Financial Institutions Must Assess Risks Associated with Specific Customer Groups
New Directive from the Bank for International Settlements (BIS)
A new directive from the BIS requires financial institutions to identify and assess the risks associated with specific customer groups, including those from high-risk regions and industries. The Obliged Entity’s Risk Assessment (OERA) methodology is designed to help financial institutions determine whether they have effective systems in place to manage money laundering and terrorist financing (ML/TF) risks.
Assessing Inherent Risk
According to the directive, financial institutions must assess inherent risk, which refers to the risk before controls are put in place. This includes analyzing factors such as:
- Customer type or group
- Country risk
- Product and service offerings
- Transactions
- Distribution channels
The assessment must also consider other risk criteria that could impact ML/TF risks, including:
- Sovereign risk
- Sectoral risks
- Future business strategies
OERA Methodology
The OERA methodology is designed to be proportionate to the size and complexity of each financial institution’s operations. For smaller institutions with low exposure to ML/TF risks, a simpler OERA may be sufficient. However, larger or more complex institutions will need a more comprehensive assessment.
Control Environment Assessment
The assessment must also consider the control environment put in place by each financial institution, including:
- Policies and procedures
- Customer due diligence
- Reporting
- Record-keeping
- Training
The goal is to identify residual risk, which refers to the risk that remains after controls are implemented.
Involvement of AML/CFT Officers
Financial institutions are required to involve their Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) officers in the OERA process, as well as other employees who have access to relevant information and documentation. The assessment must be reviewed by the AML/CFT officer to ensure that it accurately reflects the financial institution’s operations.
Goal of the New Directive
The new directive aims to help financial institutions identify and mitigate ML/TF risks, which are increasingly becoming a concern for global stability and security. By implementing effective risk assessments and controls, financial institutions can help prevent illicit activities and protect their customers’ assets.
Conclusion
In conclusion, the new directive from the BIS requires financial institutions to assess risks associated with specific customer groups and implement effective controls to mitigate ML/TF risks. By following this directive, financial institutions can ensure compliance with regulations and maintain global stability and security.