“Phase 2” of the Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) Act 2009 is now in full swing. Industries affected by this recent change have likely had to ‘learn on the job’ as they work through the complexities of Customer Due Diligence and other requirements under this new regime. One thing likely not yet encountered is an Audit, but this requirement is fast approaching. Section 59 of the act requires an appropriately qualified independent audit firm to carry out your audit and it is important that this is submitted on time (every 2 years).


Be wary of seeking the services of some providers who may not be appropriately qualified, or who offer a quick tick-box approach. The regulators have confirmed that they will be cracking down on sub-par Audit reports and keeping track of who these people are. It really is a get what you pay for scenario. Your company may run the risk of not identifying key issues and have the regulator ask you to re-perform the audit, adding additional time and costs to your company’s compliance budget. Or worse still found to be non-compliant incurring large fines and reputation damage.

Why should I care about the quality of my Audit?

There are many advantages to selecting an appropriately qualified independent audit firm to conduct your AML audit. These include;

  • Appropriately identifying weakness within in a timely manner.
  • Providing robust recommendations on areas of weakness, non-compliance or over compliance.
  • Working in a collaborative manner, I.e. keeping key stakeholders involved throughout the process.
  • Receiving a quality value-add end product/report.

Ultimately, a quality Audit can be a beneficial process which helps you improve business practices and processes.

What is the general scope of an Audit report?

  • Whether the risk assessment is adequate and identifies any Money Laundering / Financing of Terrorism faced by the entity.
  • Whether the AML programme addresses the risks adequately and provides key information to senior management to evaluate and make changes.
  • Whether the entities programme can identify suspicious activity and report it under AML requirements.
  • Whether staff have been adequately vetted and receive on-going training.
  • Whether any previously identified deficiencies have been remediated.

The audit report should include a description of the methodology of the audit, as well as a list of findings and recommendations.

Choose a qualified independent AML auditor

Choosing a qualified and reputable AML audit firm gives you peace of mind that your AML framework is doing what it should be doing. If it’s not, a quality auditor will work with you to identify areas which may need adjusting in a constructive/collaborative manner. This way you can sleep easy knowing you are on top of your responsibilities and get back to what you do best. Make sure your auditor is focused on working with you to ensure minimal business interruption with maximum value add.

Leave a Reply