A risk evaluation questionnaire (REQ) is an annual regulatory submission related to anti-money laundering. In 2019, the first year of the REQ, organisations generally struggled with the deadline and the Financial Intelligence Analysis Unit (FIAU) sent no less than 207 letters to subject persons who had failed to submit in time.
The REQ is a detailed questionnaire that gathers multi-faceted information so as to determine a subject person’s risks related to funding of terrorism and money laundering, including (but not limited to) information on: policies and procedures; transaction monitoring processes; customer risk assessment methodology; governance structure; internal audit function; the results of the AML/CFT business risk assessment; products and services offered; type of customers serviced; and type of transactions carried out.
Compared to the ‘annual compliance reports’, which the REQ replaced, a great deal more information needs to be gathered, especially in relation to quantitative factors.
Just as the FIAU expects subject persons to take a risk-based approach to compliance, the FIAU is increasingly taking a risk-based approach to supervision, seeking to focus on those entities most vulnerable to money laundering threats.
Waiting until the last minute to roll forward last year’s submission is not a good strategy
With this in mind, the FIAU has implemented Compliance and Supervision Platform for Assessing Risk (CASPAR), a tool which allows the FIAU to collect and analyse relevant risk-related information from multiple sources. REQs are submitted on CASPAR and based on the answers provided, the FIAU identifies which subject persons present the highest risk of money laundering and/or terrorist financing.
With March 31, 2020, being a public holiday, the REQ deadline for the 2019 return has been delayed by one day to April 1, 2020. There have also been some changes in required information since last year’s first set of returns, so waiting until the last minute to roll forward last year’s submission is not a good strategy.
Non-submission of the REQ may render the subject person liable to an administrative sanction. Given that the information in the REQ is of direct relevance to the FIAU’s supervisory priorities, it is essential that the REQ is completed adequately and in a timely manner.
The following are mandatory requirements that should be fully up to date, as they are to be referred to in your REQ: AML/CFT business risk assessment using a methodology that meets the regulator’s expectations; AML/CFT policy and procedures manual in line with applicable laws and regulations; customer risk assessment, ensuring that all criteria are appropriately considered to achieve an overall AML/CFT risk for each customer; and other policies and procedures relating to AML/CFT such as internal whistleblowing procedures and policies to assess the AML/CFT compliance framework of intermediaries, agents or introducers.
ARQ’s Risk and Compliance unit is made up of experienced professionals who work with clients to assist them in meeting their regulatory requirements by offering specialist advice, operational support and expert solutions to achieve on-going compliance. The unit can help businesses with the preparation or update of any of the mandatory requirements mentioned here.
Furthermore, ARQ offers ongoing AML/CFT support and training as well as independent audits of AML/CFT processes.
Martina Scalpello is senior manager in risk and compliance at ARQ Group.