Risk assessment is the cornerstone of an effective AML Compliance Program and the primary driver of an effective and efficient AML program. Financial institutions are required to periodically evaluate the AML risks of their individual business units across the enterprise.
ComplyGenics terminology and methodology of the MLRA are based in part on the guidance of the Financial Action Task Force, the international standard-setting body for anti-money laundering and countering the financing of terrorism (AML/CFT) safeguards.
We use the following concepts to measure risk:
These are the predicate crimes that are associated with money laundering. The environment in which predicate offenses are committed and the proceeds of crime are generated is relevant to understanding why, in some cases, specific crimes are associated with specific money laundering methods.
This is what facilitates or creates the opportunity for money laundering. It may relate to a specific financial sector, product or service. It may also reflect unique circumstances in which it may be difficult to distinguish legal from illegal activity. The methods that allow for the most amount of money to be laundered most effectively or most quickly present the greatest potential vulnerabilities.
Risk is a function of threat and vulnerability. It represents a summary judgment, taking into consideration the effect of mitigating measures and control mechanisms in place.
The identification of threats and vulnerabilities is critical to determine the value of the risk represented by the product and services, customer and entities, and the geographical location of the organization and its customers and entities. It is our belief that in order to apply the proper measures and controls first it is essential to quantify this risk.
ComplyGenics understands that the risk assessment is specific to each financial institution with unique risk-factors and categories. However, as the risk assessment process matures it should become an automated process. A factory-like approach to risk assessment will results on reduce costs and increase efficiency.
The Risk Assessment Process:
Identify specific products, services, Customer, Entities, and geographic locations where the financial institution and its customers operate.
Define and agree on the risk appetite and risk factors.
Detailed analysis of the data obtained on the specific risk factors.
Enhance data analysis with inputs from internal and regulator audits.
Assess the adequacy of controls to the FI’s risk appetite
Communicate and report findings. Develop an action plan to address issues.
Implement new or modified mitigating controls to reduce inherent risk.
ComplyGenics will work with your teams to either structuring a new AML risk assessment program or validating your current methodology. In either case, we will look at your program governance framework, people, processes, and technology, and data.