Implementing AML/CFT Requirements Consistent With Financial Inclusion Concept in the Middle East/Jordan

By Ahmad Taher Alessa, CAMS

Page 2 of 23

Contents Executive Summary ....................................................................................................................................... 4

Introduction .................................................................................................................................................. 5

Financial Inclusion ......................................................................................................................................... 5

Overview ................................................................................................................................................... 5

Key Objectives of Financial Inclusion ........................................................................................................ 6

Customer Due Diligence (CDD) ............................................................................................................. 6

Record Keeping ..................................................................................................................................... 6

Monitoring and Reporting Suspicious Transactions ............................................................................. 7

Applying AML/CTF Measures .................................................................................................................... 7

Impact of Financial Inclusion .................................................................................................................... 8

Developing New Banking Services With New Clients ........................................................................... 8

AML/CFT Controls That Align With Financial Inclusion Objectives ............................................................... 9

Financial Action Task Force Recommendations........................................................................................ 9

Central Bank of Jordan Efforts to Meet Financial Inclusion ........................................................................ 11

Financial Access Statistics in Jordan........................................................................................................ 12

Money Transfers (Payments and Remittances) .................................................................................. 12

Card Products ...................................................................................................................................... 12

Online Transactions ............................................................................................................................ 12

Remittances ........................................................................................................................................ 13

Audit Impact ................................................................................................................................................ 14

Overview ................................................................................................................................................. 14

Audit Relevance to Financial Inclusion ................................................................................................... 14

Audit of Financial Inclusion Services ....................................................................................................... 15

Efficient Board of Director and Senior Management Oversight ......................................................... 15

Risk Management Program................................................................................................................. 15

Sound AML/CFT Policies and Procedures ........................................................................................... 15

Robust Internal Controls and Compliance Function ........................................................................... 15

Resources ............................................................................................................................................ 15

Audit Framework .................................................................................................................................... 16

Page 3 of 23

Testing Related to Financial Inclusion ................................................................................................. 16

Conclusion ................................................................................................................................................... 18

References .................................................................................................................................................. 19

Page 4 of 23

Executive Summary

Financial exclusion is the inability of certain individuals and groups to use financial products and services. The main causes are distance from suppliers, the need for official documents, complex procedures, and inadequate products. As a result, individuals easily obtain access to funds from informal sources, leading them to engage in higher risk and higher costs with service providers that are unethical and unorganized. Financial inclusion is a system that provides low-cost banking services to low-income individuals in order to improve their economic circumstances. The Financial Action Task Force’s (FATF) interest in financial inclusion is driven by the objective to protect the integrity of the global financial system. It does so by covering the largest range of transactions posing money laundering and terrorist financing risks in the jurisdictions that have committed to FATF standards. FATF also has a strong interest in financial inclusion, because many of the countries belonging to the FATF network are jurisdictions that can be considered emerging markets, developing countries, or low-capacity countries, which benefit from clear guidelines and examples of implementation of anti-money laundering (AML) and Combating the Financing of Terrorism (CFT) requirements. At the same time, financial exclusion works against effective AML/CFT policies. In fact, the large, unregulated, and informal economy has a negative impact on efforts to combat money laundering, terrorist financing, and the integrity of the financial system. Several studies document considerations on whether or not the regulatory requirements for AML/CFT are restrictive. The studies indicate that AML/CFT legislation, implemented in response to FATF Recommendations, has led regulated institutions to take a conservative approach to compliance with this legislation (taking into account the controls and level of protection required for an effective anti-money laundering and terrorist financing system). A risk-based approach to money laundering (ML) and terrorist financing (TF) is no longer optional. This is now required, in terms of international standards. In this paper, we examine key aspects of this in order to identify opportunities for organizational coordination. The proportional compliance responses are in accordance with ML/CFT risk, and this can play a positive role in enhancing access to the official financial systems of countries. This could also reduce the use of informal mechanisms beyond the scrutiny of the authorities. Customer due diligence (CDD) and related issues are described in light of the relevant FATF Recommendation 2, specifically given the dynamics of financial inclusion. Although it is understood that client due diligence by institutions is an important basis for AML/CFT compliance response, overly conservative compliance responses may lead to impediments accessing financial services.

Page 5 of 23

Introduction

When AML/CFT requirements linked to financial inclusion are identified and lead to a proportionate response to the risks of money laundering and terrorist financing, this can play a positive role in enhancing access to the official financial systems of the countries concerned. At the same time, it is likely to reduce the use of informal mechanisms that are beyond the scrutiny of the authorities. Therefore, the core of financial inclusion is to ensure that a range of appropriate and acceptable financial services is available to each individual, and that it allows them to understand and access these services. This includes bank accounts for sending and receiving payments, savings products, money transfer services, small loans, and personal loans. The main obstacles to financial inclusion can be summarized as high fixed costs, and excluded people are mostly those with irregular income and lack of documentation. Countries and institutions implement risk-based approaches in accordance with FATF Recommendation 1 and related explanatory notes, which provide a platform for countries to develop regulatory and supervisory frameworks allowing flexibility in achieving financial inclusion objectives, while also providing space for addressing the remaining objectives. There should be internal control programs to combat money laundering and the financing of terrorism. Such programs should generally include:

1. The development of internal policies, procedures, and controls, including appropriate compliance management arrangements and adequate evaluation procedures to ensure high standards of recruitment;

2. Ongoing staff training program; 3. Audit function to test the system.

Financial Inclusion Overview Overall, financial inclusion means that individuals and businesses are able to easily access and use appropriate financial products that meet their needs and help improve their lives responsibly and in a sustainable manner. More specifically, financial inclusion is the provision of access to a range of safe, adequate, and affordable financial services for disadvantaged groups and other vulnerable groups, including low-income persons who have been neglected or excluded from the formal financial sector. On the other hand, it is only at this time that a wider range of financial services is available for people who have access to basic financial products. Financial inclusion can also be defined as ensuring access to financial services at reasonable cost and in a fair and transparent manner.

