Audit Program 4.0 - User Manual
3. Client Acceptance & Sanction Screening:
Client Acceptance / Engegement Continuance
This section serves as a compliance reminder for auditors to adhere to regulatory requirements during the audit process. While this section does not include any specific functions within the AP4.0 program, it highlights critical steps to ensure compliance with anti-money laundering (AML) and counter-terrorist financing (CTF) regulations, as required by the Money Laundering Reporting Officer (MLRO) in Hong Kong.
Sanction Name Screening Requirements:
When conducting client acceptance procedures for new clients or engagement continuance procedures for existing clients, auditors must perform UN sanction name screening on the following individuals associated with the client:
– Directors, and
– Shareholders, and
– Ultimate Beneficial Owners (UBOs)
Timing for Name Screening Procedures:
- For New Clients: Sanction name screening must be performed before the date of the audit engagement letter is issued.
- For Existing Clients (Engagement Continuance): Sanction name screening must be performed before the commencement of audit planning work for the engagement.
Next Steps:
During installation and regular use, AP4.0 requires administrator privileges to run properly. Ensure that the user account
To comply with these requirements, users should proceed to the next sub-sections to learn how to:
- Add the names of directors, shareholders, and UBOs of the previously added clients. You do not have to add the client names, as they have already been uploaded in Step 0.
- Perform AML sanction name screening, which includes:
– Initial Name Screening: To fulfill client acceptance or engagement continuance procedures.
– Ongoing Name Screening: As part of ongoing monitoring, performed at a frequency in accordance with the user’s AML Procedures Manual.
By following these steps, auditors can ensure compliance with legal and regulatory frameworks, mitigating potential risks and fulfilling their professional responsibilities.
has sufficient permissions to install, configure, and execute the program. If your system is managed by an IT department, you may need their assistance to configure these settings.