The Risk Assessor is now in Beta!

Join the Beta testing community by adding the Risk Assessor to your shopping cart and downloading the software (there is no charge). We will contact you with further information.

Risk Assessor

Quantity in Basket: none Code: EZRA Price: $0.00 Shipping Weight: 0.00 pounds

Quantity:

ImpactAML strives to design affordable software that addresses the immediate and specific AML compliance needs of the financial services industry. What the Risk Assessor Software Will Do For You This application will allow you to risk rate customers who fall into any of several categories of high risk customer types, including: Cash Intensive Businesses Charities and NGOs Money Services Businesses and Private ATM Operators Non-Resident Aliens Foreign Correspondent Banking Customers Senior Foreign Political Figures Private Banking Customers Generically High Risk Customers (i.e., any categorization that does not fit the above category descriptions) The Risk Assessor application is flexible and takes into account that the perception of risk varies from institution to institution. It allows you to document your reasoning for including or dismissing items or overriding resulting scores for each customer. This provides exactly what a regulator would need to be shown to validate your whole CDD risk management process! This application is designed to avoid the most common pitfalls and design flaws of other risk assessment software currently on the market. Most of those applications (besides being just expensive parts of usually bigger AML bloatware) pre-assign a risk level based solely on the customer type. For example, a cash intensive business would be tagged as being high risk solely because it is listed as such in the FFIEC Manual. The problem with such logic is manyfold: It ignores the guidance provided by the FFIEC that not all customers of a specific type present the same risk; It is directly contrary to the concept of utilizing a risk based approach; It assigns risk by broadly generalizing the risk of all customers in a category and does not account for exceptions; It does not take into account relevant mitigating factors that may lower risk for a specific customer within a high risk category; It artificially enlarges the group of customers for whom you will eventually have to monitor; Instead of focusing resources on specific high risk customers, your compliance resources are distributed across a large population of customers, many of whom do not need monitoring at all. Additionally, many of these programs do not allow the compliance officer to override a calculated risk score and provide a record for the reasons; foster a communications loop between the line-of-business account officer and the compliance office; provide statistical significance for risk calculations, or; allow you to weight factors as you see fit. Managing Risk The concept of a Risk Based Approach to anti-money laundering compliance has become the recent mantra of the regulators. One might interpret such an approach as being a common sense application of varying degrees of due diligence steps based upon numerous variables. Yet the fact that the FATF’s recently issued guidance on the topic runs forty-seven (count-em!) pages long (Guidance on the Risk Based Approach to Combating Money Laundering and Terrorist Financing, 2007) suggests that actually implementing such an approach may not be quite as simple as the term itself seems to imply. The FATF, in section 1.12 of its Guidance states that “there are no universally accepted methodologies that prescribe the nature and extent of a risk based approach.” In the risk based approach schema, the danger is that your approach to risk is not exactly what your regulator has in mind. However, if your approach considers all the relevant risk factors - as defined by the regulatory guidance (FFIEC, etc.), and your approach includes documented parameters and explanations for interpreting and managing risk (e.g., assigning monitoring resources, reviews, etc.) then you are in good stead. The first step, then, in trying to engineer a risk based approach is to define exactly what risk is and attempt to assign a meaningful descriptive value to the term. If we can assign a value, we can then try to put that value into some useful context to assign monitoring and EDD parameters. Ultimately though, a risk rating program will only be useful if the underlying data is reliable. Such a program must provide a framework by which to balance the compliance risks and potential profits associated with a high risk customer against the compliance costs and incumbent efforts. Risk and The Risk Based Approach Risk is not a bad thing or a good thing. It is simply a measurable value that is interpretable in different ways by different people. For example, two banks might have an identical MSB customer and arrive at the same risk value using this program. But, Bank A might deem the risk of banking that customer too high, whereas Bank B might see the risk of banking that customer as being acceptable. Where the risk value assigned is the same, why might each bank reach a different conclusion? Well, Bank B might have a larger compliance staff or more sophisticated software to monitor accounts, and thus is able to mitigate parts of the existing risk (as opposed to eliminating the the risks). Or, Bank B might be willing to assume certain levels of risk because of a more aggressive business model than Bank A (i.e., a different risk-to-reward ratio tolerance). While the interpretation of risk will vary, its purpose is constant. In the context of knowing one's customer, a risk measurement: Enables a bank to predict the types of transactions in which a customer is likely to engage, thus facilitating the identification of suspicious activities; Provides a bank with sufficient information to guide subsequent due diligence and monitoring activities; and, Identifies customers for which the risk posed by their activities, backgrounds, sources of wealth, and other factors outweigh the benefit of initiating or continuing a business relationship with them. From a regulator's standpoint, a customer type (or category - let's use the term interchangeably) has certain finite risks associated with it. It is up to compliance officers to engineer their CDD and EDD processes to consider every single one of these risks and then filter these down by individual customer into a subset of those risks, which we define as relevant risks. The risk value that this application assigns after you go through the filtering analysis results in a residual risk score, or simply, the risk that is left after dismissing non-relevant risk factors. The Risk Assessor is flexible to the way you run your AML program. Once available for sale, it will have an extremely low license fee, low implementation costs, and a low ongoing cost to maintain. It will be available as a standalone application or in an enterprise version that can interface with your existing AML software as well as ImpactAML's ED3-Enhanced Due Diligence case management system.