140 likes | 169 Vues
Risk Based Approach to Anti Money Laundering. Sangeet Shukla Senior Advisor, Indian B anks’ Association. What is Risk Based Approach?.
E N D
Risk Based Approach to Anti Money Laundering SangeetShukla Senior Advisor, Indian Banks’ Association
What is Risk Based Approach? • Risk Based Approach (RBA) for an entity in simple terms means identify risks to which the entity is exposed and appropriate measures for an effective miitigation of identified risks. • The concept evolves from the guidance of Basle Committee on Banking Supervision (BCBS) for the business of financial entities.
What is Risk Based Approach? • RBA in relation to ML/TF has been defined by FATF/OECD in 2007 to mean that the countries, competent authorities and financial institutions (entities) are expected to identify, assess and understand the ML and TF risks to which they are exposed and take AML/CFT measures commensurate to the risks they are exposed. • In 2014 BCBS published a set of guidelines for ‘Sound management of risks related to money laundering and financing of terrorism’ to describe how banks should address these risks under their risk management framework.
What is Risk Based Approach? • Based on the BCBS guidelines FATF/OECD in 2014 issued “Risk-Based Approach Guidance for the Banking Sector”. • FATF recommendations require that reporting entities • Identify and measure potentially higher ML and TF risks. • Develop strategies to address and mitigate these risks. • Focus resources on higher risk areas. • Situations with higher risk should be subjected to enhanced mitigation measures and those with low risks with exemptions or simplified measures.
RBA Framework • The RBA framework should include • Risk assessment of business activities and clients • Internal controls to mitigate the identified risks. • Ongoing monitoring of accounts and financial transactions that pose higher risks. • Up to date client information and beneficial ownership of accounts in case of higher risks.
RBA-Guidance for Banks • Risk assessment commensurate to the nature and size of bank. • Financial institutions should carry out a risk assessment of their products, portfolio and systems. • Keep customer and counterparty risk-profiles. • Internal audit and regulatory findings. • Carry-out Customer Due Diligence (CDD), while on-boarding a customer. Enhanced CDD for high risk clients. • Ongoing monitoring of CDD. • Robust reporting mechanism. • Internal controls, monitoring and governance structure.
Risk Based Assessment Challenges • Understanding and responding to the threats and vulnerabilities. • Legal and regulatory frameworks that support the application of risk based approach. • Design of a supervisory framework to support the application of the risk based approach. • Identifying the main actors and ensuring consistency. • Information exchange between the public and private sector.
Risk Based Assessment Challenges • For Regulators and Supervisor- • Make a National Risk Assessment based on the issues specific to the country – Terrorism threat, Trade profile etc. • Allocating RBA responsibilities to banks under the National Risk Assessment. • Assessment and mitigation ML/TF risks. • Developing a common understanding of RBA.
The Challenges faced in AML/CTF Compliance • Inadequate database on the third parameter of CDD –The Customer Profile. • Lack of tools to establish customer behaviour pattern and customer risk assessment. • Front office reluctance to investigate suspect transactions. • Customers with Multiple accounts/branches/banks. • Prohibitive cost of Software AND Updates to detect and ensure AML/CTF compliance. • Fear of loss of business arising out of false positives.
Other Challenges • To improve the screening results, need to sanitize data in view of legacy issues in domestic banking. • An effective RBA framework would need an interface with the environmental data, which is in exclusive preserve of the Government. • Create country specific protocols for customer/ origination/ transaction risk ratings. • False positives can result in huge cost of manual intervention. A large Indian PSB can have up to 150 mil tpd, a rate as low as 1% would need verification of 1.50 mil transactions.
Other Challenges • The AML/CTF issues can downgrade the Operational Risk profile of the bank. It may lead to higher risk capital requirement under Advance Management Approach of Basle II. • RBA is subject to a peer review. Low rating may bring domestic banks to a greater international scrutiny – higher compliance costs.
Other Developments • In 2011, US legislated Foreign Account Tax Compliance Act (FATCA) to collect information on global incomes of US taxpayers. • In July 2013, G20 Finance Ministers and Central Bank Governors endorsed OECD proposals for a model global automatic multilateral exchange of information. OECD has developed ‘Common Reporting Standards’ to ensure Automatic Exchange of Information. • Compliance to FATCA and CRS to ensure Automatic Exchange of Information, would need additional software filters and enhanced compliance obligations for banks. • These reporting will enhance cross-border co-operation in AML/CFT efforts.