Compliance visit tests: Testing transactions
Transaction testing should be carried out to verify that the business’s policies and procedures are working as indicated or to substantiate and quantify the impact of any identified failures for the purposes of calculating civil penalties.
In either case, areas of particular risk, weakness, or non-compliance should be the focus.
Business records that can be used to test compliance can include:
- Transaction records
- Customer files
- Internal compliance management reports
- Internal or external system reviews or audits
Officers should select a suitable time period of records to examine in order to obtain sufficient evidence of the occurrence and regularity of non-compliance and the amounts of money involved. These can be extrapolated to calculate the appropriate penalty to cover the period over which the non-compliance occurred.
The compliance risk areas and appropriate tests are covered in the table at Appendix 4 which()can be found at MLR3C15000this also includes the relevant regulations and sections of MLR 8.