Skip to main content
Version date: 4 March 2021 - onwards

Annex A. Overview of supervisory tools

Understanding and profiling risks

AML/CFT returns

Regular or ad hoc requests to entities for quantitative and qualitative data and information relating to key ML/TF risk indicators (e.g. business lines, product segments, types of customers) and general information about the entity and the nature and scope of their activities. The collection of regular AML/CFT returns could be automated and aims to help supervisors gain a better understanding of the ML/TF risks to which their sector is exposed, to aid in the risk profiling of the supervised entities.

Engagements with Board and Senior Management

Regular engagements with the Board and Senior Management of supervised entities, particularly those that are systemically important, could enable supervisors gather timely information on potential changes in business strategy or focus which could impact the inherent ML/TF risks of the entity.

Ongoing surveillance of emerging risks and trends

Supervisors look to identify key risk trends and systemic risks through mechanisms such as engagements with other regulators, mining of system-wide risk-relevant data, conversations with regulated entities, and ongoing news monitoring. This would help in more dynamic and up-to-date ML/TF risk assessments of the regulated entities.

Results from surveillance would also directly impact the calibration of supervisory response (e.g. thematic inspections to address systemic weaknesses, or specific areas of focus for individual entities).

Assessing AML/CFT systems and controls

Questionnaires on AML/CFT risk management controls