• Compliance with Financial Crime Laws and Regulations: FIs must adhere to applicable laws and regulations, forming the foundation of their FCRM programmes. Internal Audit should ensure that FIs' governance documents address local legal requirements and that effective controls are in place to ensure compliance.
• Establishing a reasonable and risk-based set of controls: FIs must understand the financial crime risks inherent in their operations and develop controls proportionate to these risks. Internal Audit should assess the design and effectiveness of these controls, ensuring they are dynamic and responsive to evolving threats and regulatory expectations.
• Providing highly useful information: FIs play a crucial role in providing relevant information to law enforcement and government agencies to combat financial crime. Internal audit may assist by developing indicators to assess the quality and usefulness of the information shared and ensuring proper oversight of information-sharing processes.

By implementing these principles, FIs can enhance their FCRM practices, support law enforcement efforts and contribute to the integrity of the global financial system.

Wolfsberg’s guidelines can be found here.