Download CAFCA EXAM CERTIFIED AML FINTECH COMPLIANCE ASSOCIATE EXAM 2025 | QUESTIONS AND ANSWERS and more Exams Financial Products and Services in PDF only on Docsity!
CAFCA EXAM CERTIFIED AML FINTECH COMPLIANCE ASSOCIATE
EXAM 2025 | ALL QUESTIONS AND CORRECT ANSWERS | GRADED
A+ | VERIFIED ANSWERS | NEWEST EXAM
Name some jurisdiction risks and red flags in the FinTech sector. --------- CORRECT ANSWER-----------------Jurisdictions with higher risk include those with poor AML regulations, high levels of corruption, inadequate frameworks to prevent financing of terrorism, and economic sanctions in place. Jurisdictions that are tax havens and those known to host shell companies are also high risk. Why are Fin Techs often considered to be high-risk companies? --------- CORRECT ANSWER-----------------Because of the lack of face-to-face encounters and the speed with which a person can access financial products. What are some Fin Tech risks and red flags? ---------CORRECT ANSWER- ----------------Non face-to-face customer interactions and onboarding, cryptocurrencies and anonymity, faster payments, new technologies and their potential vulnerabilities, unproven business models, and undeveloped governance frameworks. What are the benefits to using banking as a service provider? --------- CORRECT ANSWER-----------------Faster speed to market and overcoming regulatory complexities. What are card schemes? ---------CORRECT ANSWER----------------- Membership-based networks that enable a payment method, such as Visa, JCB and MasterCard.
What are the three lines of defense in AML compliance? ---------CORRECT ANSWER-----------------The first line of defense is the line of business. The second line of defense is the compliance and internal control functions. The third line of defense is internal audit. What is meant by a "four-eyes check" during onboarding? --------- CORRECT ANSWER-----------------To ensure proper checks are performed, a second person might review the file. This is also known as employing "dual controls." What are dual controls? ---------CORRECT ANSWER-----------------In the prevention of financial crime, dual controls can be applied during CDD (customer due diligence) to ensure it is performed correctly. Name red flags that could point to corporate money laundering through shell companies. ---------CORRECT ANSWER-----------------Shell companies exist only on paper with no active business operations. Red flags include: companies with no public profile, no clear business, and a poorly populated or nonexistent website. Name red flags that arise during payment screening that might point to sanctions violations. ---------CORRECT ANSWER-----------------Payments to a region that borders a sanctioned jurisdiction, payments with references linked to sanctions, payments to charities or companies operating in sanctioned countries, payments for high-risk or dual-use goods, and customers or counterparties with sanctioned ownership. Why is it important for the second line of defense to be independent from the business line? ---------CORRECT ANSWER-----------------To be
How can a FinTech prepare for a successful audit? ---------CORRECT ANSWER-----------------Plan in advance, ensure staff availability, ensure documentation is correct and up to date, address potential issues on an ongoing basis throughout the year, and fully understand the audit scope. What are two sources of internal risk in a FinTech? ---------CORRECT ANSWER-----------------The organization's employees and internal processes Aside from the legal requirement, why is good recordkeeping important to FinTechs? ---------CORRECT ANSWER-----------------It could help to defend your organization against a money laundering or a terrorist financing offense. It also supports law enforcement agencies to fight financial crime. With whom can financial institutions share customer data? --------- CORRECT ANSWER-----------------Data you hold about a customer should be shared only with others who need to know. Many jurisdictions have privacy and data security laws and regulations that apply to financial institutions. What is the advantage of independently collecting customer information in addition to customer-completed digital forms? ---------CORRECT ANSWER- ----------------It can be more reliable and less prone to fraud and manipulation. Name some common red flags when onboarding customers. --------- CORRECT ANSWER-----------------Customers who are overly evasive, provide documents that appear to be false, are linked to high-risk or
sanctioned jurisdictions, are PEPs or affiliated with PEPs, and are subjects of adverse media. When does name screening typically take place? ---------CORRECT ANSWER-----------------Customers typically are screened at onboarding and on an ongoing basis. Some organizations continuously rescreen customers in real-time, and others do hourly or daily batch screening. With regard to list management controls, how does a FinTech determine which lists to use? ---------CORRECT ANSWER-----------------The decision is based on geographic location, the currencies used, the business model, where customers are based, and customer activities. How does a Fintech determine the necessary level of verification and research during customer onboarding? ---------CORRECT ANSWER---------- -------The level is based on the risk score given to a customer through the customer risk assessment process and any local regulatory requirements. Why is it crucial for CDD programs to evolve along with organizational growth? ---------CORRECT ANSWER-----------------To accommodate new customer types, volumes, and risks, and to prevent delays in the onboarding process. What is the purpose of controls for transaction monitoring? --------- CORRECT ANSWER-----------------The purpose of having controls for transaction monitoring is to manage the financial crime risk to an organization, in a risk-based approach, these controls are appropriate, specific, and risk-based.
