CAFCA Basic Exam Questions with
All Correct Answers
What is transaction monitoring? - Answer-Transaction monitoring is the
scanning and analysis of historic
transactional data for potential money
laundering, or efforts to breach economic
sanctions.
What is the proper way to reject a new
customer? - Answer-When it is a risk appetite matter, tell
the potential customer. However, if
financial crime is suspected, do not tip off the
customer. Document your reasons. File the
necessary reports if you suspect financial crime.
How do financial institutions decide whether to
maintain or close the impacted account after
filing a SAR? - Answer-The decision is made based on the
financial institution's risk appetite
and tolerance, and in accordance with its own
standards and guidelines.
The purpose of an indemnity - Answer-The purpose of an indemnity is to protect
another party from any loss or financial burden as a result of an action. In this case, it
protects organizations from incurring liabilities when they return money that has been
reported as the proceeds of fraud and other financial crime to another organization.
Indemnity Responsibility - Answer-The indemnity is essentially proof that the other
institution is taking responsibility for the funds and an acknowledgement that they have
identified the funds as criminal and their customer as a likely victim of fraud.
Partnership characteristics - Answer-1. Set strong foundation (open and transparent)
2. Clear roles and Responsibilities
3. Clear escalation process
4. Regular communication: up to date on new product developments, customer
segments, geographic expansion.
RegTech - Answer-Reg Tech refers to regulatory technology, or technology used to
support regulatory processes. In AML, Reg Tech is typically used to support
,onboarding, transaction monitoring, investigations and reporting, and risk assessment
and governance processes.
Confirmation bias - Answer-hearing what you want to hear
Faulty reasoning - Answer-drawing conclusions before knowing the facts
Over-generalization - Answer-failing to understand contextual analysis
Lack of scrutiny - Answer-taking things at face value or not considering the reliability
of information
Critical Thinking - Answer-logical and structured approach to analyzing information.
The three key concepts of critical thinking are logic, structure, and challenge.
Open source research - Answer-This practice of collecting information from published or
otherwise publicly
available sources is commonly known as "open-source intelligence" (OSINT).
"Boolean expression" - Answer-Boolean searches work by using words such as "and" or
"not" in between search terms. This links them together to extract useful information.
Search Operators - Answer-This technique involves applying specific punctuation marks
or symbols to narrow search results. For
example, putting a customer's name in quotation marks when conducting OSINT will
ensure all results specifically contain their name.
Network Analysis - Answer-Network analysis is an investigation tool that searches for
common traits among account holders and activities that could link them as part of a
network. Several customers registered to a single address could indicate an organized
crime group. Network analysis can also
help identify multiple customers who pay into one common suspicious account, which
could indicate a group of money mules.
Name two important pieces of anti-bribery and
corruption legislation with extra territorial reach. - Answer-The Foreign Corrupt Practices
Act
in the US and The UK Bribery Act
2010.
What are the main types of sanctions and who
do they target? - Answer-Financial, economic, and trade.
They generally target individuals,
organizations, and countries.
List the three major reasons people commit
,fraud, and what this model is called. - Answer-The three major reasons are
pressure, opportunity, and
rationalization. This model is referred to as the
"Fraud Triangle.
State two differences between tax avoidance
and tax evasion. - Answer-Tax avoidance uses legal practices
to reduce taxes owed, whereas tax
evasion uses illegal practices to evade paying
taxes owed.
State an example of high-risk customers that
Fin Techs might encounter. - Answer-Examples include customers who
sign up using false identities, customers who lie about the purpose of
business relationships, front companies,
companies with complex ownership structures,
and customers linked to organized crime groups.
Name an example of politically exposed persons - Answer-Examples of PEPs include
heads of
state or heads of government; senior politicians; senior government; judicial and military
officials, senior executives of state-owned corporations; and important political party
officials, as well as their families and close
associates. Usually, PEP positions are specified
in each jurisdiction's AML regulation.
