We focus on the effectiveness and efficiency of your anti-money laundering and counter-terrorist financing (AML/CTF) risk assessment processes to make sure they are fit for purpose in your circumstances, aligning them with:
- Your organisational goals
- The size of your business
- Your operational structure
- The available resources (human resources, technology, and budget)
- Your governance structure
- Your client base and jurisdictions of operation
- Your risk appetite for money laundering and terrorist financing (ML/TF) risk
- Applicable AML/CTF laws and regulations, sector-specific risk assessment, supervisors' guidance and best industry practices
- Operational requirements, including:
- Risk identification and categorisation
- Risk scoring methodologies covering inherent and residual risk rating
- ML/TF Customer Risks
- ML/TF Institutional Risks
- ML/TF Jurisdictional Risks
- ML/TF Product Risks
- ML/TF Service Delivery Risks
- Ongoing monitoring and risk reassessment
- Documentation and reporting of risk findings
Our solutions cover:
- AML/CTF Risk Assessment Process Design: Developing tailored risk assessment methodologies, risk identification processes, categorisation criteria, and scoring systems to align with the operational and compliance needs of different types of businesses (startups, company groups, high-risk corporates, etc.)
- AML/CTF Risk Assessment Process Enhancements: Reviewing and improving existing risk assessment frameworks to address gaps, regulatory changes, and identified inefficiencies
- AML/CTF Risk Assessment Implementation: Leading and coordinating the application of AML/CTF risk assessment findings, integrating these into new or existing AML/CTF programs, drafting supporting documentation such as procedures and manuals, developing/ adjusting additional ML/TF controls, and more.
Our Focus Areas Include:
- Comprehensive ML/TF risk identification and evaluation
- Development of risk scoring methodologies
- Creation of triggers for risk reassessment
- Integration of AML/CTF findings into broader risk management frameworks
- Linking risk assessment results to AML/CTF controls
- Ongoing risk reassessment mechanisms
- Risk reporting to boards, management, and relevant stakeholders
- Assessment of control effectiveness and residual risk ratings
- Preparation for regulator or auditor reviews of AML/CTF risk assessments
- Governance alignment with AML/CTF requirements
- Recordkeeping of risk findings
- Integration with transaction monitoring systems
- Fraud detection alignment
- Scenario-based risk testing and simulations
- Gap analysis of existing risk assessment methodologies
- Compliance with jurisdiction-specific regulatory requirements
- Risk profiling based on customer type (individuals, corporates, trusts)
- Evaluation of high-risk customers, such as PEPs and non-residents
- Customer due diligence (CDD) and enhanced due diligence (EDD)
- Assessment of financial institutions and third-party service providers
- Evaluation of risks in partnerships and correspondent banking relationships
- Compliance with institutional risk frameworks
- Monitoring interactions with non-compliant or high-risk institutions
- Analysis of countries with high ML/TF risks
- Risk mitigation for cross-border transactions
- Enhanced measures for high-risk jurisdictions
- Assessment of complex products and innovative financial instruments
- Adaptation of product-specific controls
- Evaluation of risks in delivery channels (online, face-to-face, third-party)
- Risk mitigation for high-risk products (such as derivatives and crypto-assets)
- Mitigation of risks associated with non-traditional delivery methods
- Risk assessment for intermediaries and outsourcing arrangements
Service Coverage
We cover different types of AML/CFT reporting entities and designated service providers, including but not limited to:
- Investment bankers
- Investment firms
- Fund managers
- Brokers, including forex brokers
- Fintech companies
- Non-bank deposit takers
- Non-bank lenders
- Online casinos and gambling platforms
- Currency exchange providers
- E-money issuers
- Money remitters and money transmitters
- Payment gateway providers
- Derivatives issuers and platforms
- Neo-banks
- P2P lending platforms
- Crowdfunding services and platforms
- Financial advisers
- Investment advisers
- Wealth managers
- Custodial or depository service providers
- Consumer credit providers
- Building societies
- Savings and loan associations
- Credit unions
- Corporate finance providers
- Finance companies
- Designated non-financial businesses and professions (DNFBPs), including trust and company formation providers (TCSPs)
Jurisdictional Coverage
Our countries of focus for this service include, but are not limited to:
- Australia: Where designated service providers are subject to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act)
- United Kingdom: Where relevant persons, including financial institutions and DNFBPs, are governed by the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs) (subsequently updated in 2019 and beyond)
- United States: Where financial institutions and other covered entities are subject to the Bank Secrecy Act (BSA), the USA PATRIOT Act and other relevant laws and regulations.
