Risk assessment is the cornerstone of an effective AML Compliance Program and the primary driver of an effective and efficient AML program. Financial institutions are required to periodically evaluate the AML risks of their individual business units across the enterprise.
ComplyGenics terminology and methodology of the MLRA are based in part on the guidance of the Financial Action Task Force, the international standard-setting body for anti-money laundering and countering the financing of terrorism (AML/CFT) safeguards.
We use the following concepts to measure risk:
The identification of threats and vulnerabilities is critical to determine the value of the risk represented by the product and services, customer and entities, and the geographical location of the organization and its customers and entities. It is our belief that in order to apply the proper measures and controls first it is essential to quantify this risk.
ComplyGenics understands that the risk assessment is specific to each financial institution with unique risk-factors and categories. However, as the risk assessment process matures it should become an automated process. A factory-like approach to risk assessment will results on reduce costs and increase efficiency.
The Risk Assessment Process:
Identify specific products, services, Customer, Entities, and geographic locations where the financial institution and its customers operate.
Define and agree on the risk appetite and risk factors.
Detailed analysis of the data obtained on the specific risk factors.
Enhance data analysis with inputs from internal and regulator audits.
Assess the adequacy of controls to the FI’s risk appetite
Communicate and report findings. Develop an action plan to address issues.
Implement new or modified mitigating controls to reduce inherent risk.
ComplyGenics will work with your teams to either structuring a new AML risk assessment program or validating your current methodology. In either case, we will look at your program governance framework, people, processes, and technology, and data.