Name some jurisdiction risks and red flags in
the Fin Tech sector. - Answer-Jurisdictions with higher risk
include those with poor AML
regulations, high levels of corruption, inadequate
frameworks to prevent financing of terrorism,
and economic sanctions in place. Jurisdictions
that ere tax havens and those known to host
shell companies are also high-risk.
Why are Fin Techs often considered to be
high-risk companies? - Answer-Because of the lack of face-to-
face encounters and the speed
with which a person can access financial
products
What are some Fin Tech risks and red flags? - Answer-Non-face-to-face customer
interactions and onboarding, cryptocurrencies and anonymity, faster payments, new
technologies and their potential vulnerabilities, unproven business models, and
undeveloped governance frameworks.
, What are the benefits to using banking as a
service provider? - Answer-Faster speed to market and
overcoming regulatory
complexities.
What are card schemes? - Answer-Membership-based networks that
enable a payment method, such as
Visa, JCB, and MasterCard.
What are the three lines of defense in AML
compliance? - Answer-The first line of defense is the line
of business. The second line of
defense is the compliance and internal control
functions. The third line of defense is internal
audit.
What is meant by a "four-eyes check" during
onboarding? - Answer-To ensure proper checks are
performed, a second person might
review the file. This is also known as employing
"dual controls."
What are dual controls? - Answer-In the prevention of financial crime,
dual controls can be applied during
CDD to ensure it is performed correctly.
Why is it important for the second line of
defense to be independent from the business
line? - Answer-To be empowered to obtain
access to information throughout
the organization; conduct investigations of
possible breaches; and freely express and
disclose findings to senior management.
Describe the responsibilities of the money
laundering reporting officer (MLRO). - Answer-Ensuring that the organization's
AML/CFT efforts are effectively
designed and implemented, handling inquiries;
determining whether SARs require reporting to
authorities; and overseeing training
For optimal effectiveness, who should perform
an organization's audit? - Answer-The audit should be independent;
that is, performed by people not
involved with the organization's AML/CFT
compliance staff. The audit team should report
All Correct Answers
What is transaction monitoring? - Answer-Transaction monitoring is the
scanning and analysis of historic
transactional data for potential money
laundering, or efforts to breach economic
sanctions.
What is the proper way to reject a new
customer? - Answer-When it is a risk appetite matter, tell
the potential customer. However, if
financial crime is suspected, do not tip off the
customer. Document your reasons. File the
necessary reports if you suspect financial crime.
How do financial institutions decide whether to
maintain or close the impacted account after
filing a SAR? - Answer-The decision is made based on the
financial institution's risk appetite
and tolerance, and in accordance with its own
standards and guidelines.
The purpose of an indemnity - Answer-The purpose of an indemnity is to protect
another party from any loss or financial burden as a result of an action. In this case, it
protects organizations from incurring liabilities when they return money that has been
reported as the proceeds of fraud and other financial crime to another organization.
Indemnity Responsibility - Answer-The indemnity is essentially proof that the other
institution is taking responsibility for the funds and an acknowledgement that they have
identified the funds as criminal and their customer as a likely victim of fraud.
Partnership characteristics - Answer-1. Set strong foundation (open and transparent)
2. Clear roles and Responsibilities
3. Clear escalation process
4. Regular communication: up to date on new product developments, customer
segments, geographic expansion.
RegTech - Answer-Reg Tech refers to regulatory technology, or technology used to
support regulatory processes. In AML, Reg Tech is typically used to support
,onboarding, transaction monitoring, investigations and reporting, and risk assessment
and governance processes.
Confirmation bias - Answer-hearing what you want to hear
Faulty reasoning - Answer-drawing conclusions before knowing the facts
Over-generalization - Answer-failing to understand contextual analysis
Lack of scrutiny - Answer-taking things at face value or not considering the reliability
of information
Critical Thinking - Answer-logical and structured approach to analyzing information.
The three key concepts of critical thinking are logic, structure, and challenge.
