Evaluate the effectiveness of systems and controls for countering financial crime

This standard is about evaluating the effectiveness of systems and controls within your organisation in countering financial crime You must evaluate the day-to-day application of systems and controls and check that they are being utilised appropriately. You must conduct checks to ensure that procedures are applied consistently to maintain organisational compliance. Protection of client confidentiality and information security are critical factors to consider when evaluating the effectiveness of systems and controls. This standard is relevant to roles in countering financial crime.

1. identify the systems and controls within the organisation to counter financial crime
2. assess the effectiveness of systems and controls and whether they are fit for purpose
3. receive regular updates as required from internal and external sources
4. maintain confidentiality of client information, subject to legal and regulatory obligations
5. carry out regular checks on client and other relevant databases and on business activity to identify potential financial crime
6. check the application of systems and controls to ensure that they are implemented appropriately across your organisation
7. liaise with other assurance functions to identify risk areas and to coordinate assurance activities
8. maintain accurate, up-to-date and complete records of your evaluation of the systems and controls
9. review actions taken in response to findings of the evaluation to ensure compliance with your organisation’s procedures and regulatory requirements
10. undertake root cause analysis
11. report any non-compliance identified, as appropriate
12. record the outcomes of the evaluation in line with organisational requirements
13. present the information to senior management
14. recommend any mitigating actions required to senior management and gain their agreement
15. implement agreed mitigating actions as necessary
16. review the effectiveness of any mitigating actions

1. your organisation’s strategy and approach towards countering financial crime
2. the information that is required to facilitate efficient monitoring of countering financial crime operations
3. the importance of maintaining client confidentiality
4. why regular checks need to be conducted on client databases and business activity and the frequency with which this should be completed
5. how to review actions taken to ensure compliance with your organisation’s procedures and regulatory requirements
6. how to evaluate systems and controls
7. why it is important to liaise with other assurance functions
8. how to recognise non-compliance with your organisation’s procedures and regulatory requirements
9. how to undertake a root cause analysis
10. the procedures for recording and presenting your findings
11. how to identify effective mitigation measures
12. how to influence senior management into taking appropriate action
13. the legislation, regulations and codes of practice, relevant to you and your organisation and any specific obligations

"Financial Crime
This includes any office involving money laundering, terrorist financing, fraud
or dishonest or market abuse. (Definition based on the FCA definition of
financial crime). This includes financial crime both internal and external to a
financial services organisation.
Systems and controls
The practices and procedures put in place to protect an organisation from
financial crime. In some cases it is accepted that certain (or indeed all) types
of financial crime cannot be wholly prevented, but controls can limit its extend
and impact."