PRACTICAL SOLUTIONS
Phase 1 — Information gathering and
inherent risk
solid understanding of client base, the types
of transactions they utilize and the volumes
of transactions processed must be established. A financial institution’s geographical
presence, foreign exposure and assets under
management should also be collected and
gathered. Once you have drawn a map of the
financial institution’s footprint, created a list
of products and services offered, and identified who the clients are, one now has the
knowledge and tools necessary to effectively
assess the financial institution’s AML and
CTF inherent risk.
The first phase of developing the AML risk
assessment is information gathering. A
complete inventory of a financial institution’s
client-base, products and services offered
and geographical locations must be taken
prior to evaluating the institution’s risk. A
A recommended methodology for uncovering and analyzing a financial institution’s
inherent risk is in two parts. First, survey
or interview those business units within a
financial institution that have been identified
as having applicability for AML or CTF risk.
cial institutions may wish to assess their
risk on a corporate level only. Regardless
of the approach, the final risk assessment
must encompass an enterprise assessment of
AML and CTF risk. The important element to
remember is that there is not one approach
that is necessarily correct.
A three-pronged approach is recommended
in the development of a financial institution’s
AML risk assessment:
Make sure to engage the appropriate business unit managers, compliance officers, and
subject-matter experts responsible for AML
and CTF risk mitigation and the knowledge
to effectively answer and explain their business unit profile. These individuals should
be able to speak about client-base, products
and services offered, as well as their business unit’s geographical footprint and international reach.
Second, request corporate management
information systems (MIS) data reports to
quantify dollar amounts, transaction volumes
and number of accounts around each individual risk factor. These reports can serve as
supporting documentation to what has been
uncovered through the business unit interview or survey. This leads to both a qualita-
ACAMS.ORG | MARCH–MAY 2011 | ACAMS TODAY
51