The Asian Bankers Association (ABA) and Fintelekt Advisory Services jointly held a webinar on Conducting Enterprise-Wide AML/CFT Risk Assessment on March 3, 2021 with the participation of more than 650 registered participants from over 30 countries.
The webinar provided the opportunity to learn and gain insights from the presentations and subsequent discussions of the two speakers Ms. Madhu Sinha, Independent AML Compliance Professional and Former Head of AML, Citi Bank India, and Mr. Stephen Cutler, Chief Enterprise Risk and Compliance Officer, Omnipay, and the moderator Mr. Shirish Pathak, Managing Director, Fintelekt Advisory Services, on the importance of comprehensive and ongoing Enterprise-Wide AML/CFT Risk Assessment (EWRAs) to ensure comprehensive inclusion of risks, regulatory expectations, international standards and managing costs and resources for EWRAs.
Hereunder are some key takeaways from the webinar:
(1) Madhu Sinha explained the approach to EWRAs – why conduct them, how to conduct them, the review process, desired outcomes, and regulatory expectations.
- An EWRA assesses a financial institution’s inherent AML/CFT risks, effectiveness of control environment, and the need to implement additional measures to mitigate residual risks where necessary.
- It forms the cornerstone of the AML/CFT risk management programme and helps Financial Institutions (FIs) to apply a risk-based approach based on residual risks of business lines.
- It is important to develop a model that includes all the risk factors and is customised to the size and complexity of the FI’s business.
- The EWRA model should consider customer types, products and services, geographies, channels and transactions and assign a risk rating to all of these elements.
- A quantitative analysis of data as well as qualitative inputs such as nature of the complex, hiring practices, provision of training, etc. are necessary to arrive at the residual risk.
- It is critical that the Board of Directors and senior management of the organisation are engaged and involved with every step of the EWRA process.
- Regulators expect that the process is followed in spirit and not approached as tick-mark exercise and hence they look for a structured methodology, deliberation by senior management, good use of data analytics and identification and action upon areas of improvement flagged off by the EWRA exercise.
“The EWRA should be a living document. Since the risks to a business, external factors and typologies keep evolving, the EWRA cannot be a static document and needs to be continuously updated.” – Madhu Sinha, Independent AML Compliance Professional and Former Head of AML, Citi Bank India
(2) Stephen Cutler emphasized that organisations need to be focused and serious in incorporating all of the risks in order to protect the employees, the company, the industry, the communities, and the nation.
- During the EWRA project, organisations should focus on aspects such as:
- A thorough understanding of the AML risks and the organisation’s control mechanisms
- An assumption that there will always be risks and that these risks will keep on evolving
- Effective planning and continuous adjustment of the organisation’s responses
- Providing effective training to employees involved in the process
- Adequate involvement of the Board and senior management
- Avoiding the use of copy-pasted tools from another organisation, instead of customizing the process to the specific organisation
- EWRAs must be approached with an open mind. There is a risk of biases entering the process: such as over-reliance on the first piece of information available, overestimating the importance of available information, the tendency to see patterns in random events, or a confirmation bias.
“Risk Assessments are often “scientific” and quantifiable, but they also contain an element of “art” because the quality of the assessment depends on the personnel putting them together.” – Stephen Cutler, Chief Enterprise Risk and Compliance Officer, Omnipay
Webinar’s video and presentation files:
The recording of the webinar and the slides are available at the Fintelekt Academy https://fintelekt.academy/courses/webinar-conducting-enterprise-wide-aml-cft-risk-assessment/.
Registration in the Fintelekt Academy is FREE and more than 80% of the content is FREE to view.
Participation Certificates are available to participants who upgrade to Premium membership on Fintelekt Academy upon completion of a multiple-choice assessment.
Paid membership is available to ABA members for US$95 annual subscription – representing a 24% discount from the standard annual subscription of US$125 for ABA non-members.
Paid members of the Fintelekt Academy can apply for Fintelekt-ABA webinars’ Certificates of Participation, at NO EXTRA COST for one year.