The customer due diligence (CDD) rule went into effect May 11, 2018. Now that firms have had sufficient time to make any necessary changes needed to implement the rule, it is likely that regulators will focus on CDD implementation within examinations.

Robotic Process Automation (RPA) refers to the use of software to perform repetitive, routine tasks that are considered monotonous and uninteresting to humans.In its simplest definition, RPA is:

Today, many financial institutions are changing the anti-money laundering (AML) technology platform they use to perform required compliance processes, such as transaction monitoring and sanctions screening. Once the process has started, there are important considerations around data migration that must be managed correctly.

The Financial Crimes Enforcement Network issued an advisory to remind financial institutions that updates the FATF made to their list of jurisdictions that have strategic AML/CFT deficiencies may affect their obligations with respect to these jurisdictions and that they should consider the impact these updates have on the institution’s risk-based approach.

On June 17, 2019, The Institute of Internal Auditors (the IIA) released an Exposure Draft (the Draft) on a study being conducted to review and modernize the Three Lines of Defense Model (3LoD). The Draft has been released for public comments from June 20, 2019 and September 19, 2019 and reflects the thoughts and analysis of a working group, chaired by Jenitha John, Vice Chairman of The IIA Global Board of Directors; and Chief Audit Executive, FirstRand Ltd.