©THEBRIGHT 2025 ALL RIGHTS RESERVED 11:11AM.
CAFCA Basic Exam Questions And Answers
2025 Update.
Name two important pieces of anti-bribery and
corruption legislation with extra territorial reach. - Answer✔The Foreign Corrupt Practices Act
in the US and The UK Bribery Act
2010.
What are the main types of sanctions and who
do they target? - Answer✔Financial, economic, and trade.
They generally target individuals,
organizations, and countries.
List the three major reasons people commit
fraud, and what this model is called. - Answer✔The three major reasons are
pressure, opportunity, and
rationalization. This model is referred to as the
"Fraud Triangle.
State two differences between tax avoidance
and tax evasion. - Answer✔Tax avoidance uses legal practices
to reduce taxes owed, whereas tax
evasion uses illegal practices to evade paying
taxes owed.
State an example of high-risk customers that
Fin Techs might encounter. - Answer✔Examples include customers who
sign up using false identities, customers who lie about the purpose of
1
, ©THEBRIGHT 2025 ALL RIGHTS RESERVED 11:11AM.
business relationships, front companies,
companies with complex ownership structures,
and customers linked to organized crime groups.
Name an example of politically exposed persons - Answer✔Examples of PEPs include heads of
state or heads of government; senior politicians; senior government; judicial and military
officials, senior executives of state-owned corporations; and important political party officials,
as well as their families and close
associates. Usually, PEP positions are specified
in each jurisdiction's AML regulation.
Name some jurisdiction risks and red flags in
the Fin Tech sector. - Answer✔Jurisdictions with higher risk
include those with poor AML
regulations, high levels of corruption, inadequate
frameworks to prevent financing of terrorism,
and economic sanctions in place. Jurisdictions
that ere tax havens and those known to host
shell companies are also high-risk.
Why are Fin Techs often considered to be
high-risk companies? - Answer✔Because of the lack of face-to-
face encounters and the speed
with which a person can access financial
products
What are some Fin Tech risks and red flags? - Answer✔Non-face-to-face customer
interactions and onboarding, cryptocurrencies and anonymity, faster payments, new
technologies and their potential vulnerabilities, unproven business models, and undeveloped
governance frameworks.
What are the benefits to using banking as a
service provider? - Answer✔Faster speed to market and
overcoming regulatory
complexities.
2
, ©THEBRIGHT 2025 ALL RIGHTS RESERVED 11:11AM.
What are card schemes? - Answer✔Membership-based networks that
enable a payment method, such as
Visa, JCB, and MasterCard.
What are the three lines of defense in AML
compliance? - Answer✔The first line of defense is the line
of business. The second line of
defense is the compliance and internal control
functions. The third line of defense is internal
audit.
What is meant by a "four-eyes check" during
onboarding? - Answer✔To ensure proper checks are
performed, a second person might
review the file. This is also known as employing
"dual controls."
What are dual controls? - Answer✔In the prevention of financial crime,
dual controls can be applied during
CDD to ensure it is performed correctly.
Why is it important for the second line of
defense to be independent from the business
line? - Answer✔To be empowered to obtain
access to information throughout
the organization; conduct investigations of
possible breaches; and freely express and
disclose findings to senior management.
Describe the responsibilities of the money
laundering reporting officer (MLRO). - Answer✔Ensuring that the organization's
AML/CFT efforts are effectively
designed and implemented, handling inquiries;
3
, ©THEBRIGHT 2025 ALL RIGHTS RESERVED 11:11AM.
determining whether SARs require reporting to
authorities; and overseeing training
For optimal effectiveness, who should perform
an organization's audit? - Answer✔The audit should be independent;
that is, performed by people not
involved with the organization's AML/CFT
compliance staff. The audit team should report
directly to the board of directors or a designated
board committee of outside directors.
What is an organization's risk appetite? - Answer✔Risk appetite determines the type
of customer it will accept, the type
of product it will offer, and the jurisdictions in
which it will do business.
Why should customer risk assessments be
dynamic and capable of revision over time? - Answer✔Customer risk can change during
the business relationship.
Organizations need a current understanding of
customer risk so they can apply due diligence
and ongoing monitoring.
For any financial institution, who should receive
ongoing AML training? - Answer✔An organization's employees and
third parties, such as contractors
and agents.
