Q: Are there any changes to the AML program requirements for covered financial institutions in the Rule?
A. Yes. The CDD Rule amends the AML program requirements for each covered financial institution to explicitly require covered institutions to implement and maintain appropriate risk-based procedures for conducting ongoing customer due diligence, to include:
understanding the nature and purpose of the customer relationships; and
conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.
A covered financial institution’s AML program must include, at a minimum: (1) a system of internal controls; (2) independent testing; (3) designation of a compliance officer or individual(s) responsible for day-to-day compliance; (4) training for appropriate personnel; and (5) appropriate risk-based procedures for conducting ongoing CDD to understand the nature and purpose of customer relationships and to conduct ongoing monitoring to identify and report suspicious transactions, and, on a risk basis, to maintain and update customer information.