Page 6 of 23

Key Objectives of Financial Inclusion

The enforcement of AML/CFT controls can have an impact on the access to, and use of, financial services in the countries concerned. The most vulnerable clients are those who lack identification documents, such as illegal immigrants or enterprise clients—e.g., money service companies whose ties with formal financial institutions are cut off for reasons related to AML/CFT. AML/CFT control tools tend to increase transaction costs, which may lead to the withdrawal of financial institutions from low-value transactions, and the markets of the customers who use them. This impact varies by country depending on the design of the national AML/CFT framework. Financial integrity and financial inclusion are policy objectives that are mutually reinforcing and interdependent. When complementary, they enhance one another’s objectives and contribute positively to economic development. To that end, financial integrity and financial inclusion would benefit from increased coordination within governments and in all sectors. A well-designed AML/CFT regulatory system creates an environment that encourages greater financial inclusion; similarly, improved financial inclusion leads to a stronger regulatory regime against money laundering and the financing of terrorism. This leads to the importance of seeking ways to reduce the risk of combating money laundering and terrorist financing, while enhancing financial inclusion. Regulators may follow two complementary strategies. First, they apply reduced controls, especially money laundering controls, to reduce risk factors. The most common is limiting the verification of the customer's identity for low-value transactions or products. Second, when countries do not have the public or private capacity to implement AML/CFT complete controls at the same time of the execution order of the transactions, the financial institutions are at perceived risk.

The key elements of any anti-money laundering system are explained below, and the most important step is how to adapt an effective AML system while achieving the objective of financial inclusion.

Customer Due Diligence (CDD) Customers must provide specific types of identity that are not usually owned by the poor, or service providers must verify the client’s fixed address, which is impossible for billions of people who live in informal housing. Historically, countries have often included verification requirements in AML/CFT regimes that many poor people cannot meet.

Record Keeping Financial institutions must maintain records of all national and cross-border transactions (including incidental or occasional transactions) for at least five years requiring the collection and reproduction of copies of all customer records as part of the CDD, regardless of the nature of the provider, client, or transaction.

Page 7 of 23

Monitoring and Reporting Suspicious Transactions Providers of all types are required to continuously monitor the risks of money laundering and terrorist financing arising from their businesses, including subcontracted relationships, and the reporting of suspicious and unusual transactions to the AMLU in the country. Transaction monitoring can be very expensive for service providers that try to serve excluded customers, unless they are adjusted by individual risk.

Applying AML/CTF Measures Each of the various steps of the AML/CFT process (CDD, record-keeping requirements, report of suspicious transactions) is a concern for the financial inclusion concept:

For CDD, a distinction must be made between identification and verification steps. Less serious scenarios and simplified control procedures can be implemented. The simplified CDD measures involved in the financial inclusion context are: o Allowing flexibility to identify items that constitute “source documents, data or reliable

and independent information” to verify and monitor client identities; o Verifying the identity of the customer and the beneficial owner after the establishment

of the business relationship and until the account reaches the next tier; o Reducing the frequency of customer identification updates borne by the provider; o Reducing the degree of ongoing monitoring and scrutinizing of transactions; and o Not collecting additional information or carrying out specific measures to understand

the purpose and intended nature of the business relationship.

Countries generally identify “reliable, independent documents” that can be used to verify customers’ identities, and financial institutions can also identify a risk-based approach with verification processes commensurate with the risks of money laundering/counter-terrorism.

FATF allows the simplification of measures (exemption) when there is a lower risk of ML/TF. Simplified criteria for community development principles can be defined at the country level, depending on the level of risk or financial institution. Each financial institution must know who the clients are, what they are doing, and whether they are likely to be involved in criminal activities.

Continuous due diligence and business relations monitoring should be conducted through manual or electronic scanning. The risk-based approach allows a degree of monitoring upon the risks associated with the customer, the account, and the products or services used. The regulatory authorities should apply and take into account the necessary limitations (monetary or other limits, which will be reviewed periodically) by financial institutions.

Monitoring is required to detect unusual and potential suspicious transactions, with any real suspicion leading to the elimination of any threshold or exception. The simplified CDD can be alleviated by closer monitoring of transactions, recognizing that inadequate information due to a very small CDD may limit the utility of monitoring.

Financial institutions are required to maintain information of identity documents for a period that lasts no fewer than five years. The options are to scan documents or maintain electronic copies, or simply record reference details.

Page 8 of 23

Countries as well as financial institutions are expected to recognize and identify their risks and to take appropriate measures to mitigate them and allocate their resources efficiently, with a focus on the areas with higher risk. Greater recognition of the risk-sensitive approach to implementing AML/CFT measures—including, in particular, an approach that takes into account the risks of financial exclusion and the benefits of integrating people into the formal financial system—would be a major step for countries wishing to build a more comprehensive financial system.

Impact of Financial Inclusion The impact of AML/CFT on the ability of socially and economically vulnerable persons to access financial services is evidenced by the increase of financial services available to those who were previously denied access, and AML/CFT measures can affect the access to, and use of, financial services if these measures are not carefully designed. Although AML is aimed at keeping illicit funds from entering the financial systems, the purpose of CDD is to identify undesirable clients to exclude from the financial systems, and to include as many desirable clients as possible.

Developing New Banking Services With New Clients

New financial products and services have been created in the past few years, which may contribute to expanding access to new markets and clients, thereby increasing financial inclusion. To date, challenges have appeared in how to effectively apply AML/CFT mechanisms to these new products and services. This is particularly evident in branchless and mobile financial services. Also, new relationships emerge between suppliers, challenging the traditional approaches of legislators and regulators. New business models, new associations, and new suppliers are emerging to provide services to financially excluded people. Institutions need more regulation and regulatory resources than for traditional financial services. New products and services offer significant opportunities for banks to innovate, connect with customers, and provide value-added services. However, choosing the right product or service for the organization and its customers should be based on identifying and reducing risk before considering and delivering these new products and services. When risks are not identified and mitigated in advance, unintended consequences can be difficult to resolve.

