The Institute of Continuous Professional Training and Education (ICPTE) offers an extensive variety of Pre-Recorded and Live Online Courses created by Professional and qualified Instructors with years of experience in their field.

ICPTE platform allows You the flexibility to watch online pre-recorded seminars at Your own convenience, at Your own pace, in Your own time and place. Start watching a seminar today and complete it at Your own time. You can have access from anywhere. We work with professional and qualified instructors with years of experience in their field.

Explore all seminars.

Risk Based Approach (RBA) and Business-wide risk assessments (BWRA)

Each obliged entity should apply appropriate measures and procedures, on a Risk Based Approach (RBA), to focus its effort in those areas where the risk of money laundering and terrorist financing (ML/TF) appears to be higher.

The application of RBA assists obliged entities to identify the areas of operations where ML/TF risks emanate and assess those risks. Consequently, obliged entities are able to allocate their resources and efforts in ways that improve their AML/CFT controls and mitigate more effectively their ML/TF risks.

A RBA involves specific measures and procedures such as:

a) Identifying and assessing the ML/TF risks emanating from particular clients, services, geographical areas, and delivery channels of operation of the obliged entity and its clients;

b) Documenting in the risk management and procedures manual, the policies, measures, procedures and controls to ensure their uniform application across the obliged entity by persons specifically appointed for that purpose by the Board of Directors;

c) Managing and mitigating the assessed risks by the application of appropriate and effective measures, procedures and controls;

d) Continuous monitoring and improvements in the effective operation of the policies, procedures and controls.

The RBA is carried out:

1) on a client basis during on-boarding and revised during the review of the relationship:

    • Applies on each client or occasional service
    • Every time a new client is accepted
    • Periodically for all existing clients
    • Provides data on the risk profile of clients as part of the entity level assessment

2) on an entity (firm-wide or business-wide) basis annually taking into account the overall risks undertaken by the firm:

    • Applicable to the firm overall
    • Performed initially once the RBA is adopted
    • Reviewed periodically and if material changes take place internally or externally
    • Uses the results of the assessment of individual relations or transactions

What is Business-wide risk assessments (BWRA)?

Business-wide risk assessments (BWRA) helps firms understand where they are exposed to Money Laundering and Terrorist Financing risk and which areas of their business they should prioritise in the fight against Money Laundering and Terrorist Financing.

To this end, firms should take a holistic view of the Laundering and Terrorist Financing risks to which they are exposed, by identifying and assessing the ML/TF risk associated with the products and services they offer, the jurisdictions they operate in, the customers they attract and the transaction or delivery channels they use to service their customers.

We can say that Business-Wide Risk Assessment (BWRA) assesses the firm’s inherent ML/TF risks (Inherent risks are the risks that exist if there are no control measures in place to mitigate them), the effectiveness of the control environment designed to mitigate those risks, and the need to implement additional measures to manage residual risks (the risk that remains after controls are applied to the inherent risk) where necessary.

The Business-Wide Risk Assessment (BWRA) is the foundation of your anti-financial control (AFC) framework. It provides you with a holistic view of the financial crime risks and threats you face and informs the controls and systems needed to mitigate them.

“Where used correctly, the BWRA is a powerful tool to help firms understand their risk exposure, set their risk appetite, and inform their mitigating controls including the customer risk assessment and levels and types of customer due diligence.”

Should all firms apply the same BWRA?

The steps firms take to identify and assess ML/TF risk across their business must be proportionate to their nature, size and complexity. Firms that do not offer complex services and have limited or no international exposures (i.e. have mostly local clients) may not need an overly complex or sophisticated assessment.

Which are the main objectives of the Business Wide Risk Assessment

The main objectives of risk assessment are the following:

  • To understand and assess money laundering and/or terrorist financing risks relevant for your firm
  • To identify any gaps in your firm money laundering and/or terrorist financing risk management system and improve the risk management system
  • To ensure that your firm’s management is informed and understands money laundering and/or terrorist financing risks to which the firm is exposed in the course of its activities
  • To help to make informed decisions on risks to be taken, the need for risk management measures and technologies and the allocation of human resources

While risk assessments can be useful tools, they are only as effective as their application.

BWRA is key to the prevention of money laundering and terrorist financing.

A failure to effectively conduct an ML/TF risk assessment may inhibit the firm’s ability to detect and disrupt ML/TF activity, thereby exposing the firm to potential regulatory scrutiny, reputational damage and financial penalties.

How we can use the results of the Business Wide Risk Assessment

In summary the results of the BWRA shall be used for the following:

    • identify gaps or opportunities for improvement in AML/CFT policies, procedures and processes
    • make informed decisions about risk appetite and implementation of control efforts, allocation of resources, technology spend
    • assist management in understanding how the structure of firm’s AML compliance programme aligns with its risk profile
    • assist management in developing risk mitigation strategies including applicable internal controls and therefore lower firm’s residual risk exposure
    • ensure senior management are made aware of the key risks, control gaps and remediation efforts
    • ensure regulators are made aware of the key risks, control gaps and remediation efforts across the firm, if so requested
    • assist management in ensuring that resources and priorities are aligned with firm’s risks.

    Relevant online seminars:

    AML: Business Wide Risk Assessment (BWRA)

    Risk-Based Approach for Administrative Service Providers (ASPs)

    Identifying ML/TF risk factors and business-wide and individual risk assessments