Response to consultation on Guidelines on risk factors and simplified and enhanced customer due diligence
Go back
The Basel Institute believes the Guidelines on risk factors and simplified and enhanced customer due diligence (Risk Factors Guidelines) would benefit from some additional clarity in regards to Title II Risk assessments: methodology and risk factors. The Basel Institute has extensive experience in identifying risk factors in money laundering and terrorist financing through publishing the annual Basel AML Index, which is the only country risk rating focusing on money laundering developed by an independent non-profit institution (see index.baselgovernance.org).
The Basel AML Index methodology is based on a scientific approach by following the OECD guidelines for composite index and is being externally reviewed by independent experts with academic, financial and law enforcement background. The Basel AML can be utilized by firms applying the risk-based approach. Given the expertise acquired through the research and further development of the Basel AML Index risk rating in the past four years, the Basel Institute would like to comment on Title II regarding risk assessment methodology and countries and geographic areas (paragraph 11, 15 and 22).
1. Risk rating
The Risk Factors Guidelines in paragraph 15 list a number of potential sources of information and in paragraph 22 risk factors for the identification of risks associated with country and geographic areas. It would be useful to make note or add information on how the assessment of country risk and sources of information can be conceptually organized. The principles of a risk-based approach suggest the establishment of a country risk assessment in form of a risk rating. A risk rating simplifies the process of collecting a vast variety of potential sources of information and usually aggregates a number of variables into a score to determine the risk level of a particular country or geographic area. The risk rating will often result in a categorisation of risk: e.g. high/medium/low based on the scoring. Consequently, the risk rating becomes the driver for a number of processes that are the core elements for identification and assessment of money laundering/terrorist financing risk. Therefore, regulators would expect firms to have a risk rating either developed in-house, supplied from an independent external vendor, or as a combination thereof. The Risk Factors Guidelines do not mention the use or establishment of a risk rating, although a reference to a risk rating is made in paragraph 33 when discussing the weighting of risk factors. In our view, AML risk ratings, particular for a country risk assessment are a regulatory must and should be reflected more clearly in the Risk Factors Guidelines. It would be advisable to introduce the establishment of a risk rating when the identification of ML/TF risk and its methodology are discussed in the Risk Factors Guidelines.
2. Sources of information and risk factors
The Risk Factors Guidelines provide in paragraph 15 a list of sources of information and in paragraph 23 a list of risk factors that firms should take into account in their own country risk rating. However, the risk factors in paragraph 23 contain a list of sources of information as well as questions that determine the risk factor for a country. There is no clear distinction between sources of information and risk factors. The Risk Factors Guidelines should make a distinction between a general list of sources to be considered for a risk rating and risk factors, which determine the high risk jurisdictions. In contrast to a list of sources, risk factors ought to determine circumstances where the risk of money laundering or terrorist financing is higher, and enhanced CDD measures have to be taken.
The Financial Action Task Force (FATF) for example, recommend the following risk factors that indicate a higher risk level associated with countries and geographic areas:
• Countries identified by credible sources as not having adequate AML/CTF and the effectiveness of the implementation of such policies and procedures (FATF Public Statement)
• Countries subject to sanctions, embargoes, or similar measures issued by, for example, the United Nations
• Countries identified by credible sources as providing support for terrorist activities, or that have designated terrorist organisations operating within their country
In addition to risk factors, there are sources of information that firms should consider to conclude a risk rating (partly listed in the Risk Factors Guidelines in paragraph 15 and 23 already). As mentioned in the Risk Factors Guidelines firms may use publicly available information to assess country’s anti-money laundering frameworks, level of predicate offences and the enforcement capacity. We propose that the Risk Factors Guidelines may categorise and provide in a separate list the following sources of information (non-exhaustive list):
A.) Qualitative assessment and reports
• FATF Mutual Evaluations, International Monetary Fund assessments, Financial Sector Assessment Programme (FSAPs) and Organisation for Economic Co-operation and Development (OECD) reports.
