Develop and implement policies and procedures to counter financial crime

This standard is about developing and implementing policies and procedures to counter financial crime. You must be able to identify which areas of countering financial crime practice would benefit from standardisation and develop acceptable, relevant and effective policies and procedures and systems and controls. You must be aware of the implications of introducing policies and procedures and systems and controls and the resources required to implement, monitor and assess their effectiveness. This standard is relevant to roles in countering financial crime.

1. identify business activities that require a standardised approach
2. define business conduct and practice that is acceptable to your organisation to counter financial crime
3. identify any poor practice and ensure that systems and controls will overcome these
4. identify good practice to inform the development of policies and procedures, systems and controls for countering financial crime
5. consider the business implications that developing policies and procedures and systems and controls will have on each area of the business
6. consult with key stakeholders throughout
7. develop policies and procedures, systems and controls that reflect legal and regulatory requirements and current industry good practice
8. ensure that the policies and procedures reflect your organisation’s approach to countering financial crime
9. promote acceptable business conduct that reflects lawful, ethical, and moral behaviour and practice
10. confirm that the development and implementation of policies procedures takes into account the resources that are required
11. design an implementation plan in line with organisational requirements
12. assign responsibilities and accountabilities to implement policies and procedures
13. communicate the implementation of policies and procedures across the organisation
14. put in place systems and processes to monitor the implementation of policies and procedures
15. assess the effectiveness of systems and processes to identify any improvements needed
16. implement any changes accordingly in line with organisational requirements
17. put in place systems and processes to quality assure the application of the policies and procedures and systems and controls

1. your organisation’s strategy and approach towards countering financial crime
2. the nature, scale and complexity and operating environment of your organisation
3. how your organisation defines financial crime in order to develop appropriate policies and procedures and systems and controls
4. established and emerging financial crime typologies
5. how to recognise and explain conduct and practices that are unacceptable to your organisation
6. good business practice in relation to developing and implementing policies and procedures
7. the different level of stakeholder support needed in order to develop and implement effective policies and procedures and systems and controls
8. how to ensure that policies and procedures comply with legal and regulatory requirements and reflect the organisation’s approach and strategy to countering financial crime
9. resources required to develop and implement policies and procedures and systems and controls
10. systems and processes required to monitor the implementation of policies and procedures
11. systems and processes to quality assure the application of policies and procedures and systems and controls
12. the legislation, regulations and codes of practice, relevant to you and your organisation and any specific obligations

"Financial Crime
This includes any office involving money laundering, terrorist financing, fraud
or dishonest or market abuse. (Definition based on the FCA definition of
financial crime). This includes financial crime both internal and external to a
financial services organisation.
Legal and regulatory requirements
This refers to a range of obligations incumbent upon financial organisations
and is commonly referred to as ‘compliance requirements. The legal and
regulatory requirements of an organisations or individual/s within it (such as
‘approved persons) may differ slightly according to the type of financial
organisation and the services it offers. The regulator of all providers of
financial services in the UK oversees a number of regulated activities under
powers derived from the Financial Services and Markets Act 2000.
A number of other pieces of UK legislation are relevant to the countering of
financial crime, such as the Proceeds of Crime Act (POCA), the Serious
Organised Crime and Police Act (SOCPA, the Fraud Act 2006, for example.
UK financial institutions are also subject to European Commission legislation
enacted by the British Government such as the Market Abuse Directive and
the Basel 2 Accord (for capital adequacy).
Financial organisations, like any other employer, are also subject to a range of
legal requirements covering areas such as discrimination, equality and
diversity, Health and safety and Data protection.
Organisation
This refers to an organisation that offers financial services this could be
insurance, investment, lending and credit, pensions, securities and
derivatives. It includes organisations in both the public and private sector.
Resources
This refers to a range of assets required for the achievement of an
organisations business objectives, or a specific function. This includes both
physical assets such as capital, people and equipment, and ‘virtual assets
such as skills, knowledge and time.
Stakeholder
This refers to anyone that has an interest in, or may be affected by, the
success of the financial institution; this could be individuals, groups and
organisations. For financial organisations this includes the Board, committees,
employees and in some instances, shareholders. For some this may also be
its clients or investors.
Systems and controls
The practices and procedures put in place to protect an organisation from
financial crime. In some cases it is accepted that certain (or indeed all) types
of financial crime cannot be wholly prevented, but controls can limit its extend
and impact."