Which Repository?
The specifications cover the following requirements
The assessment covers the measures adopted with reference to the following requirements :
- Assessing risks and applying a risk-based approach
- Customer due diligence
- Measures relating to specific risks :
- Non-Profit Organizations (NPO)
- Politically Exposed Persons
- Correspondent banking
- New technologies
- Wire transfers
- Reliance on third parties
- Internal controls and foreign, branches and subsidiaries
- Higher risk countries
- Record keeping
- Reporting of suspicious transactions and tipping-off
- Capacity building
- Compliance program
- Ongoing monitoring
- Asset freeze
- Senior management responsibilities
- Internal anti-corruption measures
- Quality of software
How to certify?
According to the international regulations of system certifications, a certification is issued after a specific audit. Audits are based on the standard specifications.
Each specification of the AML 30000 standard thoroughly covers all AML/CFT requirements for each sector of activity and for each theme in an exhaustive manner.
Certification is issued according to the following procedure :
The aim is to evaluate the quality of the AML/CFT system in the light of the standards set out in the specifications of the AML 30000 standard, in order to determine the level of technical compliance and effectiveness of this system.
When the audit concludes that the audited entity complies with the Standard, a certificate of compliance with the AML 30000 standard is issued and delivered to the concerned person.
In accordance with the applicable international regulations for system certifications, certificates of conformity have a validity period of three years from the date of award and the beneficiary remains representative of the certification since that date.
For each certification cycle, the certifier performs, throughout the period of validity of the certificates, annual audits to ensure that the certified entity is always in compliance with the AML 30000 standard requirements in its most updated version.
Why to Certify?
There are as many specifications as there are categories of financial institutions and businesses and professions concerned, to take into account the particularities that affect each of them, taking into account their activity and the requirements they must observe.
The specifications set out in detail the requirements that must be observed by financial institutions and businesses and professions involved in AML / CFT.
The specifications cover the following requirements :
- Assessing risks and applying a risk-based approach
- Customer due diligence
- Measures relating to specific risks :
- Non-Profit Organizations (NPO)
- Politically Exposed Persons
- Correspondent banking
- New technologies
- Wire transfers
- Reliance on third parties
- Internal controls and foreign, branches and subsidiaries
- Higher risk countries
- Record keeping
- Reporting of suspicious transactions and tipping-off
- Capacity building
- Compliance program
- Ongoing monitoring
- Asset freeze
- Senior management responsibilities
- Internal anti-corruption measures
- Quality of software
- Statistics
How to assess?
The assessment is carried out through the following tools :
The AML 30000 approach follows the following three (3) main steps :
Interviews take place at the premises of the assessed person, while the detailed documentary review and data processing take place at the assessment team offices, accredited by the certifier.
Any data or information communicated within the framework of the certification missions is strictly confidential. The entire relationship between the parties is governed by the highest confidentiality.
Evaluation principles :
The AML / CFT is neutral and universal.
The assessment is based on a globally binary approach in order to ensure the fairness and objectivity of the certification.
The AML 30000 certification takes place as set out in the management system certification regulations, in line with the ISO 1702 standard.
The ISO 17021standard sets out the requirements and principles of competence, consistency, impartiality and independence, relating to certification work :
These organizations are authorized to issue the AML 30000 certification, on the basis of predefined selection criteria. Furthermore, during audit missions, the audit coordinators are, for the sake of independence, the only ones vis-à-vis the audited entity.