Custom Policies
Last updated
Last updated
Aside from configuration policies, there are many other examples of policies, procedures and other written documents that might make up an organisation's AML/CFT compliance.
Custom policies are entirely free form documents that don't configure settings or impact other areas of the software. By utilising custom policies, organisations can take advantage or Proofdesk's version history and approval features to demonstrate the existence and review of additional documents.
Examples of custom policies that could be included:
Business Risk Assessment
Technology Risk Assessment
Other AML/CFT Procedures
"Relevant persons must ensure they have a thorough understanding of the ML/FT risks they are exposed to. To this end, relevant persons must establish procedures and controls for BRA, customer (“CRA”) and technology risk assessments (“TRAs”), which must be recorded. The relevant person must operate these procedures and controls, meaning they must undertake the relevant risk assessments according to those procedures."
The Handbook 2023 Section 2.1.2
An organisation can have many Custom Policy forms.
The content of a custom policy can be written directly in Proofdesk or imported as a .pdf file.
In Proofdesk when custom policies are reviewed, they can be assigned a "next review date". This keeps your team informed about which procedures are up for review when the time comes.
"Examples of procedures and controls to ensure risk assessments are regularly reviewed and remain relevant include, but are not limited to, the factors listed below.
Setting a particular date for each calendar year for a periodic BRA/TRA review to take place. Relevant persons should be aware that the first BRA and TRA may need to be reviewed on a shorter time frame than future BRAs and TRAs to assess whether the assumptions made before business commenced reflect the business that is being carried out..."
The Handbook 2021 Section 2.2.6
Also refer to The Handbook 2021 section 2.1 through 2.2