Loading...
Templates Inspections SEO page

Run: Annual AML Independent Testing Checklist

Annual AML independent testing checklist for reviewing governance, transaction monitoring, SAR filing, CDD/KYC, training, and records. Use it to document fin...

Fill this out, get a PDF emailed to you. No account required. Want to run it with your team and track results? Sign up free →

Inspection Scope and Independence

Annual testing period, legal entity, business lines, and locations reviewed are clearly identified.
Independent tester has no operational responsibility for the AML program or the controls being tested.
Methodology, sample sizes, sampling approach, and any risk-based exceptions are recorded.
Previous audit findings, regulatory issues, and outstanding corrective actions were reviewed as part of planning.
Policies, procedures, risk assessment, training records, monitoring reports, and case files are available for review.

AML Governance and Risk Assessment

Minutes, reports, or approvals show regular oversight of AML program performance and issues.
Risk assessment reflects products, services, customers, geographies, delivery channels, and inherent/control risks.
Enter the date of the most recent AML risk assessment update.
Findings, action plans, owners, and due dates are tracked in a formal issue management process.
Compliance staffing, escalation coverage, and subject-matter expertise are sufficient for the institution's risk profile.

Transaction Monitoring and Investigations

Monitoring rules, thresholds, and scenarios reflect the institution's products, customer types, and geographies.
Sampled alerts were traced from generation through disposition with supporting evidence.
Case notes explain the rationale for escalation, closure, or no further action and cite supporting documentation.
Alerts and cases were escalated within required internal timeframes and documented where exceptions occurred.
High-risk or complex alerts received appropriate secondary review or approval.
Document any recurring false-positive drivers, threshold issues, or tuning recommendations.

Suspicious Activity Reporting and Regulatory Filings

Reviewed cases show a clear basis for filing or not filing suspicious activity reports.
Filing dates were compared to internal escalation and regulatory timing requirements.
Key fields, narratives, and supporting data in filed reports are complete, accurate, and consistent with case records.
Business line or operations staff escalate unusual activity promptly to the AML function.
Retrospective reviews were completed for relevant periods, products, or customer segments when indicated by risk or prior issues.

Customer Due Diligence, Training, and Records

Sampled customer files contain identity, beneficial ownership, risk rating, and ongoing review evidence as applicable.
Higher-risk customers have documented EDD, periodic review cadence, and escalation where warranted.
Percentage of required personnel who completed AML training within the required period.
Training covers relevant red flags, escalation paths, and job-specific responsibilities for the audience.
Required records can be retrieved promptly and are retained for the required period.

Get your results

Enter your email — we'll send you a PDF of your filled-out template, plus the occasional MangoScoop newsletter (templates, workflow tips, product updates). Unsubscribe anytime — link is in every email.

Generated with MangoApps Templates — browse 250+ free
Ask AI Product Advisor

Hi! I'm the MangoApps Product Advisor. I can help you with:

  • Understanding our 40+ workplace apps
  • Finding the right solution for your needs
  • Answering questions about pricing and features
  • Pointing you to free tools you can try right now

What would you like to know?

AI-generated responses may not be 100% accurate