What to Look for When Choosing an AML Auditor

By Tadius Munapeyi, Fellow Chartered Certified Accountant (UK), Certified Public Accountant (Australia) PP, Licensed Auditor (FMA) New Zealand, ACAMS


Regardless of size or type of organisation, audits offer crucial insights into the functioning of the AML processes and procedures.


Audits identify compliance issues, and good Auditors provide detailed reports which articulate the issues in the AML process and provide pragmatic suggestions for remediation. They invest time in understanding your business and operations, and provide a bespoke audit process tailored to your company. Good auditors also have a structured methodology based on audit frameworks that ensure effectiveness and quality.


The Regulations do not prescribe qualifications of AML auditors, however, good auditors are members of reputable professional bodies and are subject to quality reviews by their regulator. Auditor status is commensurate with vigorous training including ongoing CPD obligations, experience, dedication, and the requirement to uphold ethical values. All of which are essential for client satisfaction and value.


The Importance of Undertaking Audits and How to Get the Most Out of an Audit


Ensures Integrity of the AML Process


An audit identifies what’s working and what’s not working, which provides an opportunity for remediation of the compliance documents; processes; and procedures where necessary.


Frequent audits ensure issues are identified and resolved early


Issues can arise and may go undetected for a long time, exposing the company to AML risk and non-compliance with the regulations. A common scenario is where there is staff turnover or staff movement within the organisation of the key personnel performing the AML tasks, including the Compliance Officer. Procedures may not be followed due to lack of awareness or knowledge.


Regulatory changes and updates may require changes to be made to the Risk Assessment documents or Compliance Programme. These changes may not be updated in time, nor translated to the firm’s actual procedures. Audits provide an opportunity for these issues to be identified and corrective changes made timeously.


Ensures remediation changes are independently reviewed timeously


Issues identified resulting from an audit will require changes to the process or introduction of a control. Once this has been implemented, management may be informed on the effectiveness of the new change in the following audit performed. Waiting for 3 years to verify the process of control’s effectiveness is not ideal. There may be a need to make changes to ensure there is ongoing overall efficiency in the business while compliance is maintained; also, the design effectiveness and operating effectiveness of the control will need assessment.


Fosters and Control Centric culture


Regular audits encourage staff to consistently apply diligence in executing AML procedures. This reduces the burden of management having to over communicate the requirement for staff to follow AML procedures.


Provides management with regular feedback on process


Frequent feedback to management, for example, annual feedback on the company’s performance on AML compliance provides peace of mind that there is a third eye monitoring the process and reporting to management. It enables management to focus their attention on running the business.


Reduces surprises


Audits are done verifying adherence to compliance requirements throughout a reporting period. Waiting to find out about compliance for a three year period is not effective and does not provide management with the opportunity to remediate issues timeously. Having to call back archived files from three years ago for an audit can use up staff resources to collate the information and respond to the findings of the historical issues.


Regular audits ensure issues are identified timeously and resolved. They also enable follow up on changes made and enable updates where necessary.


Ensures consistency of procedures