Page 9 of 23

AML/CFT Controls That Align With Financial Inclusion Objectives The implementation of an effective and comprehensive AML/CFT program is essential to any formal financial system. However, applying an overly cautious approach to AML/CFT may have the unintentional result of excluding individuals from the formal financial system. Financial inclusion and an effective AML/CFT system complement each other. Without adequate financial inclusion, the AML/CFT system in a country will maintain the integrity of only part of its financial system, which means that the new components of the financial system and the components under creation can be abused. Therefore, countries must take the necessary measures to require the entire financial sector’s policies to be stronger, including effective controls against money laundering and terrorist financing. Measures to combat money laundering and the financing of terrorism can be implemented in a way that weakens the objectives of financial inclusion. Exclusion of legitimate businesses and consumers from the formal financial system as a result of applying a highly cautious approach to AML/CFT safeguards is not an option. The legislator should take the lead in supporting the design of AML/CFT measures that achieve the objective of financial inclusion, without prejudice to existing measures to combat crime. Choosing a risk-based approach to AML/CFT protection can help in building a more comprehensive financial system by allowing financial institutions to apply some simplified AML/CFT measures to those who may pose lesser risks in money laundering and terrorist financing. Avoid extreme, uneven, and unnecessary requirements, including those that may delay access to adequate services for non-serviced groups. By increasing financial inclusion, a proportional approach can reduce the scope of transactions carried out through the informal financial system, away from regulatory and supervisory oversight.

Financial Action Task Force Recommendations

AML/CFT obligations can increase the cost of doing business, which can be supported by financial institutions, reduce potential profits, make them less attractive to the private sector to reach non-bank customers, and provide basic financial products and services to them. Costs can also be transferred to customers, which may discourage the use of the formal financial system, especially if the informal options are equally cheap and reliable. If the client does not have a government-issued identification form, for example, a financial institution may need to use other, costlier methods to verify identity, which may be discouraging for certain customer services. For some categories of potential clients, especially for vulnerable and low-income groups, this creates an additional constraint to financial inclusion. There is also a prospering secret economy that is attractive for clean money and is also available for illegal transactions. Alternative or secret suppliers can thus become a conduit for illegal transactions that are difficult to detect by government authorities and that undermine efforts to combat money laundering and the financing of terrorism. However, through dialogue with

Page 10 of 23

national authorities and the financial industry, and based on the available flexibility under FATF Recommendations, possible solutions can be found to meet the needs of financially excluded persons in accordance with the requirements of FATF. FATF identified a series of actions to be taken by financial institutions, or any other profession subject to AML/CFT requirements, based on national legislation to prevent money laundering and terrorist financing. These measures, known as “preventive measures,” were designed by the international Financial Task Force (FATF) to protect financial institutions from abuse and help them adopt appropriate controls and procedures. Although these measures create difficult requirements, some flexibility has been developed for countries to build their AML/CFT systems in a manner that is appropriate to local conditions. One of the major changes in the FATF 2012 Recommendations was the promotion and confirmation of an integrated approach to the risk-based approach (RBA) that applies to all FATF Recommendations and provides the overall framework for its implementation. In addition to the considerable resource and coordination capacity of developing countries, the reason that the RBA has not been widely accepted so far is that it may not be well understood. A clearer understanding of the key elements of the FATF Recommendations and RBA can support countries’ efforts to adopt anti-money laundering and terrorist financing systems at the national level and develop a framework that promotes financial inclusion. The RBA application will be based on a risk assessment that will help countries and financial institutions understand, identify, and evaluate risks, as well as apply risk-sensitive mitigation and management measures. This may include low risk, which could benefit from exemption, and lower risk from the application of simplified measures to combat money laundering and the financing of terrorism. FATF Recommendations require financial institutions to develop AML/CFT programs, although there is some flexibility given the risks of money laundering/money transfer and the volume of business activity. The use of such flexibility is crucial, especially for actions aimed at serving those who are excluded or not under financial control. Financial institutions should therefore develop an effective internal control structure, including: the monitoring and reporting of suspicious activities; a culture of compliance; and ensuring that staff members comply with the designed policies, procedures, and operations of the financial institution, in order to reduce and control risks. In addition to meeting the requirements of the country in which a financial institution operates, the financial institution must also ensure that subsidiaries abroad comply with AML/CFT requirements of the country of origin.

Page 11 of 23

Central Bank of Jordan Efforts to Meet Financial Inclusion Jordan’s National Financial Inclusion Strategy (NFIS) is generally based on a set of priority policy areas, three of which are the main pillars of the industry: microfinance, digital financial services, and small and medium-sized enterprises (SMEs) financing. Four areas are considered to facilitate the development of industries and make them more powerful:

Financial technology

Consumer financial protection and financial capabilities

Data and research

Laws, regulations, and instructions While financial inclusion targets all segments of the population and micro, medium, and small enterprises, Jordan’s financial inclusion system pays particular attention to some priority sectors, which are traditionally the most vulnerable groups with lower levels of financial inclusion: fewer than 40% of households in terms of income in the so-called bottom pyramid; women; youth (15 to 24 years in general, and 15 to 18 years in particular), and refugees.1 Jordan recognizes that financial inclusion is essential for achieving sustainable and integrated growth in the Kingdom. The Jordanian government is committed to building a strong and sound infrastructure, as well as developing the legislative and legal frameworks needed to apply a comprehensive financial system. The Central Bank of Jordan has taken the lead in this process, with the support of its public and private sector partners, to ensure cooperation in the development and implementation of a series of initiatives. The Central Bank of Jordan is one of the pioneers of the concept of financial inclusion in the Middle East, because it highlights this concept and makes it an absolute priority for publication. The box below demonstrates the journey of developing the National Financial Inclusion Strategy in Jordan:2

