LEH must carefully design, document and effectively implement an AML/CFT Program in line with the provisions of the Standards, AML-CFT Law, and AML-CFT Decision. As per Paragraph 16.1 of the Standards, LEH must establish, maintain and regularly update effective, written, and risk-based AML/CFT programs designed to prevent LEH from being abused to facilitate ML/FT. When designing or updating their AML/CFT programs, the scope of the AML/CFT Program should be proportionate to the level of the risk posed by the LEH’s size, scale, complexity, the nature and volume of its Exchange Business, the nature of its customer base, the business relationships it maintains, and the geographic areas in which it operates. For example, a large LEH with a high volume of Exchange Business with high-risk countries is expected to have an AML/CFT Program commensurate with its higher risk of possibly being abused to facilitate ML/FT. However, as all LEH are exposed to some degree of risk, they must perform their own assessments and design their AML/CFT programs in accordance with their overall risk profile in order to meet their statutory obligations.

LEH should ensure the AML/CFT Program includes the following ten (10) essential components, which are described in detail in the following sections: