Course Syllabus Audience The primary target is the frontline analyst, teaching skills that benefit new and experienced employees, especially as regulator and market expectations increase. This course assumes the employer has already introduced that organization s unique roles, processes, systems, and common cases, and this course will not conflict with those. To bring all learners to a shared baseline of terminology, concepts, and processes, the course starts with the Essentials video and then builds from there. The course is written and presented by subject matter experts working around the world. It pulls examples from many countries, and is globally appropriate. The lessons and examples are relevant to any industry. A primary focus is financial institutions, including banks, credit unions, asset managers, insurance, MSB, securities broker-dealers, credit card issuers, alternate payment systems, etc. Course structure ACAMS allows you 4 calendar weeks to complete 4 hours of coursework, including a final assessment. You will be guided using a learning path on ACAMS learning management system (LMS). Follow carefully all instructions. Live virtual classroom events are pre-scheduled before you purchase the course. 4 weeks from the course start date your access expires. One Two Assignment Format Download from LMS 30 mins VIDEO Video: Self-paced, available anytime PDF quick reference Essentials 90 mins VIRTUAL Live event: See LMS for date/time. PDF slides CLASSROOM Later a recording will be on the LMS. Three 90 mins VIRTUAL CLASSROOM Live event: See LMS for date/time. Later a recording will be on the LMS. PDF slides Four 15 mins HOMEWORK 15 mins ONLINE ASSESSMENT Self-paced, available anytime Self-paced, available anytime PDF assignment PDF ACAMS certificate To earn the certificate you must pass the assessment within the 4 weeks. The assessment has 20 questions. The minimum passing score is 80%. Multiple attempts are allowed. When you pass, your ACAMS Certificate will be available in the learning path itself. Click to download a PDF. ACAMS will automatically add 4 CAMS Credits to your profile. Technical requirements The course is compatible with most operating systems and browsers to make it easy to participate. The video, homework, and final assessment are mobile-friendly. The virtual classroom uses Webex Event Center which currently does not support mobile devices. The ACAMS Learning Management System (LMS) is https://acams.exceedlms.com. Contact your organization s IT department for assistance. page 1
Better identify unusual customer activity so you can more effectively control and report it. Behavioral outcomes of this course: 1. Recognize situations that would trigger alerts 2. Apply controls to monitor transaction activity 3. Detect unusual activity, generate alerts and investigate whether there is suspicious activity 4. Continually refine alert thresholds to assure quality and continuous improvement Course content 1) Introduction a) The purpose of AML transaction monitoring is to provide ongoing identification of unusual activity from customer transaction data b) Process: i) This is usually a three-stage process which includes: (1) Validate initial fundamentals of the alert (such as whether true cash is involved or other factors which may impact the validity) (2) Escalate for initial investigate review (3) The SAR/no SAR decision is made based on a recommendation from the previous step c) Learning Objectives Overview: Upon completion of this learning experience, you will be able to: i) Recognize situations that would trigger alerts ii) Apply controls to monitor transaction activity iii) Detect unusual activity, generate alerts and investigate whether there is suspicious activity iv) Continually refine alert thresholds to assure quality and continuous improvement 2) Recognize situations that would trigger alerts a) Customer Types i) Shell Companies ii) Nonbank Financial Institutions (NBFIs) (1) Money Service Businesses (i) Dealer in foreign exchange (ii) Check casher (iii) Issuer or seller of travelers checks and money orders (iv) Money Transmitter (v) Provider or seller of prepaid access (2) Brokers or dealers in securities (3) Finance / Loan companies (4) Financial Service Intermediaries such as Investment Advisors (5) Insurance Companies (6) Real Estate closing and settlement services (7) Casinos (8) Gaming Operations (9) Dealers in precious metals, stones, or jewels (10) Dealers in high value art (11) Dealers in planes, cars, and boats (12) Pawnbrokers (13) Travel agents page 2