Open source research - Answer-This practice of collecting information from published or
otherwise publicly
available sources is commonly known as "open-source intelligence" (OSINT).
"Boolean expression" - Answer-Boolean searches work by using words such as "and" or
"not" in between search terms. This links them together to extract useful information.
Search Operators - Answer-This technique involves applying specific punctuation marks
or symbols to narrow search results. For
example, putting a customer's name in quotation marks when conducting OSINT will
ensure all results specifically contain their name.
Network Analysis - Answer-Network analysis is an investigation tool that searches for
common traits among account holders and activities that could link them as part of a
network. Several customers registered to a single address could indicate an organized
crime group. Network analysis can also
help identify multiple customers who pay into one common suspicious account, which
could indicate a group of money mules.
Name two important pieces of anti-bribery and
corruption legislation with extra territorial reach. - Answer-The Foreign Corrupt Practices
Act
in the US and The UK Bribery Act
2010.
What are the main types of sanctions and who
do they target? - Answer-Financial, economic, and trade.
They generally target individuals,
organizations, and countries.
List the three major reasons people commit
,fraud, and what this model is called. - Answer-The three major reasons are
pressure, opportunity, and
rationalization. This model is referred to as the
"Fraud Triangle.
State two differences between tax avoidance
and tax evasion. - Answer-Tax avoidance uses legal practices
to reduce taxes owed, whereas tax
evasion uses illegal practices to evade paying
taxes owed.
State an example of high-risk customers that
Fin Techs might encounter. - Answer-Examples include customers who
sign up using false identities, customers who lie about the purpose of
business relationships, front companies,
companies with complex ownership structures,
and customers linked to organized crime groups.
Name an example of politically exposed persons - Answer-Examples of PEPs include
heads of
state or heads of government; senior politicians; senior government; judicial and military
officials, senior executives of state-owned corporations; and important political party
officials, as well as their families and close
associates. Usually, PEP positions are specified
in each jurisdiction's AML regulation.
Name some jurisdiction risks and red flags in
the Fin Tech sector. - Answer-Jurisdictions with higher risk
include those with poor AML
regulations, high levels of corruption, inadequate
frameworks to prevent financing of terrorism,
and economic sanctions in place. Jurisdictions
that ere tax havens and those known to host
shell companies are also high-risk.
Why are Fin Techs often considered to be
high-risk companies? - Answer-Because of the lack of face-to-
face encounters and the speed
with which a person can access financial
products
What are some Fin Tech risks and red flags? - Answer-Non-face-to-face customer
interactions and onboarding, cryptocurrencies and anonymity, faster payments, new
technologies and their potential vulnerabilities, unproven business models, and
undeveloped governance frameworks.
, What are the benefits to using banking as a
service provider? - Answer-Faster speed to market and
overcoming regulatory
complexities.
What are card schemes? - Answer-Membership-based networks that
enable a payment method, such as
Visa, JCB, and MasterCard.
What are the three lines of defense in AML
compliance? - Answer-The first line of defense is the line
of business. The second line of
defense is the compliance and internal control
functions. The third line of defense is internal
audit.
What is meant by a "four-eyes check" during
onboarding? - Answer-To ensure proper checks are
performed, a second person might
review the file. This is also known as employing
"dual controls."
What are dual controls? - Answer-In the prevention of financial crime,
dual controls can be applied during
CDD to ensure it is performed correctly.
Why is it important for the second line of
defense to be independent from the business
line? - Answer-To be empowered to obtain
access to information throughout
the organization; conduct investigations of
possible breaches; and freely express and
disclose findings to senior management.
Describe the responsibilities of the money
laundering reporting officer (MLRO). - Answer-Ensuring that the organization's
AML/CFT efforts are effectively
designed and implemented, handling inquiries;
determining whether SARs require reporting to
authorities; and overseeing training
For optimal effectiveness, who should perform
an organization's audit? - Answer-The audit should be independent;
that is, performed by people not
involved with the organization's AML/CFT
compliance staff. The audit team should report
