Anti-Financial Crime (AFC) Handbook

one_page_board_ceo_checklist
one_page_mlro_compliance_checklist
one_page_front_office_quick_guidance
one_page_escalation_flow

• Anti-Financial Crime (AFC) Handbook
  • Part A — Core Principles & Roles
    • Purpose, scope and obligations (plain language)
      • Why AFC matters for everyone
      • Who is covered (staff, branches, outsourced providers)
      • Legal and regulatory obligations (overview)
    • Key terms in plain English (with short examples)
      • Money laundering, terrorist financing, sanctions evasion
      • UBO, PEP, adverse media, suspicious activity
    • Roles & who does what (visual org map)
      • Board & senior management responsibilities
      • MLRO/Compliance team — duties and contact points
      • Front office, Operations, Payments, Legal, IT, HR — short role cards
      • Whistleblowers and anonymous reporting channels
    • Principles for staff: risk-based approach, proportionality, confidentiality
      • Practical examples how RBA works in daily tasks
      • Do's and don'ts (practical quick rules)
  • Part B — Customer Lifecycle: Step-by-Step Processes
    • Pre-onboarding: Marketing, Sales & Lead Handling
      • Acceptable client profiles and prohibited categories
      • Pre-screening at lead stage (sanctions, PEPs, adverse media)
      • Referral/elevation triggers to Compliance before engagement
    • Onboarding process (retail & corporate / funds / trustees)
      • Stepwise onboarding flow (decision tree)
      • Required documents and verification standards
      • Remote onboarding and digital ID verification — process & controls
      • UBO identification: stepwise method for all entity types
      • Enhanced Due Diligence (EDD) process: triggers, evidence requirements
      • Onboarding checklist templates (role: front office / KYC)
    • Post-onboarding periodic review and lifecycle events
      • Trigger-based vs periodic reviews — decision matrix
      • Change events: ownership changes, product upgrades, new jurisdictions
      • Closure/Offboarding process and documentation
    • Transaction monitoring & real-time controls
      • Transaction monitoring workflow (data flow diagram)
      • Scenario catalogue with configuration examples (payment, wire, trade, fund flows)
      • Alert triage: prioritisation, investigation steps, timelines
      • Case management: structuring an investigation file
      • Feedback loops to tune scenarios and close the loop
    • Screening operations (sanctions, PEPs, adverse media)
      • Screening process: sources, frequency, automated vs manual
      • Investigating hits: triage, evidence capture, decision criteria
      • Documenting false positives and appeals process
    • Payment-specific processes (cross-border wires, ACH, cards)
      • Wire handling: enhanced checks, correspondent relationships, travel rule
      • Suspicious payment indicators and immediate actions
      • Suspicious beneficiary/payment chain analysis
  • Part C — Reporting, Investigation and Interaction with Authorities
    • Internal suspicious activity escalation process
      • Red flag reporting channels (front office, ops, whistleblower)
      • Internal case intake form and initial assessment steps
      • Tipping-off safeguards and communication controls
    • Preparing and filing an STR/SME (global template + Luxembourg notes)
      • Required elements and evidence bundling
      • STR drafting checklist and quality control steps
      • Submission channels and confirmation handling
    • Interaction with FIU, supervisors and law enforcement
      • Typical FIU reply loop and follow-up expectations
      • Handling requests for information (MLA, domestic requests)
      • Managing regulatory enquiries and audits (roles and timelines)
    • Investigation playbook (detailed steps)
      • Scoping and planning an internal investigation
      • Digital forensics and evidence preservation (chain of custody)
      • Interview guides and documentation templates
      • Decision memo templates and closure notes
    • Asset freeze & urgent measures (operational checklist)
      • Immediate operational steps for freezes / sanctions matches
      • Communication matrix and legal escalation
      • Release & unblocking procedures
    • Dawn Raids, On-site Inspections and Unannounced Visits
  • Part D — Governance, Controls and Assurance
    • Designing and maintaining policies and SOPs
      • Policy lifecycle: drafting, approval, communication, review
      • Standard operating procedures: required elements and templates
    • Three lines of defence in practice — operating model
      • Responsibilities and handover points between lines
      • Practical examples of 1LoD tasks vs 2LoD review tasks
      • Internal audit scope for AFC and sample audit programs
    • Monitoring, KPIs and management information
      • Operational KPIs (alert volumes, closure times, STRs filed)
      • Effectiveness KPIs (case outcomes, supervisory findings)
      • MI pack templates and board reporting cadence
    • Quality assurance, testing and validation
      • KYC file QA process and sampling plan
      • Transaction monitoring validation and backtesting steps
      • Remediation tracking and root cause analysis
    • Record keeping, retention and evidence management
      • Records taxonomy and retention schedules
      • Secure storage, access controls and data portability
      • Archive retrieval process and audit readiness
  • Part E — Technology, Data and Automation
    • Technology landscape and vendor management
      • Core components: KYC repository, TM engine, screening, case mgmt
      • Vendor selection, RFP checklist and contract clauses
      • SaaS vs on-premise considerations and legal issues
    • Data architecture and integration patterns