List the three major reasons people commit fraud, and what this model is called. ---------CORRECT ANSWER-----------------The three major reasons are pressure, opportunity, and rationalization. This model is referred to as the "Fraud Triangle". Name two important pieces of anti-bribery and corruption legislation with extra-territorial reach. ---------CORRECT ANSWER-----------------The Foreign Corrupt Practices Act in the US and The UK Bribery Act 2010. State two differences between tax avoidance and tax evasion. --------- CORRECT ANSWER-----------------Tax avoidance uses legal practices to reduce taxes owed, whereas tax evasion uses illegal practices to evade paying taxes owed. Name an example of politically exposed persons (PEPs). ---------CORRECT ANSWER-----------------Examples of PEPs include heads of state or heads of government, senior politicians, senior government, judicial and military officials, senior executives of state-owned corporations, and important political party officials, as well as their families and close associates. Usually, PEP positions are specified in each jurisdiction's AML regulation. State an example of high-risk customers that Fin Techs might encounter. -- -------CORRECT ANSWER-----------------Examples include customers who sign up using false identities, customers who lie about the purpose of business relationships, front companies, companies with complex ownership structures, and customers linked to organized crime groups.
What is the difference between anti-fraud and AML monitoring? --------- CORRECT ANSWER-----------------Anti-fraud monitoring ultimately aims to reduce an organization's fraud losses. AML efforts are done mainly to comply with regulations and ensure that an organization is not used for money laundering. Why is it important to scale an organization's transaction monitoring program along with its growth? ---------CORRECT ANSWER-----------------To monitor evolving and new risks, detect financial crime activity among new customers, products, and geographies, and quickly resolve open alerts. What is meant by "financial inclusion" in the context of AML obligations? --- ------CORRECT ANSWER-----------------Ensuring that legitimate customers have access to financial systems, even when they can't provide all of the information typically required. Organizations must balance AML risks with support for financial inclusion, which might be required by law. In what ways can a FinTech take a risk-based approach to balance customer risk with customer experience at onboarding? ---------CORRECT ANSWER-----------------Focusing EDD (Enhanced Due Diligence) measures on customers who pose specific risks; using technology to speed up the onboarding process; allowing customers who are considered low-risk to onboard with no intervention; carefully designing onboarding flow, and providing positive customer support. What roles does network analysis play in AML investigations? --------- CORRECT ANSWER-----------------Network analysis is an investigation tool that searches for common traits among account holders and activities that could link them as part of a network. Some organizations build internal network analysis tools, whereas others use third-party investigative software.
