Associated Risk Group: Risk Assessment

About Us Media Room Contact Us

Overview of Risk Assessment
Financial institutions must comply with the Bank Secrecy Act and Anti-Money Laundering regulation which includes developing a BSA/AML/OFAC Risk Assessment. The Federal Financial Institutions Examination Council's (FFIEC) uniform examination manual for BSA/AML requires an annual risk assessment that considers the money laundering risk within a financial institution's products, services, customers, and geographic locations.

Associated Risk Group has established a proven process for customizing an institution's BSA/AML/OFAC risk assessment which includes:

Identifying the financial institution's overall BSA/AML/OFAC risk profile
Classifying the highest risk products, services, customers and geographical locations
Quantitative data supporting each risk decision
Identifying weaknesses or gaps and measuring effectiveness of controls
The ability to be up-dated reflecting changes in products, customers, geographical locations, organizational structure, and/or regulations
An easy to read "Heat Map" which identifies the severity of each risk

The BSA/AML/OFAC risk assessment involves 3 steps

Step 1: Identify
Identifying the specific risk categories unique to each financial institution.

The first step of the risk assessment process is to identify the inherent risk within specific products, services, customers, entities, and geographic locations unique to the financial institution. Depending on the specific characteristics of the particular product, service, customer or geographical location, the levels of risk may not always be the same.

Step 2: Analyze
Conducting a detailed analysis of all available data to assess the level of risk within each high risk category.

The second step of the risk assessment process entails a more detailed analysis of the data obtained during the identification stage in order to more accurately assess BSA/AML risk. This step involves obtaining and evaluating quantitative data pertaining to the institution's activities. Different weight is assigned to each product, service customer, entity, and geographic location on the following:

Institution's ability to identify the customer
Number and volume of transactions
Existing examination history
Regulatory guidance or industry best practices

Step 3: Develop
Evaluate the existing BSA/AML compliance program and develop steps to align it with the findings of the BSA/AML/OFAC risk assessment.

The third step guides management through the process of building a risk-based BSA/AML program which adequately addresses the concerns identified in the risk assessment. This includes establishing appropriate policies and procedures to monitor and control the various risks with particular emphasis placed on those risk categories classified as "high risk."