• On November 19, 2015, following the regional High-Level Policy Forum on “Financial Inclusion and Employment” at the Dead Sea in Jordan, the Prime Minister of the Hashemite Kingdom of Jordan formed the National Financial Inclusion Steering Committee (FISC) and called upon the CBJ to lead the process for developing and implementing the NFIS for Jordan. • FISC included key public, private, and civil society stakeholders with extensive research and technical assistance provided by GIZ. • On July 13, 2016, the Financial Inclusion Steering Committee, under the chair of the CBJ, convened for its inception meeting and endorsed the governance structure, a concept paper, and roadmap. • On September 9, 2016, on the occasion of the AFI’s Global Policy Forum for financial inclusion on the Fiji Islands, the CBJ released its Maya declaration, committing to two national goals for financial inclusion,

1. Summary of the National Financial Inclusion Strategy for Jordan. (www.cbj.gov.jo)

2. The National Financial Inclusion Strategy 2018–2020.

Page 12 of 23

namely: to increase the level of financial inclusion from 24.6% of the adult population to 36.6% by 2020, and, over the same time, to reduce the gender gap from 53% to 35%.,The CBJ committed furthermore to nine targets to achieve these goals. • On September 25, 2016, the CBJ launched the six working groups for continued multi-stakeholder consultations with all members—i.e., public, private, and civil society stakeholders—within the priority policy areas of Digital Financial Services, Microfinance, SME Finance, Financial Capabilities, Financial Consumer Protection, and Data and Research. • On November 22, 2016, on the occasion of the regional policy forum on “Advancing Women’s Financial Inclusion in the Arab World” carried out at the Dead Sea under the patronage of H.M. Queen Rania Al Abdullah, the CBJ released the Financial Inclusion Vision for the Hashemite Kingdom of Jordan. • In the first half of 2017, a diagnostic study of financial inclusion was conducted covering supply and demand sides to assess the state of access to, and usage and quality of: financial services; the regulatory, physical, and commercial barriers thereto; and the gender, socio-economic, demographic, and geographic usage specifics and needs. • On December 4, 2017, NFIS for 2018-2020 was launched.

Financial Access Statistics in Jordan3 Money Transfers (Payments and Remittances) Overall, 18.3% of adults sent or received payments through digital channels in the past year. Although electronic methods to make payments—such as debit cards, credit cards, and internet and mobile banking platforms—are not heavily used, these tools are being used with increasing frequency over time as the payment infrastructure develops, as financial institutions devote more attention to these services, and as customers become more comfortable with them. Remittances through formal channels are already a relatively popular form of sending money, although informal cash transfer methods continue to enjoy widespread usage as well. Card Products The availability and usage of debit cards is increasing, but debit cards are not being used frequently to make payments. Although debit cards are held by 27.2% of adults, only 2.8% of adults used their debit cards to make a purchase in the past year. Since 26% of adults reported that they use their debit cards at least once per year, customers are primarily using their debit cards just to withdraw money from ATMs. The rate of credit card ownership (4.8%) is much lower than debit card ownership, but credit cards are more used than debit cards (4% of adults indicated they used their credit cards in the past year) and more likely used to make payments. Online Transactions Five-and-a-half percent of adults in Jordan used the internet to buy something online or pay bills online in 2017, up from 2.5% in 2014. Increased ownership and use of card products could lead to higher rates of online payments and could increase usage of internet banking and mobile banking services. Mobile banking is more popular than internet banking, although neither is used widely yet. Just 1.4% of adults had internet banking, 2.1% had mobile banking, and usage of these services (at

3. The National Financial Inclusion Strategy 2018–2020.

Page 13 of 23

least once per year) was even lower at 1.2% and 1.6% of adults, respectively. Low financial and technological literacy plays a key role in this limited use. Enhanced ease of use, functionality, and promotion of internet and mobile banking platforms could contribute to higher usage rates. Remittances In terms of domestic remittances, 23.4% of adults used some form of formal remittances services in the past year. When informal remittances are included, namely through sending cash by hand, the usage rate jumps to 42.3%. People in Jordan are slightly more likely to receive than send remittances, with 33.9% of adults having received, and 25.2% having sent, remittances. However, the gap narrows to just 14.9% for receiving vs. 14.7% for sending when considering only formal channels. A more detailed breakdown of the means of transfer reveals that cash is the most popular (15.3% of adults sent cash, and 24.8% received cash), followed by banks or other formal financial institutions (9.2% vs. 5%), currency exchange offices (7.7% vs. 7.1%), and other methods of transfer, such as money transfer services. These include Western Union (1% vs. 1.2%), the post office (0.7% vs. 0.2%), mobile phone applications (0.3% vs. 0.2%), and internet payment services, such as PayPal (0.2% vs. 0.2%). In terms of corridors for remittances, Saudi Arabia, the United Arab Emirates (UAE), and the United States are the main countries for inflows, while Egypt, the West Bank and Gaza

destinations, and Syria are the primary destinations. These results closely reflect the patterns of worker migration, with many Jordanians traveling to Saudi Arabia and the UAE to work, and large numbers of immigrants from Egypt, the West Bank, and Syria coming to Jordan to work, or as refugees. In regard to withdrawals and deposits, monthly account usage has increased from 2014 to 2017. The share of adults who do not make any withdrawals or deposits in a typical month dropped from 22.4% to 15.4%, and from 39.1% to 32.8%, respectively. However, most people report making only one to two withdrawals or deposits a month, while high-frequency usage of three or more times is relatively uncommon. This finding is supported by interview feedback suggesting that most people cash out all of their monthly receipts (such as salaries and remittances) in a single monthly operation and continue to use cash on a daily basis. The CBJ launched a multi-stakeholder national political process to improve the formal financial inclusion of the entire population, especially among low-income sectors, women, youth, refugees, and micro, small, and medium-sized enterprises. The goals for National Financial Inclusion in Jordan are to:

increase the level of financial inclusion from 24.6% in terms of account ownership by the adult population (Global Findex 2014) to 36.6% by 2020; and

raise and improve the gender gap from 53% to 35%.