What is an "indemnity"? ---------CORRECT ANSWER-----------------A formal legal document that is commonly used in communication between financial institutions, often to request information. Indemnities facilitate the return of funds from one organization to another when the funds have been reported as criminal. What are the four key aspects of successful partner relationships among financial institutions? ---------CORRECT ANSWER-----------------Set a strong foundation, establish clear roles and responsibilities, have a clear escalation process, and ensure regular communication. What two types of information might an economic crime unit request from a FinTech? ---------CORRECT ANSWER-----------------Law enforcement can request information from FinTech in their effort to collect intelligence and build evidence for a case. "Requests for intelligence" typically are made via a non-legally binding request. If law enforcement decides to pursue a case in court, they will submit a "request for evidence." What are some general guidelines for how to respond to a law enforcement request? ---------CORRECT ANSWER-----------------Acknowledge receipt of the request, give your expected time frame for the response, make sure you understand exactly what information has been requested, determine whether there is a deadline, provide exactly what the request asks for, and write clearly, avoiding jargon. What are some general guidelines for working with regulators? --------- CORRECT ANSWER-----------------Maintain frequent, proactive communication, promptly reply to requests for information, communicate clearly, avoiding jargon, and take a collaborative, helpful approach.
What should an organization do when it suspects that a customer is laundering money? ---------CORRECT ANSWER-----------------The organization has a duty to report it to the authorities. In many countries, there is a personal liability to report money laundering, and there are legal penalties of fines and imprisonment if you do not do so. What should you do if you have completed your research and identified risk indicators that can't be mitigated? ---------CORRECT ANSWER----------------- You might need to escalate the customer for additional investigation. The internal process you use to escalate your findings is important and can have legal and regulatory consequences. What is a SAR/STR? ---------CORRECT ANSWER-----------------Suspicious activity reports (SARs) or Suspicious transaction reports (STRs) are reports that alert law enforcement to potential instances of money laundering or terrorist financing. How is a SAR written? ---------CORRECT ANSWER-----------------The laws about filing a SAR are clear and strong. The format often follows a template provided by law enforcement. There are instructions about how much to include. What is transaction monitoring? ---------CORRECT ANSWER----------------- Transaction monitoring is the scanning and analysis of historic transactional data for potential money laundering, or efforts to breach economic sanctions.
Three stages of Money Laundering ---------CORRECT ANSWER--------------- --1. Placement
- Layering
- Integration What is placement? ---------CORRECT ANSWER-----------------Putting "dirty money" into the financial system What is Layering? ---------CORRECT ANSWER-----------------Concealing the origin of the "dirty money" What is integration? ---------CORRECT ANSWER-----------------Using the "dirty money" in the legitimate economy Terrorist Financing ---------CORRECT ANSWER-----------------Terrorist financing (proceeds for crime) provides funds for terrorist activity. Can be legal and/or illegal activity Sanctions ---------CORRECT ANSWER-----------------Foreign policy and security tool Target individuals, organizations, jurisdictions, vessels Main types: Financial, economic, trade
What are the features of fraud? ---------CORRECT ANSWER----------------- An intentional act of criminal deception in order to obtain an unjust advantage Results in financial or personal gain Can be committed by one or more individuals What are the three reasons someone commits fraud? ---------CORRECT ANSWER-----------------Referred to as the Fraud Triangle Pressure Opportunity Rationalization Tax avoidance vs tax evasion ---------CORRECT ANSWER-----------------Tax avoidance uses legal practices to reduce taxes owed Tax evasion uses illegal practices to evade paying taxes owed Tax evasion includes hiding taxable assets from the authorities Panama Papers (Case example) ---------CORRECT ANSWER----------------- A classic example of the use of shell companies to conceal customer wealth Millions of secret documents were leaked to the press Over 200,000 shell companies set up by law firm in Panama What is a negative impact of financial crime? ---------CORRECT ANSWER-- ---------------Financial crime jeopardizes the soundness of financial institutions
