Global Standards AML Risk Assessments
International standards require anti-money laundering compliance programs to incorporate an AML business risk assessment. The AML CFT business risk assessment is needed to examine specific areas to understand the full extent of any exposures the business presents to unwittingly facilitating money laundering or terrorism financing.
The areas that must be examined for AML CFT risk include: (1) a business's nature, size and complexity, (2) Client types, (3) Products and services offered, (4) How products and services are provided to clients, and (5) Geographies.
AML/CFT Sector and National Risks
Risks relevant to your industry sector are published by your AML Supervisor, with further information in the national risk assessment. To meet regulatory expectations, you'll need to document the extent to which these risks apply to your business.
Aspects relevant to a business's nature, size and complexity include the number of employees, the number of senior managers, how many branches operate and whether a company is global or domestic only.
Measuring the volume and value of transactions is relevant to understanding the business size.
It would be best if you also considered the resourcing of the AML CFT compliance officer. Is the position full-time or shared with other duties and responsibilities? When an AML compliance officer is not fully dedicated to the role, there is greater exposure to falling behind in meeting regulatory expectations.
Customer Risk Profiling
A customer presents the most significant risk to a business. To manage customer risk, AML monitoring systems must be able to detect and report suspicious customer behaviour.
Management of customer risks must be established in policies, procedures and controls. You should expect your AML Supervisor and independent auditor to understand the rationale for customer profiling.
Matters that increase customer risk include - country of residency, the purpose of the account, cash intensiveness, the number of individuals associated with the history and the expected volume and value of account activity. These are only some measurements that should be considered for customer risk.
AML360 develops your business with a tailored profiling solution that you access online. If you would like more information, please send an email to info@aml360.com.
Products and Services (Transaction Risk)
International and organised criminal groups seek products and services that easily facilitate their illegal activity. These groups receive assistance from lawyers, accountants, real estate agents and financial brokers. With expertise in identifying countries with weak AML CFT compliance, they will target businesses that offer the path of least resistance.
High-risk products and services provided by non-compliant businesses result in international criminal groups succeeding. Therefore, products and services require individual risk evaluation. Aspects that increase risk include 1. cash intensity. 2. third party payments. 3. global reach. 4. ownership obscurity. 5. liquidity value. 6. high value. 7. low value and high volume. These are only some aspects that increase transaction risk.
AML360 provides risk evaluations of products and services. Our risk assessments are at a business-wide level and also individual characteristics of products and services. Your business receives a secure online account to an AML CFT products and services register. You can request a free trial at aml360.com.
Method of Delivery
Criminals prefer to have no direct contact with businesses facilitating their illegal activity. By distancing their proximity from the business, criminal groups are more likely to avoid detection.
This is one of the reasons why third-party representation increases the risk of money laundering or terrorism financing.
The lowest risk of customer interaction is face-to-face activity, directly with the customer.
The reality, however, is that face-to-face activity is significantly decreasing due to advanced technology. Businesses that onboard customers without face-to-face activity need to consider the controls in place to mitigate increased risks.
When using biometric technology for identity verification, the results of due diligence on the service technology should be incorporated into the AML CFT policy. It is also essential to understand the origin of identity verification records. Is the verification linked to the government data base, or is the verification based on a less reliable source?
All programs require a customer identification process that meets regulatory expectations of independence and reliability.
Geography Risk
Geography risk is linked to customer residency and country of birth, global reach of products and services, location of branches and the underlying currency of trade. When determining country risk, consideration should include the strength of the country's AML CFT framework. Other factors to consider include whether the country has high levels of corruption, whether the government offers stability under democratic governance, whether there are any risks to harbouring terrorism and consideration of country borders.
A sanctioned country might relate to a blanket trade prohibition or specific goods and services. Governments provide free access to their lists of sanctioned entities and higher-risk countries.
Free Data Sources
The Financial Action Task Force is the international watchdog for determining country compliance levels with international standards. These reports are free from their website.
Other accessible sources of country risk data include Know Your Country Dot Com, the Basel AML Index and the Corruptions Perception Index.
About AML360
AML360 provides an end-to-end AML/CFT platform to ensure management of AML/CFT compliance is simplified and performed to meet regulatory expectations.
Your business can subscribe to an individual compliance module or build your AML CFT framework by adding additional modules.
Our regulatory software provides business risk assessments, customer risk profiling, transaction and activity monitoring, case management, geography risks, internal compliance reviews and audit reports.