PRACTICAL SOLUTIONS
AML risk assessments
– Concepts and methodologies to fully
understand a financial institution’s risk
M
oney Laundering (ML) and
Terrorist Financing (TF) are
global issues crossing each and
every border with a large impact on the
financial services sector. Do you know and
understand this impact on your financial
institution? Can you explain where your
ML and TF risk lie? International mitigation
efforts have been put in place in attempts
to intercept and combat both ML and TF
activity. The Financial Action Task Force
(FATF) recommendations have been passed
down to country Financial Intelligence Units,
such as AUSTRAC, FINTRAC, FIC, JFIU,
and FinCEN to name a few. These recommendations cover expectations of what
an anti-money laundering (AML)/counter
terrorist financing (CTF) program should
have in place. In addition, FATF’s Interpretive Note on the Risk Based Approach
(IN-RBA) mandates financial institutions to
perform AML/CTF Risk Assessments. When
assessing a financial institution’s risk, these
recommendations should be addressed
and risk assessed accordingly. Within the
United States, guidance on risk assessments
given through the Federal Financial Institutions Examination Council (FFIEC) BSA/
AML Examination Manual. Moreover, financial institutions should follow guidance as
offered by their country’s FIU, regulator or
ministry of finance.
AML and CTF risk assessment should be the
driving force of a financial institution’s AML/
CTF compliance program, identifying key
areas for potential money laundering and
terrorist financing activity. The foundation of
a sound AML compliance program lies within
a thorough AML risk assessment.
When assessing risk, it is important to
remember some areas within the financial
services industry pose a greater risk for
potential money laundering and terrorist
financing than other areas, due to the inherent
nature of the business and transaction types
involved. These areas of higher risk deserve a
higher level of attention and must be afforded
50
more scrutiny within the risk assessment
process. Areas within a financial institution
with little or no AML or CTF risk should be
allocated the appropriate attention.
AML risk assessment foundation
Understanding that not one size fits all and
that no one approach or methodology is
absolute, the foundation for an effective AML
risk assessment should include, at minimum,
the following risk factors:
• Client types banked
• Products and services offered
• Geographical reach
A financial institution’s client base should
be examined. As high-risk clients carry with
them a greater risk for potential money
laundering and terrorist financing, greater
scrutiny should be given to Money Services
Businesses (MSBs), Politically Exposed
Persons (PEPs), Embassy and Foreign
Consulate (EFC) and Private Investment
Companies (PICs) accounts, to name a few.
These client types should be identified and
risk rated accordingly. In addition, all highrisk client-types as defined by a financial
institution should be considered and risk
rated as well.
The number of high-risk products and services
offered by a financial institution directly correlates to the institution’s AML and CTF risk.
Along with products and services offered,
transaction processing should be examined
as well. The number of wire transfers, for
example, should be identified, analyzed and
assessed within the risk assessment. These
transactions include both domestic and international cross-border wire transfers. Additionally, domestic ACH and International
ACH Transactions (IAT) should be given the
same scrutiny as wire transfers. Further, it is
recommended to consider taking a hard look
at any new product initiatives or products and
services that have recently become ‘hot topics’
within the industry such as Remote Deposit
Capture (RDC), Third Party Payment Proces-
ACAMS TODAY | MARCH–MAY 2011 | ACAMS.ORG
A qualitative and
quantitative approach
to a risk assessment
collectively makes
for a more accurate
and reasonable
assessment of risk
sors (TPPP), Bulk Shipment of Currency
(BSC) as well as previously mentioned IAT. It
is equally important to consider evolving and
emerging product types such as electronic
money movements and mobile payments as
these product types tend to be conduits for
potential money launderers or terrorist financiers as controls and mitigations may still be in
the development phase.
A financial institution’s footprint, its presence in regions known for drug trafficking
and/or financial crimes, as well as overseas
exposure, plays a major role in the assessment of AML/CTF risk. Equally important, it
is imperative to assess a financial institution’s
exposure to high-risk countries, conflict
countries, and those countries or regions in
which its gove