Section 3

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/91

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 4:19 PM on 7/3/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

92 Terms

1
New cards
What is a compliance program?
An internal AML and ATF framework required under the PCMLTFA
2
New cards
Why is a compliance program important?
It helps detect prevent and manage money laundering and terrorist financing risks
3
New cards
Who must implement a compliance program?
Every reporting entity under the PCMLTFA
4
New cards
How many core elements are required in a compliance program?
Six
5
New cards
What are the six required elements of a compliance program?
Compliance Officer; Policies and Procedures; Training Program; Training Plan; Effectiveness Review; Risk Assessment and Risk Mitigation
6
New cards
Who is responsible for implementing and overseeing the compliance program?
The Compliance Officer
7
New cards
Who remains ultimately responsible for compliance?
The reporting entity
8
New cards
What authority should a Compliance Officer have?
Enough authority and resources to effectively perform their responsibilities
9
New cards
Who should the Compliance Officer report to?
Senior management; the board; the owner; or the chief operator
10
New cards
Can a Compliance Officer delegate responsibilities?
Yes; but accountability remains with the Compliance Officer
11
New cards
What is the primary role of the Compliance Officer?
Implement oversee and continuously improve the compliance program
12
New cards
What is the purpose of AML and ATF policies?
To establish the organization's compliance requirements and expectations
13
New cards
What is the purpose of AML and ATF procedures?
To describe how policies are carried out in practice
14
New cards
Why are both policies and procedures required?
Policies explain what must be done; procedures explain how it is done
15
New cards
Who must approve compliance policies and procedures?
A senior officer
16
New cards
Why should policies be tailored to the organization?
Every reporting entity has different products services clients and risks
17
New cards
Should generic compliance templates be adopted without modification?
No
18
New cards
What should compliance procedures clearly identify?
Who performs each task; what must be done; when it must occur; and how it is completed
19
New cards
What should policies include regarding client identification?
Identity verification; beneficial ownership; politically exposed persons; and ongoing monitoring
20
New cards
What should policies include regarding reporting?
All FINTRAC reporting obligations and reporting procedures
21
New cards
What is the purpose of a training program?
To ensure personnel understand and comply with AML and ATF obligations
22
New cards
What is a training plan?
A documented plan describing how AML and ATF training is delivered maintained and tracked
23
New cards
Who should receive AML and ATF training?
Anyone whose duties expose them to money laundering or terrorist financing risks
24
New cards
When should new employees receive AML and ATF training?
Before they deal with clients or conduct regulated activities
25
New cards
What should ongoing AML and ATF training include?
Legislative changes; policy updates; emerging risks; and reporting responsibilities
26
New cards
What should employees learn about suspicious transactions?
How to recognize and report suspicious activity
27
New cards
Can an employee disclose that an STR has been submitted?
No
28
New cards
Why is tipping off prohibited?
It could compromise an investigation or allow assets to be moved
29
New cards
Are employees protected when reporting suspicious transactions in good faith?
Yes
30
New cards
What evidence of AML and ATF training should be maintained?
Training records
31
New cards
How often must an effectiveness review be completed?
At least once every two years
32
New cards
Who should conduct an effectiveness review?
Someone independent from the day to day compliance function
33
New cards
What is the purpose of an effectiveness review?
To determine whether the compliance program is operating effectively
34
New cards
What should an effectiveness review examine?
Policies; procedures; training; risk assessment; and compliance controls
35
New cards
When must the results of an effectiveness review be reported to senior management?
Within 30 days of completing the review
36
New cards
Why are effectiveness reviews important?
They identify weaknesses and opportunities to improve the compliance program
37
New cards
What is a self assessment?
An internal evaluation of AML and ATF controls and compliance activities
38
New cards
How often is a self assessment recommended?
At least annually
39
New cards
What should a self assessment evaluate?
Risk assessment; policies; procedures; training; and internal controls
40
New cards
What is risk?
The combination of the likelihood that an event will occur and the impact if it does occur
41
New cards
What is a risk assessment?
The process of identifying analyzing and evaluating money laundering and terrorist financing risks
42
New cards
Why is a risk assessment important?
It helps reporting entities identify understand and manage money laundering and terrorist financing risks
43
New cards
What factors must be considered in a risk assessment?
Clients; Geography; Products and services; Delivery channels; Affiliates; Technology
44
New cards
What are the four primary AML risk categories?
Clients; Products and services; Delivery channels; Geography
45
New cards
What is client risk?
