Implementing a Risk-Based Approach in AML Compliance Programs: Key Steps and Guidance (Full Transcript)

Speaker 1: In this video we'll talk about a risk-based approach and I will share some guidance on how to implement the risk-based approach in a compliance program. So let's jump right into today's video. Hi and welcome to FinCrimeAgent, my YouTube channel where every week I publish a new video to boost your knowledge about anti-money laundering and financial crime prevention. Today we'll take a deeper look at one of the most commonly known terms in the AML and regulatory compliance space, which is the risk-based approach. If you are working with a compliance team that are planning to implement the risk-based approach, I'm now going to start with 4 points that could give you a high-level guidance regarding the works that would need to be done. The first step you will need to take is to identify the highest regulatory risks. Step number two will be to ensure those risks are prioritized within your controls, policies and procedures. Step three is monitoring the overall program you have designed in order to understand if it is actually working. The results of an effective program should allow you to mitigate and reduce those highest risks. Step number four, as soon as you are confident that the highest risks are reduced and managed efficiently, you can take the same approach for the risks at a lower level. Those steps are broadly applicable to most firms that must comply with a risk-based approach. But let's now look closely to the risk-based approach in the context of anti-money laundering and counter-terrorist financing to see what actions are expected by the compliance team to take in order to efficiently implement the risk-based approach in their compliance programs. Sorry for the very quick interruption. If you are finding valuable this video, you can show your appreciation by subscribing to FinCrime Agent and press the thumb up on the video. This will make it super easy for you to consume more videos published on FinCrime Agent in the future. And as I'm growing my audience, I can also make more videos for you. So thank you for your support. Back to the video now. Ensuring a risk assessment is in place across all business activities. A risk assessment is an examination of your firm's potential risks and vulnerabilities to money laundering and terrorist financing. The risk assessment complexity must be determined by a number of factors, including the company size and risk variables. A good practice to produce an efficient risk assessment is to perform the risk assessment in two stages. First stage would be the assessment of the risks associated with the firm's products, services, and jurisdictions in which the company operates. Second step would be the assessment of the risks associated with the clients, including the geographic regions where they operate and conduct their business. Having adequate controls for the mitigation of risks. When your risk assessment finds that the risk of money laundering or terrorist financing is high, you must establish documented risk mitigation strategies, policies, and procedures designed to mitigate high risks and implement them in high-risk circumstances as part of your compliance program. Keeping your customer due diligence and customer risk scores up to date. Depending on the type of customers, a different level of due diligence will be required. Enhanced due diligence and more frequent reviews will be needed for those considered to be high-risk, whereas simplified due diligence can be applied to lower-risk customers. For corporate clients, associated parties, and ultimate beneficial owners should also be kept into consideration for an accurate customer due diligence. Ongoing monitoring of transactions. In order to detect suspicious activities, you must take reasonable steps to review all financial transactions in order to understand if they represent a high risk of money laundering and terrorist financing. Reasonable measures often include the use of automated solutions, however, very small firms may still run the transaction monitoring process manually. AML reviews are not required to be completed in real-time by most jurisdictions. Instead, the screening of transactions aimed to identify sanctions connections are indeed processed in real-time. In the AML transaction monitoring space, when suspicious activities are identified, the submission of regulatory reports to the local crime agency are also mandatory steps that should be followed. And with that, I'm at the end of today's video. If this video was useful to you, you can show your appreciation by subscribing to FinCrimeAgent and press the thumb up on this video. Also check the description of this video where you will find some useful links and references including how to become part of the FinCrimeAgent community on Patreon.com. Lastly, thank you for watching, I hope you have enjoyed today's video and until next time, see you soon.