Risk Based Approach AML | FAQ

Background

Due to technological developments, money laundering criminals have become increasingly sophisticated. They use a range of tools and methods to circumvent regulations and exploit loopholes in the financial system.

For this reason, a number of regulations and instruments have been enacted to combat money laundering and terrorist financing.

Among them is the Financial Action Task Force (FATF), which since the beginning of the year 2000 has been recommending that regulated financial firms adopt a risk-based approach. All of the following recommendations are based on the idea of a risk-based approach. This helps to fight money laundering (AML) and it minimizes the amount of illegal money that gets into the hands of criminals and stays there.

But what does risk based approach to AML mean and how can it be adapted? This guide will help in designing and implementing this approach.

What is a Risk Based Approach?

In general, a risk-based approach comprises two parts: Identifying specific risks and prioritizing those risks. So when we talk about what a risk-based approach entails, it’s about the ability to assess risk and respond flexibly.

What is a Risk Based Approach to AML?

A risk-based approach to AML means that countries, government agencies, and financial institutions identify, assess, and understand the money laundering and terrorist financing risk to which they are exposed and take appropriate mitigating actions based on the level of risk.

Thus, for your organization, the risk-based approach implies identifying the highest compliance risks for your organization and making them a priority for the organization’s compliance controls, policies and procedures. The highest identified risks are thus supervised and the necessary measures are taken to ensure compliance. Once your compliance program has reduced these highest risks to an acceptable level, it moves on to the lower risks.

What are the Benefits of Risk Based Approach?

Staying Compliant

Financial institutions must comply with government regulations to prevent money laundering. With risk-based approaches, they can better protect themselves, because the risk-based approach is central to the effective implementation of the FATF recommendations. In this way, money laundering penalties can be averted.

Proactive Stance

By taking a risk-based approach to anti-money laundering, you will take a more proactive stance against illegal activity. Rather than waiting until illegal transactions and transfers have already occurred, a risk-based approach allows you to implement stop-gaps. These measures ensure that nothing problematic has taken place or minimize the extent to which it already has.

Averting the greatest damage

When the biggest compliance risks occur, they cause the biggest disruptions: Time spent on investigations, litigation settlement costs, unwanted headlines, compromised business partnerships, and so on. That’s why it’s very important to prioritize averting the biggest risks.

Efficiency

Moreover, the risk-based approach to AML has a positive impact on your efficiency, as you avoid unnecessary efforts and you focus on relevant ones. In fact, many of your customers are harmless, while a few may pose a major threat. Applying a single standard to all – for example, if you perform the same due diligence procedures on all your customers – that’s too much unnecessary effort for the harmless customers and not enough for the risky ones.

Thus, the flexibility allows for more efficient use of resources, as banks and regulated financial institutions can decide how to mitigate the money laundering/terrorist financing risks most effectively they have identified.

You can pool your resources to take stronger measures in situations where the risks are higher, apply simplified measures when the risks are lower, and exclude low-risk activities.

How to adopt a Risk Based Approach?

Implementing the risk-based approach to AML in practice involves performing the following three steps:

1. Identify risks
2. Evaluate risks
3. Develop strategies to address and mitigate the identified risks

Risk-based approaches to anti-money laundering require banks and other financial institutions to carefully assess all potential risks they face. This requires knowing your customers. This means learning about the business activities, industries, and characteristics of potential and actual customers. When you know your customers better, you can better assess how likely they are to engage in money laundering and other illegal activities. With this knowledge, you can then respond to potential problems much more quickly and effectively.

An example of the types of risks that are assessed when creating a risk profile for a customer, portfolio, or product launch are: Customer risk, geographic risk, product-related risk, transaction-related risk, process-related risk, industry-related risk and more.

Once the appropriate risk category or rating has been identified, a control and risk mitigation framework must be put in place. This will ensure that each level of risk is mitigated to a level appropriate to the organization’s risk appetite. The results of these risk mitigation activities must be monitored regularly and should be documented in an auditable manner. This of course includes individuals as well as corporate customers. Transactions involving higher-risk customers might be subject to more stringent monitoring (EDD).

Measures to support the Risk Based Approach to AML

Know Your Customer (KYC) Guideline

To ensure an effective risk based approach to AML, the first guideline to be implemented is KYC (know your customer). This includes the verification of a customer’s identity. The information collected may include data such as name, date of birth, address and identification number, as well as more detailed information about his transactions such as location, expected transaction patterns and more. All this information helps assess the risk associated with the customer.

PEP and Sanction Screening

By conducting customer due diligence (CDD) and enhanced due diligence (EDD) checks, financial institutions are complying with law. Part of this is the customer screening in form of PEP and sanction screening.

• Politically exposed persons (PEPs) are persons who hold or have held an important public function. This function may, for example, give them influence over the use of taxpayer funds or the awarding of contracts by state-owned enterprises. As such, they are considered by the Financial Action Task Force to be a category of individuals more vulnerable to bribery, corruption, and money laundering than most.
• Financial sanctions include asset freezing and the prohibition to offer funds and services. Individual countries and multinational organizations (e.g., the EU and the United Nations) impose sanctions to pressure other countries or organizations to change their behavior. Sanctions can be directed against individuals, specific companies, or entire nations.

Transactions Monitoring

Monitoring transactions is an essential component in identifying transactions that are potentially suspicious. Therefore, regulated businesses need to screen their customers transactions at an ongoing level.

For many types of banking and financial activity, where large volumes of transactions occur on a regular basis, automated AML transactions monitoring systems are the only realistic method of monitoring transactions. However, where automated systems are used, institutions still need to understand their operating rules, verify their integrity on a regular basis and check that they address the identified ML/TF risks.

When a customer’s activity is deemed suspicious, a Suspicious Activity Report (SAR) must be filed. Monitoring transactions is an important part of keeping up with changes in the risk associated with a customer.

Ongoing Monitoring

In addition to specific transaction monitoring, ongoing monitoring goes even further. Monitoring also includes identifying changes in the customer profile (e.g., change in information, use of products) and updates, which may require the application of new or additional CDD measures.

How can DX Compliance help?

DX Compliance is an AML and Compliance firm helping our clients identify, prevent and report financial crime. DX Compliance help Banks, FinTech’s and Payments Providers to continually monitor their risk and detect the threat of money laundering to ensure compliance and reduce fines.

DX Compliance offers two products to support our Clients in the UAE and beyond. A world class real-time AI Transactions Monitoring system and an instant AML Check Platform called CheckAML.

Curious? Please contact our experts!