The risk based approach to anti-money laundering and countering the financing of terrorism (AML/CFT) is fundamental to the successful application of the Financial Action Task Force (FATF) Recommendations, the international standards for combatting money laundering and the financing of terrorism and weapons of mass destruction.
In essence, this approach requires all participants (regulators, law enforcement, the financial services sector and other sectors) to direct their efforts in combatting money laundering and terrorist financing (ML/TF) to where the risks are greatest, to make best use of limited resources and mitigate the ML/TF risk to acceptable levels. It represents a move away from a ‘one size fits all’ approach and requires firms to formulate their own risk rating methodologies, policies and procedures for risks specific to their business. A lack of prescriptive guidelines and safe harbours is a hallmark of such approaches.
However, it is now more common for firms to be offered guidance, which requires the application of judgment, a greater level of human intervention and, from a regulatory angle, justification. Unfortunately, one person’s view of a risk does not necessarily accord with another’s. While this might not seem to cause a problem, it does when the other person is the regulator or a law enforcement agency with all the tools available to remedy or punish perceived deficiencies.
Some of the more egregious examples of such actions (think of the US$1.9bn fine paid by one worldwide banking entity) have caught the headlines. Firms’ responses have distorted the principles of a risk based approach. In some cases, we have seen how organisations focus on overly prescriptive and administrative procedures, with less focus on judgment, to the extent that adherence to those procedures are at the cost of identifying obvious high-risk factors. Further still, risks are being avoided in their entirety, rather than identified and managed. On a worldwide basis we have seen firms retrench from entire geographies because they have concluded that the costs of operating in those countries – both in terms of conducting sufficient due diligence and because the financial and reputational risk of ‘getting it wrong’ – are too high.
So, to some extent, the risk based approach has resulted in firms pulling in their horns and avoiding some markets in their entirety, principally those linked to higher risk jurisdictions. Whether this is a positive development in the longer term remains to be seen, but the clear, potential downside is that some jurisdictions or markets have turned into ‘no-go’ zones for some financial institutions. This may actually increase the risk to the global financial system, as activities are driven underground, arguably encouraging bribery and corruption - the very opposite effect to the one intended. International policy makers need to take these side effects into their strategic approach to AML/CFT and legislatures should increase the robustness of local institutions and AML/CFT frameworks. The law of unintended consequences remains alive and well.
This article first appeared in Connect Magazine.