The Visa AML/ATF and Sanctions Officer, as the Policy Owner, administers the Policy and develops a policy framework that includes procedures, tools, training and communication to implement this Policy and achieve its objectives.
The Audit and Risk Committee of the Visa Inc. Board of Directors ("ARC") is responsible for overseeing the Program and shall be notified of any material Policy exceptions. As such, Visa's AML/ATF and Sanctions Officer shall provide periodic reports to the ARC on the implementation of the Program.
The Corporate Risk Committee (CRC) provides governance oversight for this Policy. The CRC is responsible for overseeing implementation of the Program, and its responsibilities include, but are not limited to:
- Appointing the Visa AML/ATF and Sanctions Officer;
- Approving the Policy and any amendments;
- Approving lawful exceptions to the Policy; and
- Overseeing management's administration of the Program.
The Visa AML/ATF and Sanctions Officer has overall responsibility for the design and implementation of the Program. Specifically, he/she is responsible for:
- Developing and maintaining global procedures that implement the Policy;
- Implementing the Program and providing periodic reports to the ARC and CRC;
- Developing internal quality control testing to ensure related procedures, processes, systems and tools are functioning as intended;
- Conducting and maintaining a periodic AML/ATF and Sanctions Risk Assessment;
- Conducting periodic validation of legal/regulatory requirements;
- Conducting job-specific AML/ATF and Sanctions and Export Control training to ensure business and operations teams understand requirements, tools, and systems; and
- Reviewing the Policy at least annually to confirm that it remains relevant and is effective in meeting the stated business objectives, and recommending updates as needed to the CRC.
Visa’s Legal Department (“Legal”) is responsible for advising the Visa AML/ATF and Sanctions Officer of legal and regulatory developments. Additionally, Legal is responsible for reviewing and approving all changes to the Policy and Procedures to ensure compliance with applicable regulatory requirements.