“licensees must take appropriate steps to identify and assess their money laundering and terrorist financing risks (for customers, countries or geographic areas; and products, services, transactions or delivery channels). They must document the assessments in order to be able to demonstrate their basis, keep these assessments up to date, and have appropriate mechanisms to provide risk assessment information to the CBB. The nature and extent of any assessment of money laundering and terrorist financing risks must be appropriate to the nature and size of the business.” CBB rulebook, Financial Crime Module Volumes 1 and 2
Financial action task force (FATF) guidance
In recent updates to FATF recommendations, participating countries are required to address and evaluate their money laundering / terrorist financing (ML/TF) risks at a national level.
What does this mean for banks and other financial institutions?
The Kingdom of Bahrain, a member of the Middle East and North Africa financial action task force (MENAFATF), has undertaken steps to assess ML/TF risks. The CBB issued a comprehensive questionnaire in 2017 to obtain risk-specific information on licensees’ exposure to ML/TF risks and their overall AML/CFT compliance frameworks. Financial institutions (FIs) should – as recommended by the FATF and CBB – periodically assess their AML/CFT risks and adopt mitigation measures.
How is AML/CFT risk assessed?
Assessing AML/CFT risk requires examining enterprise-level structures, entities, products, customer types, delivery channels and geographic spread and assigning a risk score to each parameter.
A model can then be developed which identifies risks, assigns risk ratings, analyses risk mitigation measures and measures AML/CFT risk at an enterprise level.
What is an AML/CFT risk assessment?
AML/CFT risk assessments include:
- Analysing customer and product risk and developing country risk models
- Analysing inherent risks in customer, products, countries and delivery channels
- Assessing country exposure and developing a country risk model
- Assessing delivery channels and risks
- Reviewing the AML/CFT framework, control measures and risk mitigation tools
- Developing the AML/CFT risk matrix
- Calculating, based on the inherent risk and control measures, the residual risk
- Providing inputs for improved AML/CFT risk management frameworks
What are the benefits of assessing AML/CFT risk?
Assessing AML/CFT risk can:
- Enhance compliance
- Help FIs better understand AML/CFT risks
- Identify gaps in AML/CFT policies, procedures and processes
- Guide management decision-making about risk appetite, control affects and resources
- Improve AML/CFT alignment with risk profiles
- Increase awareness of AML/CFT risks, control gaps and remediation efforts
- Assist with strategic decision-making, including commercial exits and other de-risking efforts
How can Keypoint help?
Keypoint’s financial regulatory compliance function has assessed AML/CFT risks for a number of Bahrain’s leading financial institutions, including Islamic and conventional wholesale and retail banks. Our FRC team helps develop comprehensive, risk-based profiles of customers, products, services, processes and geographies, specific to the organisation, its strategic focus and its areas of operation.
Our proprietary methods – based on our deep regulatory and compliance expertise – help clients both understand and monitor their level of anti-money laundering risk, improving awareness throughout organisations and boosting corporate governance while significantly decreasing the likelihood of non-compliance and the resultant reputational risk.
