Transcript Raising the bar for AML and Sanctions Compliance

Risk Based Approach
to
Anti Money Laundering
Sangeet Shukla
Senior Advisor,
Indian Banks’ Association
What is Risk Based Approach?
• Risk Based Approach (RBA) for an entity in
simple terms means identify risks to which the
entity is exposed and appropriate measures
for an effective miitigation of identified risks.
• The concept evolves from the guidance of
Basle Committee on Banking Supervision
(BCBS) for the business of financial entities.
What is Risk Based Approach?
• RBA in relation to ML/TF has been defined by
FATF/OECD in 2007 to mean that the countries,
competent authorities and financial institutions
(entities) are expected to identify, assess and
understand the ML and TF risks to which they are
exposed and take AML/CFT measures
commensurate to the risks they are exposed.
• In 2014 BCBS published a set of guidelines for
‘Sound management of risks related to money
laundering and financing of terrorism’ to describe
how banks should address these risks under their
risk management framework.
What is Risk Based Approach?
• Based on the BCBS guidelines FATF/OECD in 2014
issued “Risk-Based Approach Guidance for the Banking
Sector”.
• FATF recommendations require that reporting entities
–
–
–
–
Identify and measure potentially higher ML and TF risks.
Develop strategies to address and mitigate these risks.
Focus resources on higher risk areas.
Situations with higher risk should be subjected to enhanced
mitigation measures and those with low risks with
exemptions or simplified measures.
RBA Framework
• The RBA framework should include
– Risk assessment of business activities and clients
– Internal controls to mitigate the identified risks.
– Ongoing monitoring of accounts and financial
transactions that pose higher risks.
– Up to date client information and beneficial
ownership of accounts in case of higher risks.
RBA-Guidance for Banks
• Risk assessment commensurate to the nature and size of
bank.
• Financial institutions should carry out a risk assessment of
their products, portfolio and systems.
• Keep customer and counterparty risk-profiles.
• Internal audit and regulatory findings.
• Carry-out Customer Due Diligence (CDD), while onboarding a customer. Enhanced CDD for high risk clients.
• Ongoing monitoring of CDD.
• Robust reporting mechanism.
• Internal controls, monitoring and governance structure.
Risk Based Assessment
Risk Based Assessment
Challenges
• Understanding and responding to the threats and
vulnerabilities.
• Legal and regulatory frameworks that support the
application of risk based approach.
• Design of a supervisory framework to support the
application of the risk based approach.
• Identifying the main actors and ensuring consistency.
• Information exchange between the public and private
sector.
Risk Based Assessment
Challenges
• For Regulators and Supervisor– Make a National Risk Assessment based on the
issues specific to the country – Terrorism threat,
Trade profile etc.
– Allocating RBA responsibilities to banks under the
National Risk Assessment.
– Assessment and mitigation ML/TF risks.
– Developing a common understanding of RBA.
The Challenges faced in AML/CTF
Compliance
• Inadequate database on the third parameter of
CDD –The Customer Profile.
• Lack of tools to establish customer behaviour
pattern and customer risk assessment.
• Front office reluctance to investigate suspect
transactions.
• Customers with Multiple accounts/branches/banks.
• Prohibitive cost of Software AND Updates to
detect and ensure AML/CTF compliance.
• Fear of loss of business arising out of false
positives.
Other Challenges
• To improve the screening results, need to sanitize data in
view of legacy issues in domestic banking.
• An effective RBA framework would need an interface with
the environmental data, which is in exclusive preserve of the
Government.
• Create country specific protocols for customer/ origination/
transaction risk ratings.
• False positives can result in huge cost of manual intervention.
A large Indian PSB can have up to 150 mil tpd, a rate as low
as 1% would need verification of 1.50 mil transactions.
Other Challenges
• The AML/CTF issues can downgrade the
Operational Risk profile of the bank. It may
lead to higher risk capital requirement under
Advance Management Approach of Basle II.
• RBA is subject to a peer review. Low rating
may bring domestic banks to a greater
international scrutiny – higher compliance
costs.
Other Developments
• In 2011, US legislated Foreign Account Tax Compliance
Act (FATCA) to collect information on global incomes of
US taxpayers.
• In July 2013, G20 Finance Ministers and Central Bank
Governors endorsed OECD proposals for a model global
automatic multilateral exchange of information. OECD
has developed ‘Common Reporting Standards’ to ensure
Automatic Exchange of Information.
• Compliance to FATCA and CRS to ensure Automatic
Exchange of Information, would need additional software
filters and enhanced compliance obligations for banks.
• These reporting will enhance cross-border co-operation in
AML/CFT efforts.
Thank you.