• Our work  >
  • Evidencing assurance over financial crime – independent framework reviews

Evidencing assurance over financial crime – independent framework reviews

On a regular and increasing basis, Firms are commissioning ‘Independent Financial Crime (FC) Framework Reviews’ on the design and operation of their FC systems and controls. These are also sometimes referred to as an ‘Annual FC / AML Audits’ albeit they are not strictly Audits in the same sense as a Financial Statements (Accounts) audit.

Reviews are commissioned / conducted for a range of reasons. Most commonly:
• To meet requirements of banking providers;
• As part of a 3LOD Internal Audit plan;
• Where a Firm needs to get comfort over the robustness of their Framework;
• Where recommended by the FCA or a Skilled Person (e.g. to demonstrate operational effectiveness).

Our FC team delivers multiple reviews of this nature on a regular basis. Sometimes as a one-off request and in others as an annualised event to give Firms ongoing assurance over their FC framework.

When providing reviews the scope varies depending on the individual requirements of the Firm or the requirements of the third party asking them to commission a review (where relevant). This can range from a brief 1-2-day health check through to a detailed review over 6-8 weeks.

Independent Reviews is also an area where we have seen varying ‘quality’ in the market – i.e. we have conducted Skilled Person reviews with multiple and significant findings, yet the same Firm has been given a relatively clean bill of health in a recent ‘AML Audit’. Hence, we adopt a strictly evidence-based approach to the assessment which features elements of: Document review; interviews with key officers, managers and staff; live observation of Board, governance and remediation committee meetings; operational process walkthroughs; sample testing of due diligence on customers.

Our typical scope has included evaluation of: Governance and Board Oversight; Risk Management (RAS, BWRA, CRA); Policies and procedures; Customer Lifecycle (including onboarding and periodic reviews); Sanctions, PEP and Adverse Media Screening; Transaction Monitoring and SARs; Training and Communications.

We provide a summary report to the client that, across scope areas, outlines what is effective from a Design and Operating effectiveness basis and what is not working or fit for purpose.

The output of a review is a report that the Firm can use to enhance the Firms FC framework or to provide assurance to the relevant third party. As part of this we provide recommendations to enhance the FC framework where our review has noted gaps.

Joel Osborne

Joel Osborne

Partner
Connect with Joel