The UIF Resolution 30E-2017 will mark a before and after in Prevention matters, as it has substantially modified its requirements, moving from a Compliance Approach to a Risk-Based Approach that each entity must define and assume.
Banks are facing a tremendous challenge and, at the same time, a great opportunity.
The "Risk-Based Approach" implies a paradigm shift in Prevention and Compliance matters, moving away from regulations like Resolution 121/2011, which explicitly defined what the Compliance Systems should do, to a norm based on the Risk of each entity.
This means that each bank must define its "Risk Profile" through a "Methodological Self-Assessment," considering not only risk factors but also the management strategy with its processes, resources, and supporting systems. It should encompass: risk by business line, sufficiency of resources, inherent risks and mitigating controls, residual risk map, and remediation plans, among other aspects.
The Self-Assessment must be approved by the Board of Directors and submitted annually to the UIF, including:
a) A Declaration of Money Laundering/Terrorist Financing Risk Tolerance, accepted risk level regarding customers, products and/or services, distribution channels, and geographic areas, along with the foundations and mitigating actions for proper monitoring and control.
b) Policies for Accepting High-Risk Clients: Procedures to apply, those responsible for acceptance, clients with whom the bank will not work, and the reasons behind these decisions.
Moreover, banks must have a Matrix that allows segmenting clients by their risk level (high, medium, or low) and defining due diligence processes according to each stratum.
To avoid potentially severe consequences, entities must quickly strive to adapt to the guidelines of Resolution 30, as there is a specific adaptation period, and the responsibility lies with the Board of Directors and/or the Highest Authority.
Among the main advantages, it is worth noting that while it requires initial effort, it will allow focusing efforts and allocating resources according to the defined risk level. Even at the level of Economic Groups, corporate management can be streamlined and defined to optimize processes.
At BDO, we provide a tailored service to the needs of each entity, as we have a team of certified professionals internationally, specialized in Risk Management and Money Laundering Prevention with extensive experience.
Why BDO?
- We have a strong development in Risk Management and Basel regulations, a fundamental pillar for the analysis and implementation of the methodology required by the UIF.
- Our interdisciplinary team of Economists, Actuaries, specialists in Comprehensive Risks, Processes, and Money Laundering Prevention allows us to offer a comprehensive solution to the requirements of Resolution 30/2017.
- We have extensive experience supporting entities in the implementation of effective AML and CFT areas and structures tailored to each need.
Our services:
- Risk Self-Assessment.
- Design of the methodology required by the UIF to define the Entity's "Risk Profile."
- GAP Analysis: Impact of Resolution 30 on Strategy, Structure, Processes, and Systems.
- Definition of Procedures according to the Risk Profile, including aspects of Simplified, Standard, Enhanced, and Ongoing Due Diligence.
- Definition of Action Plans and Procedures for the treatment of other Obligated Subjects and Due Diligence of Entities Supervised by other control bodies.
- Development and/or Adaptation of Policies and Procedures defined for implementation and monitoring by those responsible.
- Design and implementation of "Transactional Profiles," "Risk Matrices," and Alert and Monitoring Systems. Functional Consulting in the implementation of Technological Tools for AML and CFT.