The board of directors at a large bank wants to improve the bank's practices for managing money laundering and financial terrorism (ML/FT) risk. The risk committee of the bank meets to discuss ways to achieve this objective that conform to best practices. Which of the following actions would be most appropriate for the bank to recommend?