• The European Commission’s supranational risk assessment; information from government, such as the government’s national risk assessments
• OECD country reports on the implementation of the OECD’s anti-bribery convention; and the UNODC World Drug Report
B.) AML, corruption and good governance indicators:
• Information on overall money laundering and terrorist financing risk (Basel AML Index)
• Information on the level of perceived corruption (Transparency International’s Corruption Perceptions Index; World Bank Governance Indicators on control of corruption)
• Information on the quality and the stability of the political system, the state of law, freedom of the press (World Bank Governance Indicators on the rule of law, Freedom House, etc)
As a backgound, the Basel AML Index justifies this approach through it's research which identified and categorized a number sources of information and indicators in the following groups:
Money Laundering/Terrorist Financing Risk:
FATF Mutual Evaluation Reports
TJN - Financial Secrecy Index
US INCSR – Volume II on Money Laundering
Corruption:
TI CPI – Perception of Public Corruption
Financial Transparency & Standards:
World Bank Doing Business – Business Disclosure
WEF Global Competitiveness Report - Strength of auditing & reporting
WEF Global Competitiveness Report – Regulation of securities
Word Bank IDA IRAI – Financial Sector
Public Transparency & Accountability:
Int. IDEA – Political Finance Database
IBP - Open Budget Index
WB IDA IRAI – Transparency, Account.& Corr.
Political & Legal Risk:
Freedom House - Press Freedom & Freedom in the World
WEF Global Competitiveness Report - Institutional Strength
World Justice Project – Rule of Law
These suggested sources and categories provide firms with a useful starting point, although they can still make their own determination as to the selection of risk and sources. Most of today’s AML country risk ratings go beyond the assessment of pure AML aspects to include such aspects as a country’s involvement in predicating offences (such as corruption or drug trafficking), the quality of the political and legal system and the effectiveness of the cooperation between the financial sector, regulators and law enforcement. Firms therefore face challenges in compiling and analyzing information to ensure these sources are credible and appropriate for a country risk assessment. Moreover, the selection and the methodology used for compiling these sources need to be adequately justified because any firm need to evidence why countries are rated as high, medium or low risk. For most firms it is a resource-heavy undertaking to develop a sound methodology and to compile the sources for a risk rating. The Basel AML Index has already analysed and carefully selected a number of credible sources and created a composite index that covers a number of different elements contributing to a holistic assessment of a country’s AML risk. It also verifies the methodology by conducting an annual review with external experts to re-assess and validate the methodology. The Basel AML Index project report (attached), which is published annually, includes details of the methodology and the annual review that firms can utilize for their own risk assessment and for validation purposes. The Risk Factors Guidelines would thus benefit from making reference to the Basel AML Index as a public source for country or geographic risk in money laundering and terrorist financing.
3. General Note
The implementation of a risk-based approach through the use of a risk rating might differ between different banking situations. While the risk rating can be very helpful for the risk assessment of all cross border business with a particular country its application for a domestic business within the very same country might be less appropriate in particular when dealing with a local retail business. Classifying all such business as high risk in practical terms may not make sense because it might force firms to de- risking and to quit any such engagement.
Money laundering risk may be more relevant for the assessment of a correspondent banking relationship then for retail banking whilst for the risk assessment of a politically exposed person the perceived level of corruption in that country should be the prevailing risk factor. Firms should be made aware of these differences and that the risk assessment should be based on the size, the diversity and the risk exposure of their business.
Sources:
- FATF - Specific Risk Factors (http://www.fatf-gafi.org/media/fatf/documents/reports/Specific%20Risk%20Factors%20in%20the%20Laundering%20of%20Proceeds%20of%20Corruption.pdf)
- Basel AML Index (index.baselgovernance.org)
a) Do you consider that these guidelines are conducive to firms adopting risk-based, proportionate and effective AML/CFT policies and procedures in line with the requirements set out in Directive (EU) 2015/849?