      • Master data management for customers/UBOs
      • Data feeds: payments, SWIFT, ledger, trade, third-party sources
      • Real-time vs batch processing design
    • Analytics, ML and advanced detection
      • Use cases for anomaly detection, clustering and behavior scoring
      • Model validation, explainability and bias mitigation
      • Monitoring model performance and retraining processes
    • Automation for operational efficiency
      • Robotic Process Automation (RPA) for KYC/Screening tasks
      • Auto-triage rules and human-in-the-loop design
      • Exception management and audit trail for automation
    • Cybersecurity & resilience considerations
      • Secure deployment, logging, monitoring and incident response
      • Data breach response for AFC systems
      • Business continuity for critical AFC functions
  • Part F — Sector & Product Specific Guidance
    • Retail banking and payments
      • Account opening, remote onboarding, e-wallets
      • High-risk customer segments and mitigation steps
    • Corporate banking and trade finance
      • Corporate KYC for complex groups and global chains
      • Trade finance red flags and TBML controls
    • Asset management, funds and fund servicing
      • Fund vehicle onboarding (SICAV, SIF, RAIF) and UBOs
      • Subscription & redemption monitoring, transfer agents
    • Trusts, fiduciaries and family offices
      • Trust structure due diligence and trust registers
      • Wealth management red flags and source of wealth checks
    • Crypto and digital assets
      • On-/off-ramp controls and VASP onboarding
      • Wallet risk scoring and chain analysis basics
    • Insurance and pensions
      • Product vulnerabilities (annuities, claims, premium finance)
      • Reinsurer and broker due diligence
  • Part G — Sanctions & International Considerations
    • Sanctions screening and blocking workflow
      • Sanctions list management and update processes
      • Hit investigation, licensing and escalation path
    • Cross-jurisdictional issues and extraterritorial rules
      • OFAC, EU, UK differences — practical examples
      • Group-wide policy alignment and local derogations
    • Correspondent banking and cross-border controls
      • Nostro/Vostro account controls and VASP correspondent concerns
      • Payment-chain mapping and beneficiary screening
  • Part H — Luxembourg Operational Module (detailed local playbook)
    • Luxembourg AML/CFT legal framework (practical summary)
      • Core statutes and implementing regulations (concise references)
      • Key supervisory expectations (CSSF) and FIU Luxembourg role
    • Onboarding & UBO specifics for Luxembourg entities
      • UBO identification for funds and corporate forms common in LU
      • National UBO register: access, submission process and timing
    • Reporting to FIU Luxembourg — step-by-step
      • Portal procedures, required fields and evidentiary attachments
      • Typical local typologies and recent case examples (anonymised)
    • Sector-specific Luxembourg guidance
      • Fund services and depositaries: operational checkpoints
      • Professional trustees, notaries and legal advisors — coordination
    • Local templates and checklists (ready to use)
      • Luxembourg onboarding checklist (legal entities / funds)
      • Luxembourg STR template and submission notes
      • CSSF examination checklist (practical remediation tips)
    • Regulatory engagement and inspections in Luxembourg
      • Handling on-site visits, data requests and remediation plans
      • Administrative sanctions and appeal process (overview)
    • Dawn Raids & Regulatory Inspections in Luxembourg
  • Part I — Training, Communications & Culture (rollout materials)
    • Staff training program and curricula by role
      • Mandatory induction and annual refresher program maps
      • Role-specific modules (front office, payments, legal, ops)
      • Training evaluation and competency sign-offs
    • Awareness campaigns and internal communications
      • Posters, pocket guides, intranet resources and microlearning
      • Scenario-based learning and case studies
    • Incident drills, tabletop exercises and red teaming
      • Design and runbook for tabletop exercises
      • Post-exercise evaluation and improvement tracking
    • Performance, incentives and culture metrics
      • Measuring risk culture and incentives that support compliance
      • Escalation culture and psychological safety for reporting
  • Part J — Templates, Checklists & Annexes (operational toolkit)
    • Global templates (editable)
      • KYC intake form (individual / corporate / fund)
      • UBO identification worksheet
      • EDD evidence checklist and SOF/SOW template
      • STR template (global) with drafting guide
      • Case management file structure & index
    • Luxembourg templates (editable)
      • LU-specific STR template and submission checklist
      • LU onboarding checklists for funds and corporate clients
      • Sample letters for information requests and freeze notices
    • Process maps, flowcharts and decision trees
      • Onboarding decision tree (simplified & expanded)
      • Alert triage flowchart and escalation matrix
      • STR decision flow and timing diagram
    • Checklists & quick reference sheets
      • One-page role cards for front office, ops, compliance, MLRO
      • Red flag quick cards (by product and sector)
      • Board governance checklist and audit readiness checklist
    • Reference materials and legal extracts
      • Selected FATF recommendations (practical excerpts)
      • Key Luxembourg statutory provisions (annotated excerpts)
      • Links to regulator portals, guidance and reporting systems
    • Glossary, abbreviations and index
      • Plain-English glossary for all staff
      • Acronym list and searchable index