming themselves to adopt good practices should critically review if they have the necessary resources and expertise for compliance with the requirements under the AML Guidelines. For example, after performing Firmwide ML/TF Risk Assessment a practice resolved to design policies and procedures to adopt good practices in certain or all areas. However, it is discovered in subsequent Compliance Review that there are gaps and deficiencies in implementation then practices may consider shifting back the policies and procedures to comply with mandatory requirements.

Rather than merely adopting the example policy of the HKICPA without due consideration, practices should also exercise care and diligence in designing their own specific AML / CTF policies and procedures having regard to their business nature and adequacy of resources and expertise. Practices should also allocate sufficient resources and engage appropriate expertise to perform the above mentioned ML/TF Risk Assessment and Compliance Review regularly.

To facilitate your preliminary assessment in this area, we can provide a complimentary on-site self-assessment for your company to identify the actual and potential compliance gaps and to discuss how our captioned services may help to address the issues identified. If you need specialized and independent compliance consultancy package in relation to above, please contact us for assistance (www.icclconsultancy.com).

02/07/2021

RE: How to address the weaknesses identified in ACMRs? .1: AML Obligations Understanding

According to the HKICPA’s Anti-Money Laundering and Counter-Terrorist Financing (“AML / CTF”) Compliance Monitoring Reviews (“ACMRs”) as contained in the Quality Assurance 2020 Annual Report, the ACMRs identified five weaknesses in practices’ compliance of Guidelines on AML/ CTF for Professional Accountants (“AML Guidelines). We will discuss the five weaknesses with you one by one. This time we will touch with the first weakness, insufficient understanding of obligations.

The extent to which a practice should comply with the section requirements of the AML Guidelines depends on whether the practice had been or intends to be involved in work to prepare for or carry out Specified Transactions (referred to below as Specified Transaction work) for its clients. If ANY of the services provided involves Specified Transaction work, ALL sections are Mandatory. For details, please refer the table attached.

Therefore, it is important for a practice to identify whether any of the services that it provides involves Specified Transaction work. In the ACMRs, it is found that some practices were not aware that their services involved Specified Transaction work. Hence, the relevant requirements of the AML Guidelines, including customer due diligence, ongoing monitoring and record keeping, which are mandatory for Specified Transaction work, were not complied with. Examples of such engagements include a very substantial acquisition or disposal transaction relating to buying and selling of business entities or real estate; or an appointment that gives a practice the power to manage a client’s bank, saving or securities account. In light of above, Practices are reminded to fully understand the nature and purposes of the engagement whether it involves Specified Transaction work in order to assess if it is necessary to comply with all the requirements set out in Sections 610 – 670 of the AML Guidelines. Even if NONE of the services provided involves Specified Transaction work, it is still Mandatory for Practices to comply with Sections 640 (Making Suspicious Transaction Reports) and 650 (Financial Sanctions and Terrorist Financing) whilst other sections can be selected for application as Good Practices.

On the other hand, it was noted in the ACMRs that practices which had adopted good practices did not fully comply with all sections of the AML Guidelines (including applying CDD, ongoing monitoring and record keeping measures). If a practice chooses to apply good practices, it should ensure that it has sufficient internal resources and expertise or consider outsourcing to a specialized and independent compliance consultancy firm to address all relevant requirements of the AML Guidelines, for example, review and drafting of Suspicious Transaction Reports to the Joint Financial Intelligence Unit.

Insufficient understanding of obligations revealed that practitioner or the staff may lack the general awareness of the requirements and their legal obligations under the AML Guidelines and the knowledge to handle the interview under the ACMRs. If you need staff training on AML Guidelines and/or consultation of whether an engagement involves Specified Transaction work or how to prepare and design your practice’s internal AML policies and procedures to implement the mandatory requirements and/or selected areas of good practices under the AML Guidelines, please contact us for assistance (www.icclconsultancy.com).

25/06/2021

Re: Do you know what is the importance of RBA for Professional Accountants?

According to the Code of Ethics for Professional Accountants, Practices must have in place internal policies, procedures and other controls to address ML/TF concerns, and compliance with the existing legal requirements on AML/CFT, when they carry out any of the services specified in paragraphs 600.1.2 and 600.2.2 of the Guidelines on AML and CFT for Professional Accountants.

One of the key areas for Practices is to adopt a risk-based approach (“RBA”). Practices must establish and implement adequate and appropriate AML/CFT controls, taking into account factors such as client risk, country risk, service risk and delivery channel risk.

An effective RBA will enable practices to subject clients to proportionate controls and oversight. RBA is a dynamic process.
Practices may therefore have to adjust their risk assessment of a particular client from time to time, based upon information obtained, and also review the extent and frequency of the CDD and ongoing monitoring to be applied to the client.

We hope this video post will provide you a quick overview of the key elements of the implementation of an effective RBA.

https://www.youtube.com/watch?v=dgvkFSZsP1A