The money laundering and terrorist financing risk associated with a particular client or client type
46
New cards
What is geographic risk?
Risk associated with countries regions or jurisdictions where clients or transactions originate
47
New cards
Why can geography increase ML and TF risk?
Some jurisdictions have weak AML controls high corruption sanctions or significant criminal activity
48
New cards
What is product and service risk?
Risk created by the products or services offered by the reporting entity
49
New cards
What is delivery channel risk?
Risk created by the method through which products or services are delivered
50
New cards
Why are non face to face delivery channels generally higher risk?
They may increase anonymity and make identity verification more difficult
51
New cards
What is affiliate risk?
Risk introduced through relationships with affiliated companies or third parties
52
New cards
What is technology risk?
Risk arising from the use of new technologies automated systems or digital services
53
New cards
What is a risk based approach?
Applying controls that are proportionate to the level of identified ML and TF risk
54
New cards
What is inherent risk?
Risk before any controls or mitigation measures are applied
55
New cards
What is residual risk?
Risk remaining after controls have been implemented
56
New cards
What is risk appetite?
The amount of risk an organization is willing to accept
57
New cards
What is risk tolerance?
The amount of variation from acceptable risk levels that an organization is willing to allow
58
New cards
Who is responsible for determining risk appetite?
Senior management
59
New cards
Who is ultimately responsible for AML and ATF risk decisions?
Senior management
60
New cards
What is risk mitigation?
Implementing measures that reduce identified ML and TF risks
61
New cards
When should risk mitigation measures be applied?
When higher ML or TF risks have been identified
62
New cards
What are enhanced measures?
Additional controls applied to higher risk clients products or situations
63
New cards
How should politically exposed persons be treated?
As high risk clients requiring enhanced due diligence and increased monitoring
64
New cards
What should be done for high risk clients?
Apply enhanced due diligence and enhanced ongoing monitoring
65
New cards
What are the four risk treatment options?
Accept; Mitigate; Assign; Avoid
66
New cards
What is the objective of risk mitigation?
Reduce the likelihood or impact of identified risks
67
New cards
Name common risk mitigation measures.
Enhanced due diligence; Increased monitoring; Transaction limits; Senior management approval; Additional verification
68
New cards
Why are transaction limits an effective mitigation measure?
They reduce exposure to higher risk products or activities
69
New cards
Why is senior management approval used as a mitigation measure?
It provides additional oversight for higher risk situations
70
New cards
Why should customers be categorized by risk?
To ensure monitoring and controls are appropriate to their level of risk
71
New cards
What determines the nature of an organization's monitoring program?
The size nature complexity and ML or TF risk of the business
72
New cards
What are the three levels of monitoring?
Continuous; Regular; Selective
73
New cards
What is continuous monitoring?
Ongoing monitoring of client activity throughout the business relationship
74
New cards
What is regular monitoring?
Monitoring performed at scheduled intervals based on risk
75
New cards
What is selective monitoring?
Monitoring targeted toward specific higher risk clients products or activities
76
New cards
Why must AML and ATF programs be monitored continuously?
Risks laws products and criminal methods change over time
77
New cards
Why must risk assessments be updated?
Business operations products services and ML or TF risks change over time
78
New cards
Can a compliance program remain static over time?
No; it must evolve as risks and regulatory requirements change
79
New cards
Why should management support risk management?
Strong management commitment improves implementation oversight and compliance culture
80
New cards
What three organizational factors influence effective risk management?
Management commitment; Risk appetite; Risk management philosophy
81
New cards
What is risk management philosophy?
The organization's overall approach to identifying evaluating and responding to risk
82
New cards
What should a FINTRAC examination demonstrate?
The compliance program is documented implemented effective and current
83
New cards
What authority does FINTRAC have under the PCMLTFA?
To examine records inquire into business affairs and assess compliance
84
New cards
What types of FINTRAC examinations are conducted?
Desk based examinations; On site examinations
85
New cards
What can FINTRAC issue when non compliance is identified?
Administrative Monetary Penalties or refer matters for criminal prosecution
86
New cards
What does AMP stand for?
Administrative Monetary Penalty
87
New cards
What is the purpose of an Administrative Monetary Penalty?
To encourage compliance with the PCMLTFA
88
New cards
How are Administrative Monetary Penalties classified?
Minor; Serious; Very serious
89
New cards
What is a Ministerial Directive?
A legally binding directive issued under the PCMLTFA to address ML or TF risks
90
New cards
Can failing to comply with a Ministerial Directive result in penalties?
Yes
91
New cards
What is the maximum fine on indictment under the PCMLTFA?
Up to two million dollars
92
New cards
What is the maximum imprisonment on indictment under the PCMLTFA?
Up to five years