Page 14 of 23

Audit Impact Overview High levels of financial inclusion will achieve many social benefits, but will also add pressure to regulators and institutions. The term “underserved clients” refers to a very diverse group of people with very different client risk profiles. Clients have a different risk profile, and as a result, regulators and institutions cannot classify all customers as low-risk customers, simply because they are financially excluded. As a result, there will be a need for risk assessment and customer care procedures if these institutions have to differentiate between groups of unrated clients. Challenges for identifying and verifying customer information is the important issue here, and it varies according to the ability of the institution to implement customer due diligence measures. The regulator should balance the objectives of AML/CFT and financial inclusion by allowing simplified measures to customer due diligence with respect to products subject to strict usage restrictions. Therefore, the regulator must pay attention to these restrictions, which also affect the attractiveness of the product from a service provider and client perspective.

Audit Relevance to Financial Inclusion Audit role in ensuring that the financial institution does indeed understand and adopt the parameters of financial inclusion as laid out by the regulator of the jurisdiction in which the financial institution operates, and the quality of AML/CFT preventive measures (task fulfillment by the AML compliance officer, IT monitoring, Know-Your-Customer measures—or KYC—etc.) implemented by the financial institution. The audit procedures include detailed testing of systems and files to verify the implementation and adequacy of the financial institution’s risk assessment, CDD, and reporting and record policies and processes. One of the challenges from a financial inclusion perspective is: What do the financial institutions do with customers who are undocumented and do not have legitimate IDs? Here, the auditor’s

role is to consider how AML/CFT requirements, in particular those relating to customer identification, have been reduced or simplified to facilitate access of undocumented customers. To be fully convinced that the flexibility was appropriately applied, the auditor should know if RBA is applied before relaxing KYC for a specific low-risk customer. The auditor should be convinced that the financial institution knows its clients, with step-by-step evidence showing they’ve made sound decisions based on accurate and up-to-date data. The other challenge from a financial inclusion perspective is to verify whether the financial institution has implemented its record-keeping obligations. Issues such as how compliance is ensured to fulfill this obligation, and whether competent authorities that follow a due legal process to seek records from the financial institution are able to access relevant information and evidence in a timely fashion, should also be analyzed. Another challenge is the transaction monitoring issue as essential requirements of a traditional compliance program, to help reveal unusual patterns of customer activity. The auditor should

Page 15 of 23

test whether a well-designed software is in place, in order to enable the financial institution to continually monitor transactions in real time and to screen these against the historical activity, and customer profiles to quickly identify areas of concern.

Audit of Financial Inclusion Services Efficient Board of Director and Senior Management Oversight

The board of directors has established a comprehensive AML/CFT program and has approved AML/CFT policies and procedures that are more than adequate.

Comprehensive and reliable MIS (management information system) is in place. MIS is effective in providing assurance that the AML/CFT program is operationally effective.

Risk Management Program Comprehensive risk management systems are in place to effectively identify and control all ML/FT risks posed by the business, including but not limited to risks connected to customers, products/services, client, geographic location, and distribution channels. The implementation of risk management systems is highly consistent and effective.

Sound AML/CFT Policies and Procedures The policies and procedures are comprehensive, including for handling high-risk

customers, high-risk business, high-risk products/services, and hiring the institution’s staff.

The implementation of policies and procedures is highly consistent and effective, including but not limited to: customer acceptance; updating of customer data; record keeping; monitoring and reporting of STRs; and handling of high-risk customers, business, products and services, delivery channels, and geographic areas.

Robust Internal Controls and Compliance Function A comprehensive system and procedures for internal control are in place. The

implementation of internal control is highly effective.

There is an effective, independent, and adequately resourced compliance function that is Board approved. The compliance function reports to the Board or Board committee, and its functions are highly consistent and effective. The ability of the compliance officer to manage the money laundering and terrorist financing prevention program.

Control and monitoring of transactions, in accordance with the risks to which the institution is exposed.

Internal reporting of potentially suspicious transactions.

Sufficient controls and monitoring systems for the timely detection and reporting of a suspicious transaction.

Resources Budget: Board and management have approved and provided sufficient financial and

other AML/CFT resources consistent with the institution’s evolving needs and risks.

Staff and training: The financial institution’s staff is highly competent and trained in AML/CFT and in adequate numbers. A comprehensive and highly effective training program is in place. Hiring procedures are designed to attract professional and ethical staff, and the vacation policy is strictly enforced.

Page 16 of 23

Audit Framework As part of the AML/CFT obligations, financial institutions are required to develop internal control programs against money laundering and terrorist financing. The auditing framework should be appropriate in light of the risk of money laundering and terrorist financing, and the size of the business. This framework generally should include the development of internal policies, procedures, and controls, with the existence of appropriate compliance management arrangements, adequate screening procedures, record keeping, and an ongoing employee training program. The auditing framework should verify that the institution’s framework of internal controls includes, but is not limited to:

Providing increased focus on a financial institution’s operations (products, services, customers, and geographic locations) that are more vulnerable to abuse by money launderers and other criminals.

Providing review of the risk assessment and management processes for the regulators, taking into account the environment within which the financial institution operates and the activity in its market place.

Appropriate risk-based transaction testing to verify adherence to the AML/CFT CDD, and record keeping and reporting requirements.