- Singapore: Where depending on their nature of business, reporting entities, including financial institutions and DNFBPs, may have to comply with different acts and notices, including Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA), Terrorism (Suppression of Financing) Act, Payment Services Act (PSA) and MAS Notices like MAS Notice 626, MAS Notice 1014, MAS Notice 824, MAS Notice PSN01, MAS Notice PSN0, etc.
- European Union: Where obliged entities, as defined in the 6th Anti-Money Laundering Directive (6AMLD), must meet AML/CFT obligations
- New Zealand: Where reporting entities are regulated under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (AML/CFT Act)
- Prominent Formation Centres:
- Belize: Where reporting entities are regulated under the Money Laundering and Terrorism (Prevention) Act
- British Virgin Islands: Where reporting entities comply with the Proceeds of Criminal Conduct Act
- Cayman Islands: Where reporting entities are regulated under the Proceeds of Crime Act (2020 Revision) and the Anti-Money Laundering Regulations (2020 Revision).
- Jersey: Where relevant persons are governed by the Proceeds of Crime (Jersey) Law
- Malta: Where subject persons are regulated under the Prevention of Money Laundering Act (PMLA)
- Dubai: Where reporting entities are governed by the Federal Decree-Law No. (20) of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Financing of Illegal Organisations, along with its amendments and implementing regulations
- Bermuda: Reporting entities are subject to the Proceeds of Crime Act 1997 , the Anti-Terrorism (Financial and Other Measures) Act 2004 and other relevant laws and regulations
- Mauritius: Where reporting entities are governed by the Financial Intelligence and Anti-Money Laundering Act 2002 (FIAMLA)
- Seychelles: Where reporting entities are subject to the Anti-Money Laundering and Countering the Financing of Terrorism Act 2020
- Vanuatu: Where reporting entities are regulated under the Anti-Money Laundering and Counter-Terrorism Financing Act 2014
AML/CTF Risk Assessments Design
We focus on the effectiveness and efficiency of your AML/CTF Risk Assessment to ensure it is fit for purpose in your circumstances, aligning it with:
- Applicable AML/CTF (aka CTF) laws
- Regulations
- Sector-specific red flags and indicators
- AML/CTF supervisors' guidance
- Actual AML/CTF controls on the ground
- Business-specific risks, vulnerabilities, and ML/TF red flags
- Your overall risk management framework and risk appetite
We design AML/CTF risk assessments to help you navigate the complexities of AML/CTF requirements in a commercially oriented and goal-focused manner, making it an effective cornerstone to support all aspects of ML/TF risk mitigation, including but not limited to:
- Development of customised risk assessment methodologies for inherent and residual ML/TF risk rating
- Identification of ML/TF risk factors across business activities
- Risk scoring systems for customer, product, institutional, service delivery, and jurisdictional risks
- Effective set of triggers for partial or/and full reassessment
- Linking risk assessment results to effective internal reporting
- Linking reassessment results to evaluations in the AML/CFT program and other policies and procedures
AML/CTF Risk Assessment Outcomes
When an AML/CTF risk assessment is completed and recorded, we help businesses address its outcome by:
- Addressing its findings in the AML/CFT program
- Creating additional documentation, such as process maps, manuals, guidance materials, procedures, and protocols, to manage AML/CFT risks effectively
- Aligning the findings with the risk appetite of the business
- Reviewing existing AML/CFT controls and, when necessary, creating additional controls to focus resources on identified key areas
- Establishing protocols and methodologies for AML/CFT control testing to back up any identified areas of improvement, with the findings when it comes to reassessment
AML/CTF Risk Assessment Enhancement
We offer AML/CTF risk assessments' enhancements to increase its overall effectiveness, reflecting on:
- New compliance requirements, changes to the AML/CFT regulatory regime, and adaptations to AML/CFT compliance guidance
- Business growth and expansion
- Changes in risk ratings, risk appetite, risk assessment methodologies, emerging risks integration, etc
- AML/CFT auditors' and supervisors' findings, including identified deficiencies and breaches
- Results of previous internal controls testing
- Internally identified areas of improvement and gaps
- Introduction of new products
- Best practice benchmarking
- Other triggering events
AML/CTF Risk Assessments Review
Regular AML/CFT risk assessment reviews can help your compliance function and senior management effectively manage AML/CFT compliance. We offer thorough AML/CFT risk assessment reviews to assess its effectiveness and fitness for purpose. Our focus areas include identifying:
- Any gaps
- Points of improvement
- Required adjustments related to changes in your resources and operations
- Required adjustments related to the introduction of new products, expansion to new jurisdictions
- Updates for regulatory changes and emerging AML/CFT risks, red flags and more
We offer this service either as:
- A standalone solution
- A combined review of the risk assessment, AML/CFT compliance program and your AML/CFT procedures and protocols
- As part of our internal AML/CFT review solution. For more information about coverage, please visit our Internal AML/CFT Review page.
