There are a number of regulatory risks associated with developing, implementing and managing an AML/CTF program Part A. Examples of these risks include:

• failure to include all the mandatory legislative components
• failure to conduct a proper ML/TF risk assessment
• failure to gain board and/or executive approval for the program
• insufficient or inappropriate employee due diligence (for example, employee screening that is not commensurate with the ML/TF risks associated with the employee's position)
• frequency and level of ML/TF risk awareness training not aligned with potential risk of exposure to ML/TF risk(s)
• changes in business function which are not reflected in the AML/CTF program (for example, no review of the program when a new product or new distribution channel is introduced)
• failure to consider feedback from AUSTRAC (for example, ignoring advice about an emerging ML/TF risk)
• failure to independently review the content, currency and application of the AML/CTF program.