Designating an individual or individuals at the management level who are responsible for managing AML/CFT compliance.

Providing an AML/CFT compliance function and review program.

Ensuring that adequate controls are in place before new products are offered.

Implementing risk-based customer due diligence policies, procedures, and processes.

Providing adequate controls for higher risk customers, transactions, and products as necessary, such as transaction limits or management approvals.

Enabling the timely identification of reportable transactions and ensuring accurate filing of required reports.

Incorporate AML/CFT compliance into job descriptions and performance evaluations of appropriate personnel.

Providing appropriate training to be given to all relevant staff.

Testing Related to Financial Inclusion

Testing policies and procedures related to CDD measures:

Depending on the level and nature of risk identified, customer identification has been identified and verified using source documents, information, or reliable and independent information according to risk classification.

Reasonable steps have been taken to identify the beneficial owner.

The financial institution understands and obtains information, as appropriate, on the purpose and intended nature of the business relationship.

Testing policies and procedures related to record keeping, monitoring, and reporting:

Page 17 of 23

There is an appropriate transaction monitoring system appropriate for the size, activities, and complexity of the financial institution, as well as the risks at that institution. Effective monitoring may require automation of the monitoring process. The financial institution must analyze the direction of transaction activity and identify unusual business relationships and transactions to prevent ML or FT.

Procedures to monitor and review transactions involving money orders and money transfers are in place, to better identify those transactions that might be suspicious, high risk, or otherwise out of the ordinary, and may require special record keeping or reporting, such as a SAR or CTR.

Ensuring that transactions are reviewed and monitored on a regular basis. Depending on the amount of transactions and the system of the financial institution's establishment, monitoring can occur daily, weekly, or monthly.

Ensuring that records of clients’ identities are kept, the supporting evidence of verification of identity, the financial institution’s business relationships with them, and details of any occasional transactions and details of the monitoring of the relationship. These records must be kept for five years after the end of the relevant business relationships or completion of the transactions. Care is needed to ensure retention of historic, as well as current, records. Records relating to both internal reports and SARs are stored securely for at least the same period.

Ensuring that the bank’s documents, data, or information collected under the CDD process is kept up to date and relevant by undertaking reviews of existing records, particularly for higher risk categories of customers or business relationships.

An appropriate training for employees on identifying and recording required information for an SAR or CTR is an important issue.

Testing policies and procedures related to services:

While technology is going to be the biggest game changer from a financial inclusion standpoint, what needs to be kept in mind is that the effectiveness of this channel is inversely related to the vulnerability threats inherent within them. An example of bank wallets may be very apt, given the increased competition banks are facing for the payment service providers and the upcoming payment banks. While bank wallets are gaining importance, it is also important to make sure the channel is secure from fraudsters, and that customers do not experience a loss on account of a weak design. The audit could play a very proactive role with respect to such innovations, where a special review may be conducted prior to the product rollout to identify design gaps upfront, thereby avoiding leakages from such customer wallets and protecting the reputation of the bank.

Auditing of the program that established to monitor funds transfer procedures and the founding of appropriate monitoring mechanisms, also an adequately implementing of that program to monitor funds transfers for suspicious activity, and obtaining sufficient information to determine if it was necessary to file a SAR or not.

Page 18 of 23

Conclusion Financial inclusion and AML/CFT have now been recognized as complementary and mutually supportive. The implementation of measures that will allow more individuals to use formal financial services will increase the scope and effectiveness of AML/CFT systems. Growth in financial inclusion has not led to significant risk or compromised financial sector safety. However, it is necessary to monitor new technologies and payment tools in order to understand weaknesses and adopt AML/CFT to control the new financial services, so they remain safe. The aim is to have anti-money laundering and terrorist financing controls that are effective and proportionate to the specific risks of these services, not overstretched or insufficiently rigorous. One of the main obstacles to provide financial services or financial products that are suitable for unbanked customers is the lack of reliable identity documents and verification of data. Low-income people or displaced persons, such as refugees, often lack proper identification documents, and therefore cannot meet the “traditional” customer’s due diligence requirements. The risk-based approach allows for a certain degree of flexibility to provide access to regulated basic financial products for a larger proportion of the population. The RBA is essential, because it recognizes the wide diversity between the potential exposure of countries to money laundering and the financing of terrorism, and invites those responsible for policy formulation at the national level to identify, evaluate, and understand their own specific risks. The RBA is particularly critical in designing a money laundering and terrorist financing system that tends to be financially inclusive, because it provides the flexibility to adapt risk mitigation policies to the specific nature, levels, and types of market-specific risks. Financial institutions covered by the AML/CFT regime should be applied to the RBA. When countries identify lower risks, they may decide to allow “simplified measures” for certain FATF Recommendations under certain conditions. The concept of simplified measures comes in an important manner with many relevant AML/CFT issues for financial inclusion, particularly the CDD issue. The size and speed of change in the business model requires a fundamental change in the auditor’s framework, so that the auditor’s work remains timely and appropriate. The auditor should expect a curve in terms of his or her ability to assess and interact with new risks, requiring changes in staff models based on traditional skillsets and hierarchies. Auditors should also take advantage of intensive automation and more effective audit techniques. The auditor’s review should concentrate on high-risk areas and a comprehensive set of continuous surveillance techniques, rather than standard reviews of each entity, to ensure integrity and allow rapid response when increasing risk. As digital innovation increases in institutions, new risks will be introduced through digital change programs, social networking, and cloud computing. Cybersecurity risks and data protection will increase. Auditors need to adapt and adjust risk assessments, audit plans, and audit methods.

