The first line of defence: all banks should implement ongoing employee training programmes so that bank staff are adequately trained to implement the bank’s AML/CFT policies and procedures.

The second line of defence: the chief officer in charge of AML/CFT should have the responsibility for ongoing monitoring of the fulfillment of all AML/CFT duties by the bank.

The third line of defence: internal audit plays an important role in independently evaluating the risk management and controls.