Compliance Audit

Audit is a well-established banking practice that all banks rely on to safeguard their systems and provide their final line of defence, at SQA Consulting we can provide services to supplement any audit of financial crime systems from examining the simplest of controls to determining the efficacy of screening systems.

Any audit function ought to be well prepared to demonstrate that they have examined their systems in detail, this is the stance of the American government:

OFAC - “An in-depth audit of each department in the bank should probably be conducted at least once a year. The compliance audit may either be incorporated into a bank’s standard auditing program or conducted separately.”

OFAC Regulations for the Financial Community (January 24th 2012)

OFAC - “Internal auditing departments ought not be surprised if they are questioned by Federal Bank Examiners about their bank’s compliance procedures regarding OFAC Regulations.”

OFAC Regulations for the Financial Community (January 24th 2012)

Similarly the Financial Conduct Authority in the United Kingdom is very explicit in their requirement for banks to audit their systems:

FCA - SYSC / 6 / 3 / Financial Crime - “A firm must carry out a regular assessment of the adequacy of these systems and controls (AML and Terrorist Financing) to ensure that they continue to comply with SYSC 6.3.1 R (A firm must establish, implement and maintain adequate policies and procedures sufficient to ensure compliance of the firm).”

FCA Systems Handbook

FCA Poor Practice - “No internal audit resource is allocated to monitoring sanctions compliance.”

Financial crime: a guide for firms

Audit teams ought to be well prepared for continual monitoring of financial crime systems, particularly sanctions screening, which as a mechanism that governments use to implement their foreign policy, is subject to frequent and significant change.

For more information view our Financial Crime Prevention pages