Page 19 of 23

References Address to the Plenary Meeting of the Financial Action Task Force. Strengthening financial integrity through

financial inclusion. http://www.fatf-gafi.org/fr/publications/inclusionfinanciere/documents/unsgsa-20-june.html?hf=10&b=0&s=desc(fatf_releasedate)

Ahamed, M. M., & Mallick, S. K. (2017). Is financial inclusion good for bank stability? International

evidence. Journal of Economic Behavior & Organization. editorialexpress.com/cgi-bin/conference/download.cgi?db_name=RESConf2016&paper_id=120.

Allen, F., Demirguc-Kunt, A., Klapper, L., & Peria, M. S. M. (2016). The foundations of financial inclusion:

Understanding ownership and use of formal accounts. Journal of Financial Intermediation, Vol. 27, pp. 1–30.

Arun, T., & Kamath, R. (2015). Financial inclusion: Policies and practices. IIMB Management Review, Vol. 27, No.

4, pp. 267-287. Badal-Valero, E., Alvarez-Jareno, J. A., and Pavía, J. M. (2018). Combining Benford’s Law and machine learning to

detect money laundering. An actual Spanish court case. Forensic science international, Vol. 282, pp. 24–34.

Bose, S., Saha, A., Khan, H. Z., & Islam, S. (2017). Non-financial disclosure and market-based firm performance:

The initiation of financial inclusion. Journal of Contemporary Accounting & Economics, Vol. 13, No. 3, pp. 263–281.

Chauvet, L., & Jacolin, L. (2017). Financial inclusion, bank concentration, and firm performance. World

Development, Vol. 97, pp. 1–13. Colladon, A. F., & Remondi, E. (2017). Using social network analysis to prevent money laundering. Expert

Systems with Applications, Vol. 67, pp. 49–58. Compin, F. (2008). The role of accounting in money laundering and money dirtying. Critical Perspectives on

Accounting, Vol. 19, No. 5, pp. 591–602. Compliance risk management programs and oversight at large banking organizations with complex compliance

profiles. (2008). The Federal Reserve. available athttps://www.federalreserve.gov/boarddocs/srletters/2008/SR0808.htm

Consolidated FATF standards on information sharing: Relevant excerpts from the FATF Recommendations and

interpretive notes. (2017). FATF. www.fatf-gafi.org/media/fatf/documents/recommendations/pdfs/Consolidated-FATF-Standards-information-sharing.pdf.

De Koker, L., & Jentzsch, N. (2013). Financial inclusion and financial integrity: Aligned incentives? World

development, Vol. 44, pp. 267–280. Demetis, D. S. (2018). Fighting money laundering with technology: A case study of Bank X in the UK. Decision

Support Systems, Vol. 105, pp. 96–107.

Page 20 of 23

Dolar, B., & Shughart II, W. F. (2011). Enforcement of the USA Patriot Act’s anti-money laundering provisions:

Have regulators followed a risk-based approach? Global Finance Journal, Vol. 22, No. 1, pp. 19–31. Dreżewski, R., Sepielak, J., & Filipkowski, W. (2012). System supporting money laundering detection. Digital

Investigation, Vol. 9, No. 1, pp. 8–21. Dreżewski, R., Sepielak, J., & Filipkowski, W. (2015). The application of social network analysis algorithms in a

system supporting money laundering detection. Information Sciences, Vol. 295, pp. 18–32. FATF Gafi. (2008). Financial Action Task Force, pp 5-9. www.fatf-gafi.org. FATF Guidance: Anti-money laundering and terrorist financing measures and financial inclusion. (2013).

www.fatf-gafi.org/media/fatf/documents/reports/AML_CFT_Measures_and_Financial_Inclusion_2013.pdf.

FATF Guidance: Anti-money laundering and terrorist financing measures and financial inclusion – With a

supplement on customer due diligence. (2013-2017). www.fatf-gafi.org/media/fatf/content/images/Updated-2017-FATF-2013-Guidance.pdf.

FATF Guidance: Private sector information sharing. (2017). www.fatf-

gafi.org/media/fatf/documents/recommendations/Private-Sector-Information-Sharing.pdf.

Financial inclusion diagnostic study in Jordan 2017, synthesis report. (2017). Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH and Central Bank of Jordan. www.cbj.gov.jo/EchoBusv3.0/SystemAssets/PDFs/2018/Financial%20Inclusion%20Diagnostic%20Study%20in%20Jordan%202017.pdf.

Fungáčová, Z., & Weill, L. (2015). Understanding financial inclusion in China. China Economic Review, Vol. 34, pp.

196–206. Gao, S., and Xu, D. (2009). Conceptual modeling and development of an intelligent agent-assisted decision

support system for anti-money laundering. Expert Systems with Applications. Vol. 36, No. 2, pp. 1493–1504.

Ghosh, S., & Vinod, D. (2017). What constrains financial inclusion for women? Evidence from Indian micro

data. World Development, Vol. 92, pp. 60–81. Gikonyo, C. (2018). Rationalising the use of the anti-money laundering regime in tackling Somalia's piracy for

ransoms. International Journal of Law, Crime and Justice, Vol. 52, pp. 155–164. Gilmour, N. (2016). Understanding the practices behind money laundering – A rational choice

interpretation. International Journal of Law, Crime and Justice, Vol. 44, pp. 1–13.

The Global Findex Database 2017 Measuring financial inclusion and the Fintech Revolution. (date). The World Bank Group. Available at http://documents.worldbank.org/curated/en/332881525873182837/pdf/126033-PUB-PUBLIC-pubdate-4-19-2018.pdf

Page 21 of 23

Gnutzmann, H., McCarthy, K. J., & Unger, B. (2010). Dancing with the devil: Country size and the incentive to tolerate money laundering. International Review of Law and Economics, Vol. 30, No. 3, pp. 244–252.

Goel, S., & Sharma, R. (2017). Developing a financial inclusion index for India. Procedia Computer Science, Vol. 122, pp. 949–956.

