What defines the timeline in a risk-based AML audit program?

The timeline in a risk-based AML audit program is primarily defined by scheduled checkpoints for auditing phases. This is essential because a well-structured audit program relies on a series of planned evaluations that ensure each component of the audit is completed systematically and on time. These checkpoints facilitate the alignment of the audit process with risk assessment outcomes and overall objectives, enabling auditors to gauge progress, identify areas needing more attention, and adjust resources as necessary.

In a risk-based approach, it's crucial to focus on conducting audits based on the varying levels of risk associated with different activities, which often necessitates periodic evaluations throughout the audit lifecycle. This focus allows organizations to prioritize their resources effectively and is essential for ensuring compliance with applicable regulations while effectively managing potential risks.

The other options may relate to components of an audit but do not define the overall timeline effectively. Training sessions focus on preparing staff rather than the audit process itself, while review procedures and employee feedback involve important aspects of the audit but do not structurally dictate the timeline of the audit program. Thus, checkpoints are the key element for establishing a robust schedule for conducting risk-based audits.