iii) Cash-Intensive small business (a) Vending companies (b) Car washes (c) Restaurants, taverns, bars, and nightclubs (d) Liquor stores, Off licenses (e) Laundromats/Launderettes (f) Taxi services and parking garages (g) Convenience stores (h) Gas stations, Auto Repair Garages (i) Cigarette distributors (j) Adult entertainment (k) Marijuana dispensaries, where legal in the US iv) Vehicle Sellers v) Trusts vi) Professional Service Providers vii) Charities / Non-Government Organizations viii) Politically Exposed Persons (PEPs) b) Countries c) Products i) Monetary Instruments ii) Electronic Funds Payment Services iii) Credit Cards iv) Internet Banking v) Prepaid Cards vi) Private Banking vii) Virtual Currency viii) Trade Finance ix) Foreign Correspondent Banking x) Securities xi) Insurance d) Channels e) Benefits of effective transaction monitoring i) Personal ii) Employer iii) Society 3) Apply controls to monitor transaction activity a) Create customer profile i) Determine risk based on Customer Risk Rating Model (1) Develop criteria for monitoring (apply greater controls where risks are higher) (2) KYC-CDD information (probably has already been established) (a) Nature and Purpose of business, source of funds (b) Expected transaction size, type, frequency (c) Recognize that a customer s profile may change after becoming a customer (i) Examples (Enhanced Due Diligence, EDD) ii) Process for notifying/feedback to KYC-CDD department (KYC profile in database would be updated electronically. Could be by many people triage, SAR, etc.) b) Monitor transactions i) Automated systems or manual (1) Automated systems are common for large organizations ii) Need to know how to analyze and interpret regardless of the method iii) Rules and thresholds page 3
4) Detect unusual activity/generate alerts and investigate whether there is suspicious activity a) Activities that would generate an alert (alert to SAR ratio typically ranges from 2-8%. AKA conversion rate. ) i) Sources of information/identification of unusual activity (1) Employee identified (2) Law Enforcement inquiries (3) Other referrals (4) Transaction and surveillance monitoring systems ii) Be alert for any unusual activity (1) Analysts will rely more heavily on the source of the alert (2) With regard to high-risk customers (3) Transactions (4) Jurisdictions iii) Is the account activity what we expected? (1) Need to understand the customer s actual business (2) Need to understand the way the customer interacts with the financial institution b) Clear alerts i) Once cases are identified ii) Before making a decision, it needs to be supported by a justification (based on the known/gathered facts and an understanding of the risks involved) c) Red Flags i) Unusual patterns ii) Unusual payments (1) Make business sense but are moving in the wrong direction iii) Asset Movement (securities) d) Investigate i) Do the transactions make sense for the customer? (1) Some would get cleared right away based on the customer (a) Example: a wire transaction that exceeds the amount in their peer group (b) OK to clear if it s ordinary and expected ii) 314B-Determine source of funds from another institution iii) Do the transactions make sense based on the customer s peers? iv) Is there information to support a reasonable explanation for the activity? v) Should the client be contacted for further information? (1) If so, who reaches out? Usually the Relationship Manager/branch manager who has the relationship not the TM team (2) Script for the relationship manager to use (3) What NOT to do (4) Non responses (5) Next steps e) Report suspicious activity i) SAR/STR (1) If suspicious activity cannot be ruled out (2) Process for completing a SAR/STR (3) Sign-off/accountability f) Making the decision to close the account i) When this is justified ii) Who decides? (1) Individual (2) Committee g) Scenarios: What would you do? page 4
i) Clear alert ii) Do more research iii) Draft/Recommend a SAR 5) Continually refine alert thresholds to assure quality and continuous improvement a) Common mistakes and how to avoid them i) The importance of credible and reliable evidence ii) Investigator needs to be able to provide rationale for the behavior/activity, or iii) Escalate to the appropriate person(s) b) Testing and Evaluation of TM i) How to tune ii) What documentation do you need for tuning? iii) When should you tune (how often) iv) Test environment page 5