The Financial Action Task Force (“FATF”) released a study in July 2021, on the opportunities of emerging financial crime related technology solutions and how the role of artificial intelligence and data analytics can assist organisations overcome numerous AML/CFT (anti-money laundering/combating the financing of terrorism) challenges and provide for more efficient and effective ways to identify and mitigate financial crime risks. As substantiated by FATF, “technology can increase the capacity to collect and process data, and share it with stakeholders, including supervisors. Artificial intelligence-based tools can analyse data accurately, in real-time and help better identify emerging risks. It can also assist the validation of the results of manual assessments, and their subsequent conclusions.”
A key challenge identified in the study is the lack of understanding and awareness organisations have towards effectively assessing their ML/TF (money laundering and terrorist financing) threats. This is a direct result of risk assessments (“RAs”) developed and applied by the organisation which are not aligned to the true application of the risk-based approach (“RBA”). It was observed that key decision making of organisations were founded on inadequate RAs which were either inaccurate or irrelevant and relied heavily on human judgement. In some instances, RAs also encompassed “defensive box-ticking approaches” which swayed the outcome of ML/TF risks.
At the core of these RA’s lies the Business Risk Assessment (“BRA”) which is considered as the central plexus to providing organisations with a holistic overview of their financial crime risk. The BRA encompasses internal and external ML/TF risks faced by the organisation including RA results on the nature and activities of the organisation, its customer base, the type of products and services offered, any geographic nexuses and delivery channels utilised. The result of insufficiently and ineffectively assessing these risks will have a direct impact on how financial crime risk is portrayed in an organisation which consequently affects the organisation’s key decision making towards curbing ML/TF risks.
Malta’s FIAU published a cross-sectorial review of 100 BRAs during the period July 2019 – June 2020 to share their observations on common deficiencies with these BRAs. The FIAU identified the following thematic deficiencies:
Consistent with the views of prominent regulators and best practices, Deloitte believes that there is a compelling need for organisations to enhance the design and application of their risk-based approach to anti-money laundering/combating the financing of terrorism, specifically, the Business Risk Assessment..
We often find that Board members, who are required to approve the BRA, find the assessment theoretical and at times misaligned with their understanding of the organisation’s exposures. Consequently, boards find it difficult to engage in meaningful debate and/or challenge and the opportunity of re-evaluating an organisation’s risk exposure against its risk appetite is missed. This board review process is core to the effective implementation of a RBA.
We believe that there is a combination of varying factors that lead to this, however we have identified the following fundamental causes:
Our Financial Crime Services offerings are designed to address the fundamental deficiencies we find in the marketplace. Our team’s multi-disciplinary approach brings together the skills we believe are necessary to design and develop methodologies and solutions that bring tangible value to the organisation; these include risk management, regulation, data analytics and technology skills.
Our BRA Analytics dashboards leverage the organisation’s data to bring to life ML/TF Key Risk Indicators in a custom-built visual dashboard that is intuitive and provides the MLRO and broader financial crime team visibility of the organisations ML/TF risk profile during the course of the year. This is an invaluable tool though which detailed cross risk analysis and drill down review can be performed with ease and at speed, facilitating ongoing monitoring, data quality validation and reporting.
We support organisations develop risk scoring methodologies that are based on robust risk management principals and that leverage quantitative and qualitative data points in a robust and consistent manner. Our BRA journey is scalable and can be extended to fully automate the BRA process.