Understanding De-Risking: A Breakdown of Financial Institutions' Risk Mitigation Strategies
Financial institutions are employing de-risking strategies to manage perceived higher risks associated with money laundering and terrorist financing. De-risking can take various forms, such as selective client onboarding, product and service limitations, termination of relations, and geographic restrictions [1].
One de-risking strategy is customer segmentation, which helps financial institutions identify and manage risks more effectively. Another strategy is transaction monitoring and reporting, used to identify and report suspicious activities [2].
A risk-based approach (RBA) is considered the best practice for implementing de-risking strategies. This approach involves identifying, assessing, and understanding the specific risks of money laundering and terrorist financing that an institution faces, and applying mitigation measures proportionate to those risks [1][3].
Key elements of a risk-based approach include comprehensive risk assessment, tailored controls, use of supervisory and analytical tools, documentation and transparency, avoiding overbroad de-risking, and leveraging technology.
Comprehensive risk assessment involves thorough assessments of an institution's ML/TF exposure by analysing customers, products, services, geographic location, and transaction types. This forms the foundation for targeted controls and enables more effective application of AML/CFT measures according to the level of risk identified [1][3].
Tailored controls mean that control measures and due diligence processes should be commensurate with the risk level. For higher-risk customers or sectors, enhanced due diligence is applied; for lower-risk ones, lighter measures may be sufficient. This flexibility helps target resources efficiently and helps to avoid unnecessary financial exclusion [1][3].
The use of supervisory and analytical tools, such as on-site inspections, supervisory stress tests, and data-driven analyses, support robust risk assessment and remediation of shortcomings. These tools promote prudent risk management, including conservative provisioning and risk-reducing lending practices [2].
Documentation and transparency are essential for demonstrating good-faith compliance and preparing institutions for regulatory scrutiny. Maintaining detailed, document-driven records of decisions and risk assessments helps ensure regulatory compliance and protects the institution [5].
Avoiding overbroad de-risking is crucial to prevent financial exclusion. While de-risking aims to reduce exposure to high-risk clients or sectors, institutions should avoid blanket avoidance that ignores individual risk profiles, which can cause financial exclusion [3].
Leveraging technology, such as AI and data analytics, can enhance fraud detection and risk assessment capabilities, thereby supporting better-informed de-risking strategies [4].
De-risking can also help minimize reputational harm associated with high-risk customers, legal trouble for financial institutions, and operational failures. Regulators and international organizations have recognized the challenges posed by de-risking and have encouraged financial institutions to adopt risk-based approaches to AML compliance instead [6].
For further reading, a step-by-step guide and template for creating an Anti-Money Laundering (AML) policy is suggested. Additionally, adding extra identity and address verification layers is a de-risking best practice for high-risk users or those from greylisted countries. Implementing face authentication checks is another de-risking best practice [2].
In summary, best practices emphasize a calibrated, evidence-based approach to managing risks designed to ensure regulatory compliance, protect the institution, and mitigate unintended consequences such as financial exclusion.
References: [1] FATF (2013). The FATF Recommendations. [2] IMF (2017). De-risking and Financial Inclusion. [3] World Bank (2019). De-risking and Financial Exclusion: A Review of the Evidence and Policy Options. [4] AML RightSource (2020). The Role of AI in AML Compliance. [5] FSB (2016). Enhancing the Effectiveness of AML/CFT Measures: An Assessment of the Implementation of the FATF Recommendations. [6] G7 (2018). G7 Leaders' Declaration on Finance Track.
Financial institutions can implement a risk-based approach (RBA) to effectively manage money laundering and terrorist financing risks, as well as mitigate unintended consequences such as financial exclusion. This approach involves comprehensive risk assessment, tailored controls, the use of supervisory and analytical tools, documentation and transparency, avoiding overbroad de-risking, and leveraging technology for better fraud detection and risk assessment. For example, implementing face authentication checks and adding extra identity and address verification layers can be de-risking best practices for high-risk users or those from greylisted countries.