How can a Fin Tech prepare for a successful
audit? - Answer✔Plan in advance, ensure staff
availability; ensure documentation
is correct and up-to-date; address potential
issues on an ongoing basis throughout the year;
4
CAFCA Basic Exam Questions And Answers
2025 Update.
Name two important pieces of anti-bribery and
corruption legislation with extra territorial reach. - Answer✔The Foreign Corrupt Practices Act
in the US and The UK Bribery Act
2010.
What are the main types of sanctions and who
do they target? - Answer✔Financial, economic, and trade.
They generally target individuals,
organizations, and countries.
List the three major reasons people commit
fraud, and what this model is called. - Answer✔The three major reasons are
pressure, opportunity, and
rationalization. This model is referred to as the
"Fraud Triangle.
State two differences between tax avoidance
and tax evasion. - Answer✔Tax avoidance uses legal practices
to reduce taxes owed, whereas tax
evasion uses illegal practices to evade paying
taxes owed.
State an example of high-risk customers that
Fin Techs might encounter. - Answer✔Examples include customers who
sign up using false identities, customers who lie about the purpose of
1
, ©THEBRIGHT 2025 ALL RIGHTS RESERVED 11:11AM.
business relationships, front companies,
companies with complex ownership structures,
and customers linked to organized crime groups.
Name an example of politically exposed persons - Answer✔Examples of PEPs include heads of
state or heads of government; senior politicians; senior government; judicial and military
officials, senior executives of state-owned corporations; and important political party officials,
as well as their families and close
associates. Usually, PEP positions are specified
in each jurisdiction's AML regulation.
Name some jurisdiction risks and red flags in
the Fin Tech sector. - Answer✔Jurisdictions with higher risk
include those with poor AML
regulations, high levels of corruption, inadequate
frameworks to prevent financing of terrorism,
and economic sanctions in place. Jurisdictions
that ere tax havens and those known to host
shell companies are also high-risk.
Why are Fin Techs often considered to be
high-risk companies? - Answer✔Because of the lack of face-to-
face encounters and the speed
with which a person can access financial
products
What are some Fin Tech risks and red flags? - Answer✔Non-face-to-face customer
interactions and onboarding, cryptocurrencies and anonymity, faster payments, new
technologies and their potential vulnerabilities, unproven business models, and undeveloped
governance frameworks.
What are the benefits to using banking as a
service provider? - Answer✔Faster speed to market and
overcoming regulatory
complexities.
2
, ©THEBRIGHT 2025 ALL RIGHTS RESERVED 11:11AM.
What are card schemes? - Answer✔Membership-based networks that
enable a payment method, such as
Visa, JCB, and MasterCard.
What are the three lines of defense in AML
compliance? - Answer✔The first line of defense is the line
of business. The second line of
defense is the compliance and internal control
functions. The third line of defense is internal
audit.
What is meant by a "four-eyes check" during
onboarding? - Answer✔To ensure proper checks are
performed, a second person might
review the file. This is also known as employing
"dual controls."
What are dual controls? - Answer✔In the prevention of financial crime,
dual controls can be applied during
CDD to ensure it is performed correctly.
Why is it important for the second line of
defense to be independent from the business
line? - Answer✔To be empowered to obtain
access to information throughout
the organization; conduct investigations of
possible breaches; and freely express and
disclose findings to senior management.
Describe the responsibilities of the money
laundering reporting officer (MLRO). - Answer✔Ensuring that the organization's
AML/CFT efforts are effectively
designed and implemented, handling inquiries;
3
, ©THEBRIGHT 2025 ALL RIGHTS RESERVED 11:11AM.
determining whether SARs require reporting to
authorities; and overseeing training
For optimal effectiveness, who should perform
an organization's audit? - Answer✔The audit should be independent;
that is, performed by people not
involved with the organization's AML/CFT
compliance staff. The audit team should report
directly to the board of directors or a designated
board committee of outside directors.
What is an organization's risk appetite? - Answer✔Risk appetite determines the type
of customer it will accept, the type
of product it will offer, and the jurisdictions in
which it will do business.
Why should customer risk assessments be
dynamic and capable of revision over time? - Answer✔Customer risk can change during
the business relationship.
Organizations need a current understanding of
customer risk so they can apply due diligence
and ongoing monitoring.
For any financial institution, who should receive
ongoing AML training? - Answer✔An organization's employees and
third parties, such as contractors
and agents.
How can a Fin Tech prepare for a successful
audit? - Answer✔Plan in advance, ensure staff
availability; ensure documentation
is correct and up-to-date; address potential
issues on an ongoing basis throughout the year;
4
