Skip to main content
header search
ahihi OpenLearn
OpenLearn
Menu
sticky search

About this free course

Become an OU student

Download this course

Share this free course

Course content Course content
Corporate fraud and criminal behaviour
Corporate fraud and criminal behaviour

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

More free courses

6 Internal controls to prevent money laundering

Internal controls are policies and procedures an organisation has in place to ensure that its systems operate as efficiently and effectively as intended, its assets are safeguarded, and it is complying with all applicable laws and regulations (Arens, Elder and Beasley, 2014).

Designing and implementing robust controls is essential for ensuring accountability. The UK Corporate Governance Code requires directors of listed organisations to design and implement a sound internal control and risk management system (FRC, 2024).

The Association of Certified Fraud Examiners (2022) highlighted that almost half of the fraud cases covered by its global fraud study could be attributed to either a lack of internal controls (29%) or the overriding of existing controls (20%). If firms adopt effective internal controls, money laundering can also be avoided.

There are various types of controls that could combat money laundering effectively. One of the most important components is monitoring.

Besides monitoring, there are some other additional anti-money laundering controls that can be used, including:

  • external audit of financial statements
  • internal audit department
  • external audit of internal controls over financial reporting
  • an independent audit committee
  • an anti-money laundering policy
  • anti-money laundering training
  • an employee support programme
  • a dedicated anti-money laundering department, function or team
  • management review
  • customer due diligence where accountants ask clients to provide satisfactory evidence to verify their identity
  • rewards for whistle-blowers.
(B816 Financial strategy and governance: Ethics, fraud and governance.)

Furthermore, firms are legally obliged to appoint a money laundering compliance principal (MLCP) and a money laundering reporting officer (MLRO). These officers can help firms assess the likelihood of money laundering and report any suspicious activities to relevant authorities. However, the requirement to appoint a MLCP and a MLRO is subject to the ‘size and nature’ of the business.

A framework for internal controls was developed, and subsequently revised, by the Committee of Sponsoring Organisations of the Treadway Commission (COSO, 2013a).

The COSO Internal Control Integrated Framework (see Figure 6) recognised five components of internal control:

  • the control environment
  • risk assessment
  • control activities
  • information and communication
  • monitoring activities.

Generally speaking, all five components must be present, functioning and operating together to conclude that internal control is effective (Arens, Elder and Beasley, 2014).

Described image
Figure 6 The COSO Internal Control Integrated Framework (COSO, 2013b)
Show description|Hide description

This image demonstrates the COSO Internal Control Integrated Framework. In the figure, there is a cube. Written on the front of the cube are the words ‘Control environment’, ‘Risk assessment’, ‘Control activities’, ‘Information and communication’ and ‘Monitoring activities’. At the top of the cube, from left to right, are the words ‘Operations’, ‘Reporting’ and ‘Compliance’. On the right are the words ‘Entity level’, ‘Division’, ‘Operating Unit’ and ‘Function’.

Figure 6 The COSO Internal Control Integrated Framework (COSO, 2013b)

You will examine each of these components in turn.