What should be identified in the organizational structure for an AML audit?

Identifying auditable entities and the enterprise-wide AML risk assessment within the organizational structure is fundamental for an AML audit because it provides a clear framework for evaluation. The auditable entities refer to the specific departments, units, or processes within the organization that are subject to the audit. This identification allows auditors to focus their efforts on areas that are critical for anti-money laundering compliance.

The enterprise-wide AML risk assessment is crucial as it outlines the organization's approach to assessing and mitigating money laundering risks across its entire operations. It helps auditors understand the key risks that have been identified by the organization, how those risks have been prioritized, and what controls have been implemented to manage them.

This identification ensures that the audit is tailored to the organization's specific context, addressing the areas with the highest risk and greatest need for compliance scrutiny. By understanding both the auditable entities and the risk assessment, auditors can better plan their approach, allocate their resources effectively, and ultimately provide more meaningful insights and recommendations to the organization.