individual who has been entrusted with prominent public functions in a foreign country, such as a head of state, senior politician, senior government official, judicial or military official, senior executive of a state- owned corporation or important political party official, as well as their families and close associates. The term PEP does not extend to middle- ranking individuals in the specified categories. Various country regulations will define the term PEP, which may include domestic as well as foreign persons. Beneficial ownership ---------CORRECT ANSWER-----------------Person(s) having ultimate control over an account, through ownership or other means Account name might not be controller name Regulation requires knowing beneficial owner(s) Percentage of control ---------CORRECT ANSWER-----------------Jurisdiction sets threshold (often 25%) Your organization sets threshold Beneficial owner is natural or legal Ultimate beneficial owner is always natural person What are the Two types of beneficial owner ---------CORRECT ANSWER---- -------------Those with "ownership" and those with "control" Owner owns 25% or more of equity interests of a legal person Controller is the non-owner who exercises operational control All legal person(s) track back to a natural person(s) How do you determine beneficial ownership? ---------CORRECT ANSWER- ----------------Know your organization's threshold If UBO cannot be found US: Control prong must certify that no one person owns 25% EU: Natural person(s) holding senior management positions are UBO When impossible to identify, ask yourself why
What is a shell company? ---------CORRECT ANSWER-----------------No assets or operations "Shelf" is shell created to use later Appear legitimate and mask ownership Sometimes legitimate but high-risk Often facilitate money laundering Key FinTech risks ---------CORRECT ANSWER-----------------Vary by specific products, services, technologies Key risks: fraud, money laundering, bribery and corruption, tax evasion, terrorist financing, sanctions, cybercrime Are attractive for both legitimate customers and criminals Paris terror attacks (Case example) ---------CORRECT ANSWER-------------- ---Terrorists used prepaid cards Tiny sums difficult to track: anonymity Result: stricter rules on virtual currencies, prepaid cards PayPal sanctions violations (Case example) ---------CORRECT ANSWER--- --------------The FinTech industry also is vulnerable to sanctions risk PayPal was fined over $7,000, Lessons learned Rescreen all customers after sanctions list update Maintain effective payment screening tool Have sanctions alert clearance procedures, training YouTrip (Case example) ---------CORRECT ANSWER-----------------A multi- currency electronic wallet application
Why might a FinTech outsource their AML controls? ---------CORRECT ANSWER-----------------FinTechs might lack the needed in-house expertise. What is a characteristic of the FinTech sector, relevant to financial crime? -- -------CORRECT ANSWER-----------------FinTechs often meet customers non-face-to-face for onboarding. What concerns did the whistleblower's report raise about Revolut's program? ---------CORRECT ANSWER-----------------Revolut's AML checks were not sufficient to successfully identify potential criminals. Based on the YouTrip fraud case, which statements reflects fraud risk in FinTechs? ---------CORRECT ANSWER-----------------FinTechs are at risk of fraud when they do not have appropriate controls in place. Why are charitable organizations sometimes part of tax-evasion schemes? ---------CORRECT ANSWER-----------------Donations to a charitable organization typically are tax-deductible What is an ultimate beneficial owner? ---------CORRECT ANSWER----------- ------A natural person who owns a portion of a company Why is a risk-based approach important? ---------CORRECT ANSWER------- ----------So you can apply appropriate scrutiny based on the risk presented to you by a given customer
Who usually makes the recommendation to close an account? --------- CORRECT ANSWER-----------------SAR Review Team What is not a good rule for the second line of defense? ---------CORRECT ANSWER-----------------Attach compensation to profitability What is the purpose of transaction monitoring ---------CORRECT ANSWER- ----------------Manage financial crime risk Generate alerts Investigate certain activity What is an accurate statement concerning KYC photo identification solutions, as demonstrated by the N26 case? ---------CORRECT ANSWER- ----------------KYC photo identification solutions are not comprehensive if they cannot detect fake IDs. What is the main purpose of transaction monitoring controls? --------- CORRECT ANSWER-----------------Manage financial risk What is one difference between transaction monitoring and name screening? ---------CORRECT ANSWER-----------------Name screening is performed prior to onboarding United Nations sanctions are an example of what type of sanctions regime? ---------CORRECT ANSWER-----------------Multilateral sanctions
