The relevance of internal controls and functions for the prevention of financial crime and the role of the head of the internal control department in preventing financial crimes. Internal controls are designed and implemented by the management to prevent the risk of occurrence of financial crimes. The board anti-financial crime committee reviews and approves the internal control mechanism.
Relevance of Internal Controls and Functions for the Prevention of Financial Crime
To establish a robust internal control structure in an organization, the different specialized control functions are developed, with a dedicated head of those functions such as:
- Head of internal controls
- Head of anti-financial crime compliance
- Head of internal audit
Head of Internal Controls
The head of internal controls is an experienced internal control professional responsible for helping and advising different departments and functions of the organization in identifying, assessing, and managing risks and applying relevant controls. The head of internal controls reports to the board and updates the CEO about the key and significant internal controls issues that caused the increase in the risk of occurrence of financial crimes.
The head of internal controls is provided with the appropriate internal controls team and other resources necessary to perform the duties and responsibilities of the internal control. He is responsible for developing and implementing an overall internal controls framework, which is presented to the board for review and approval. After reviewing and approving such a framework, the head of internal controls ensures its implementation in the organization at all levels.
The internal controls team supports the head and is responsible for:
- Setting and maintaining internal controls matrices for different functions and departments of the organization, considering all significant types of financial crime risks faced by an entity;
- Using the evidence gathered on the control environment through the control assessment standards, as well as their oversight and challenge activities to assess the effectiveness of the implemented controls and their quality;
- Escalating significant risks and control breaches to the head of internal controls and the board; and
- Providing evidence-based annual affirmation to the head of internal controls on the effective principal management and significant risks. The evidence-based affirmations will be subject to review and challenge by the head of internal controls.
Process Owners support the internal control department and ensure that internal controls are implemented effectively in their respective departments.
They are responsible for:
- Identification and management of the end-to-end process as defined in the entity’s control universe and associated risks, including activities that are carried out by other businesses or functions or which are outsourced;
- Monitor the effectiveness of the internal controls governing the end-to-end process; and
- Escalating significant control issues and breaches to the internal control department.
Final Thoughts
Money launderers are well-known for using deception or theft to capture the processes of financial entities for illicit purposes. As a result, anti money laundering or AML compliance program must include internal control designs that increase the likelihood of detecting or preventing such activities.
Internal controls are a concept that financial managers and auditors are familiar with. The distinction is that controls implemented as part of an AML compliance program will be focused on mitigating risks identified during a money laundering risk assessment. Furthermore, as part of an AML program, internal controls must be designed to generate the mandated reports as well as other surveillance, reporting, and record retention requirements mandated by the Banking Secrecy Act, FinCEN, and the Office of Foreign Assets Control, among others.
