Risk Assessment: From Best Practice to Requirement

by | Jan 25, 2022 | AML Compliance Conference, Fiba Blog

Ever since 2001 when the four-pillar AML program requirement was first made into law, it was somewhat expected for institutions to have a risk-based AML program, but it wasn´t until the Anti-Money Laundering Act of 2020 (AMLA or the Act) that having one became a requirement.

With AMLA 2020, having a risk-based approach is no longer about following best practices, but an obligation to comply, says Ana María de Alba, CEO, and founder of CSMB.

Language pertaining to it can be found within section 6002, where it is stated that “to reinforce that the anti-money laundering and countering the financing of terrorism policies, procedures, and controls of financial institutions shall be risk-based.”

Another example can be found in section 5311: “to prevent the laundering of money and the financing of terrorism through the establishment by financial institutions of reasonably designed risk-based programs to combat money laundering and the financing of terrorism.”

In order to help prepare institutions, and with a compliance culture based on risk assessment, de Alba and her team prepared a three-part risk manual explaining everything one must know in order to create and implement a successful risk-based AML program.

Attendees at FIBA´s 2022 AML Compliance Conference in late February will receive a free copy of the manual, both in English and in Spanish. During the event, CSMB is also going to launch its newest tool, RiskRator.

RiskRator is an automated Risk Assessment Platform capable of performing over 57 million calculations per 1 million transactions. It follows FFIEC examination guidance as well as Basel and FATF-GAFI international standards, and ISO and COSO standardization guidelines, to dynamically assess and calculate the BSA/AML/OFAC or AML/CFT risk profile.

So far nine firms in six jurisdictions are enrolled in the beta launch.

According to de Alba, FinCEN is particularly pleased with the tool’s bottom-up approach “that allows you to better define an inherent risk, versus the more common top-down approach. RiskRator is the most comprehensive and rigorous in the industry.” She added.

De Alba decided to create this platform after many years of helping financial institutions do risk assessments with EXCEL spreadsheets. “It was a very comprehensive process that needed to be automated,” she said.

Join her and others at the hybrid event that connects regulators, law enforcement, and industry experts in a 3-day information exchange and collaboration in Miami.

Register now and enjoy early bird pricing!