You asked: “How does our AFC audit compare to our peers?” and “What are the common themes you see in audits?”
We answered….
When conducting anti-financial crime (AFC) audits, our clients often look to understand how their results compare to peer firms across the industry. In fact, when we shared our common audit findings in our ‘Priorities for 2024’ webinar, we fielded a number of questions on what typical audit findings tend to uncover, to help firms understand if they are doing better or worse than average. To assist firms in understanding how their audit compares to other firms, FINTRAIL audit reports now include peer benchmarking for our larger audits.
While there are certainly no ‘one-size-fits-all’ audit results, having looked back over our audits for the past 12 months we have seen similar findings cropping up repeatedly across firms. And when you compare these to a summary of last year’s findings from the Financial Conduct Authority’s (FCA) Priorities for Payment Firms and the European Banking Association’s (EBA) Report on ML/TF risk associated with Payment Institutions, there are common themes from a regulatory perspective that align with what we see in practice when conducting audits.
The table below compares the feedback shared by the key regulatory bodies alongside common findings from FINTRAIL’s audits by thematic areas. Any firm subject to an AFC audit in 2024 should look at these findings against their control framework, assess if any of them could be relevant to their business and consider if they need to embark on any remedial work before their next audit.
When you compare the feedback from regulators with the analysis we have undertaken across the audits we have conducted, we see the same areas consistently appearing in our audit findings. Screening, CDD, governance, risk assessment and transaction monitoring are the control areas where we see the highest number and highest severity of findings. While this observation does not diminish the importance of findings in other areas - e.g. assurance or training - it does reflect that firms often still struggle with the effectiveness of core control areas.
FINTRAIL’s peer benchmarking can compare how your control areas map against peers in the industry and use an audit score reflecting the number of recommendations and the priority level to show where your firm sits in comparison to similar firms. The graph below is an example of how this is portrayed within our audit report. The blue columns represent the average number of findings weighted by priority level across all audits FINTRAIL has conducted over the last 18 months. The black dotted line represents where your firm sits. If your audit findings fall within the blue columns, your firm is in line with, or exceeding, industry standards. If they fall above this, this indicates areas that should be a key focus for your firm.
Whether it is used for your own personal insight, or to include in the audit report you provide to your board or banking partners, this snapshot of your firm compared to your peers can be a powerful indicator of the effectiveness of both the individual components of your control framework, and the framework as a whole.
With the FCA announcing that it will deploy “greater assertiveness in preventing those who can’t or won’t meet [their] standards entering into or remaining in the regulated sector”, the power of an audit in improving a financial crime framework, while also strengthening your position in future regulatory engagement, is immense.
At FINTRAIL, we conduct both enterprise-wide financial crime audits and targeted assessments of specific controls or risk areas. These reviews can cover the full gamut of financial crime risks, with particular focus on AML, terrorist financing, sanctions evasion, and fraud.