Transitioning from Traditional Enterprise-Wide Risk Assessments to Meet International Standards
Financial services firms need to improve the way they assess and quantify their financial crime risk exposure to meet the requirements of the Financial Action Task Force.
In April 2020, the Financial Action Task Force (FATF) released the results of the UAE Mutual Evaluation. Whilst the report praised the UAE’s efforts in improving its ability to combat terrorist financing, it also highlighted significant areas of improvement required to prevent money laundering and sanctions evasion.
The need for improvements recommended in the FATF report is increased by the financial crime risks posed by the global pandemic. COVID-19 and the associated lockdown have adversely affected many financial institutions by stretching resources and altering working logistics, exposing them to heightened financial crime risk. Companies are struggling to maintain “business-as-usual” for their customers, whilst deploying effective systems and controls.
The current operational challenges combined with the heightened financial crime risks, accelerate the need for organisations to act.
How do companies address FATF’s financial crime concerns and protect themselves from heightened criminal activity in the process?
FATF and the UAE regulators stress that an enterprise-wide risk assessment (EWRA) framework is the foundation of a robust risk-based approach. The framework enables organisations to identify and quantify their vulnerability to money laundering, terrorist financing and sanctions risks.
An EWRA can detect where control enhancements are necessary and highlight where business opportunities exist.
Why do some firms that perform traditional risk assessments fall short of the FATF standards?
The EWRA is often developed and deployed as an off-theshelf annual exercise. This is rightly viewed as a costly drain on resources that produces limited actionable intelligence to inform business decisions or prioritise mitigating actions.