- As part of our AML/CFT statutory audit solution. For more information about coverage, please visit our AML/CFT Statutory Audit page.
AML/CTF Risk Assessments for Small Business
Not putting enough thought into an AML/CFT risk assessment is a common gap in the AML/CFT compliance of many startups and small businesses, with the risk assessment being a para-long. Then, the AML/CFT program (being a template) does not correspond with it.
We develop AML/CFT risk assessments for small businesses and startups, focusing on ML/TF risks that your business faces and your actual residual risk ratings based on your available resources, your ML/TF controls and procedures. We also approach this by having your business development in mind, allowing for refinement of residual risk ratings, identification of control gaps and areas for improvement as your business grows, as well as adaptation to regulatory updates and emerging risks as your products develop and you conduct a periodic review of your risk assessment effectiveness.
AML/CTF Risk Assessments for Company Groups
Managing AML/CTF risks across different products and jurisdictions can be challenging. With years of experience supporting company groups in AML/CTF risk assessment and management, we develop tailored AML/CTF risk assessments that focus on:
- Standardisation of risk assessment methodologies across entities
- Application of residual risk assessment methodologies suited to different products and regulatory guidance
- Centralised risk management for multi-jurisdictional operations
- Integration with group-wide risk management frameworks
AML/CTF Risk Assessments for High-risk Corporates
High-risk corporates face heightened regulatory scrutiny and reviews. With years of helping high-risk corporations manage their AML/CFT risks effectively, we develop AML/CFT risk assessments that help you operate in an environment with higher standards and expectations. Our focus includes, but is not limited to:
- Enhanced risk assessment processes for high-risk sectors
- Advanced measures for addressing complex ML/TF risks
- Advanced risk rating methodologies
- In-depth AML/CFT risk reporting
- Effectively linking AML/CFT assessment or reassessment results to your AML/CFT controls environment, making operational and resource adjustments, etc.
- Tailored controls for managing jurisdictional and product risks
- Frequent monitoring and reassessment of high-risk activities
Related Services
- AML/CFT Programs: We draft, review, and help businesses implement AML/CFT Programs based on the ML/TF risk assessment outcomes. Visit our AML/CFT Program page for more.
- AML/CFT Reg-tech Technology: We help with AML/CFT technology integration tailored to your circumstances.
- AML/CFT Training: We offer specialised AML/CFT training solutions for different reporting entities. Visit our AML/CFT Training page for more.
- AML/CFT Internal Review: We offer this confidential review solution to test your AML/CFT compliance and prepare you for a statutory audit or regulatory review.
- AML/CFT Statutory Audit: We provide both limited and reasonable assurance audit options. Visit our AML/CFT Audit page for more.
- AML/CFT Advisory: We offer an advisory solution on a wide range of AML/CFT matters and issues, going beyond the ML/TF risk assessment. Visit our AML/CFT Advisory page for more.
- AML/CFT Compliance Management: We can fully manage your anti-money laundering and terrorist financing compliance. Visit our AML/CFT Compliance Management page for more.