Gwalani, H., & Parkhi, S. (2014). Financial inclusion-building a success model in the Indian context. Procedia-Social

and Behavioral Sciences, Vol. 133, pp. 372–378. Hamin, Z., Omar, N., & Hakim, M. M. A. (2015). When property is the criminal: Confiscating proceeds of money

laundering and terrorist financing in Malaysia. Procedia Economics and Finance, Vol. 31, pp. 789–796. International standards on combating money laundering and the financing of terrorism and proliferation: The

FATF Recommendations. (2012). FATF Guidance. www.fatf-gafi.org/media/fatf/documents/recommendations/pdfs/FATF%20Recommendations%202012.pdf.

Iqbal, B. A., & Sami, S. (2017). Role of banks in financial inclusion in India. Contaduría y Administración, Vol. 62,

No. 2, pp. 644–656. Isa, Y. M., Sanusi, Z. M., Haniff, M. N., & Barnes, P. A. (2015). Money laundering risk: From the bankers’ and

regulators’ perspectives. Procedia Economics and Finance, Vol. 28, pp. 7–13. Isern, J & Koker, L. D. (2009). AML/CFT: Strengthening financial inclusion and integrity. CGAP.

cgap.org/research/publication/amlcft-strengthening-financial-inclusion-and-integrity. Jayasree, V., & Siva Balan, R. V. (2017). Money laundering regulatory risk evaluation using Bitmap Index-based

Decision Tree. Journal of the Association of Arab Universities for Basic and Applied Sciences, Vol. 23, No. 1, pp. 96–102.

Kabakova, O., & Plaksenkov, E. (2018). Analysis of factors affecting financial inclusion: Ecosystem view. Journal of

Business Research, Vol. 89, pp. 198–205. Kim, D. W., Yu, J. S., & Hassan, M. K. (2018). Financial inclusion and economic growth in OIC countries. Research

in International Business and Finance, Vol. 43, pp. 1–14. Koker, L. D. (2011). Aligning anti-money laundering, combating of financing of terror and financial inclusion:

Questions to consider when FATF standards are clarified. Journal of Financial Crime, Vol. 18, Iss. 4, pp. 361–386.

Yorulmaz, R. (2018). An analysis of constructing global financial inclusion indices. Borsa Istanbul Review. Loayza, N., Villa, E., & Misas, M. (2017). Illicit activity and money laundering from an economic growth

perspective: A model and an application to Colombia. Journal of Economic Behavior & Organization. Loomis, J. M. (2018). Rescaling and reframing poverty: Financial coaching and the pedagogical spaces of financial

inclusion in Boston, Massachusetts. Geoforum, Vol. 95, No. 143–152. Lyman, T. & Noor, W. (2014). AML/CFT and financial inclusion: New opportunities emerge from recent FATF

action. Focus Note, 98.

Page 22 of 23

McCarthy, K. J., van Santen, P., & Fiedler, I. (2015). Modeling the money launderer: Micro theoretical arguments

on anti-money laundering policy. International Review of Law and Economics, Vol. 43, pp. 148–155. Measures of financial inclusion – A central bank perspective. (2016). IFC Report.

www.bis.org/ifc/publ/ifc_finan_inclu.pdf. Methodology for assessing compliance with the FATF Recommendations and the effectiveness of AML/CFT

systems. (2018). FATF. www.fatf-gafi.org/media/fatf/documents/methodology/FATF%20Methodology%2022%20Feb%202013.pdf.

The National Financial Inclusion Strategy 2018–2020. Available at

http://www.cbj.gov.jo/EchoBusv3.0/SystemAssets/PDFs/2018/The%20National%20Financial%20Inclusion%20Strategy%20A9.pdf

Neaime, S., & Gaysset, I. (2018). Financial inclusion and stability in MENA: Evidence from poverty and inequality.

Finance Research Letters, Vol. 24, pp. 230–237. Nikolosk, S., & Simonovski, I. (2012). Role of banks as entity in the system for prevention of money laundering in

the Macedonia. Procedia-Social and Behavioral Sciences, Vol. 44, pp. 453–459. Norton, S. D. (2018). Suspicion of money laundering reporting obligations: Auditor compliance, or sceptical

failure to engage? Critical Perspectives on Accounting, Vol. 50, pp. 56–66. Oslo. (2013). UN Secretary-General’s Special Advocate for Inclusive Finance for Development. Available at

https://www.fatf-gafi.org/media/fatf/documents/speeches/2013%2006%2020%20UNSGSA%20address%20FATF%20Plenary.pdf

Overcoming your anti-money laundering challenges. Online Gaming. available at

https://www.pwc.com/mt/en/publications/assets/online_gaming_-_overcoming_your_anti-money_laundering_challenges.pdf

Owen, A. L., & Pereira, J. M. (2018). Bank concentration, competition, and financial inclusion. Review of

Development Finance Vol. 8, pp. 1–17.

Ozili, P. K. (2018). Impact of digital finance on financial inclusion and stability. Borsa Istanbul Review,

Volume 18, Issue 4, December 2018, Pages 329-340

Procedures for the FATF fourth round of AML/CFT mutual evaluations. (2017). FATF. https://www.fatf-

gafi.org/media/fatf/documents/methodology/FATF-4th-Round-Procedures.pdf. Summary of the National Financial Inclusion Strategy for Jordan. Available at

http://www.cbj.gov.jo/EchoBusv3.0/SystemAssets/PDFs/AR/JANPDF/Executive%20Summary%20EN.pdf

Page 23 of 23

Vaithilingam, S., & Nair, M. (2009). Mapping global money laundering trends: Lessons from the pace setters. Research in International Business and Finance, Vol. 23, No. 1, pp. 18–30.

Vandezande, N. (2017). Virtual currencies under EU anti-money laundering law. Computer Law & Security

Review, Vol. 33, No.3, pp. 341–353.