Any category of transaction still entered in the Single Database manually must be entered using automated procedures within the shortest time possible. The registration procedures must permit searches to be carried out at any time.
3. Internal controls
3.1 The system of internal controls
To ensure management integrity and autonomy, some sectoral provisions require intermediaries subject to supervision to prepare an effective system of internal controls for the measurement and management of risks. The latter include “money-laundering risk”.
The system of internal controls constitutes an indispensable instrument for the defence of the company’s integrity and autonomy.
The preparation of adequate organizational measures and the correct implementation of the procedures for analyzing suspicious transactions are subject to controls, including on-site inspection, by the sectoral supervisory authorities and the UIC.3
The controls most relevant for the anti-money-laundering purposes are line controls to ensure correct execution of transactions and reliability of data flows and periodic controls entrusted to the board of auditors and, where they are present, internal auditors and independent auditors.
Line controls must identify the safeguards necessary to ensure adequate procedures for data acquisition and processing. These procedures must be tested periodically.
Timely and exhaustive data flows that can correctly portray management events are of crucial importance for compliance with the anti-money-laundering provisions. The data collected in the customer register — the basic data base in which even occasional users of the intermediary are entered — must be carefully protected. Every action that might be detrimental to the maintenance of the data in the database must be assessed by a control structure.
The growing use in the financial field of distributive channels based on distance communication, such as the Internet, can increase the risk of intermediaries being involved in money-laundering. The geographic dispersion and the depersonalization of relationships make it more difficult to know the customers’ economic conditions and the motivations of the transactions they request.
Intermediaries shall verify that the information systems they adopt allow the status of customer relationships to be immediately updated, enable the decision-making bodies to be promptly informed and tend to permit information sharing within the company. Intermediaries that operate extensively in these sectors must therefore activate appropriate controls to check the provenance of financial resources and acquire basic information on the nature of transactions, especially where significant amounts are involved.
3Controls on intermediaries not authorized to carry out transfers involving a significant amount are performed by the special foreign exchange unit of the Finance Police.