The Basel Institute on Governance (Basel Institute) is an independent not-for-profit competence centre specialised in corruption prevention and public governance, corporate governance and compliance, anti-money laundering, criminal law enforcement and the recovery of stolen assets. Based in Switzerland, the Basel Institute's multidisciplinary and international team works around the world with public and private organisations towards its mission of tangibly improving the quality of governance globally, in line with relevant international standards and good practices.The Basel Institute believes the Guidelines on risk factors and simplified and enhanced customer due diligence (Risk Factors Guidelines) would benefit from some additional clarity in regards to Title II Risk assessments: methodology and risk factors. The Basel Institute has extensive experience in identifying risk factors in money laundering and terrorist financing through publishing the annual Basel AML Index, which is the only country risk rating focusing on money laundering developed by an independent non-profit institution (see index.baselgovernance.org).
The Basel AML Index methodology is based on a scientific approach by following the OECD guidelines for composite index and is being externally reviewed by independent experts with academic, financial and law enforcement background. The Basel AML can be utilized by firms applying the risk-based approach. Given the expertise acquired through the research and further development of the Basel AML Index risk rating in the past four years, the Basel Institute would like to comment on Title II regarding risk assessment methodology and countries and geographic areas (paragraph 11, 15 and 22).
1. Risk rating
The Risk Factors Guidelines in paragraph 15 list a number of potential sources of information and in paragraph 22 risk factors for the identification of risks associated with country and geographic areas. It would be useful to make note or add information on how the assessment of country risk and sources of information can be conceptually organized. The principles of a risk-based approach suggest the establishment of a country risk assessment in form of a risk rating. A risk rating simplifies the process of collecting a vast variety of potential sources of information and usually aggregates a number of variables into a score to determine the risk level of a particular country or geographic area. The risk rating will often result in a categorisation of risk: e.g. high/medium/low based on the scoring. Consequently, the risk rating becomes the driver for a number of processes that are the core elements for identification and assessment of money laundering/terrorist financing risk. Therefore, regulators would expect firms to have a risk rating either developed in-house, supplied from an independent external vendor, or as a combination thereof. The Risk Factors Guidelines do not mention the use or establishment of a risk rating, although a reference to a risk rating is made in paragraph 33 when discussing the weighting of risk factors. In our view, AML risk ratings, particular for a country risk assessment are a regulatory must and should be reflected more clearly in the Risk Factors Guidelines. It would be advisable to introduce the establishment of a risk rating when the identification of ML/TF risk and its methodology are discussed in the Risk Factors Guidelines.
2. Sources of information and risk factors
The Risk Factors Guidelines provide in paragraph 15 a list of sources of information and in paragraph 23 a list of risk factors that firms should take into account in their own country risk rating. However, the risk factors in paragraph 23 contain a list of sources of information as well as questions that determine the risk factor for a country. There is no clear distinction between sources of information and risk factors. The Risk Factors Guidelines should make a distinction between a general list of sources to be considered for a risk rating and risk factors, which determine the high risk jurisdictions. In contrast to a list of sources, risk factors ought to determine circumstances where the risk of money laundering or terrorist financing is higher, and enhanced CDD measures have to be taken.
The Financial Action Task Force (FATF) for example, recommend the following risk factors that indicate a higher risk level associated with countries and geographic areas:
• Countries identified by credible sources as not having adequate AML/CTF and the effectiveness of the implementation of such policies and procedures (FATF Public Statement)
• Countries subject to sanctions, embargoes, or similar measures issued by, for example, the United Nations
• Countries identified by credible sources as providing support for terrorist activities, or that have designated terrorist organisations operating within their country
In addition to risk factors, there are sources of information that firms should consider to conclude a risk rating (partly listed in the Risk Factors Guidelines in paragraph 15 and 23 already). As mentioned in the Risk Factors Guidelines firms may use publicly available information to assess country’s anti-money laundering frameworks, level of predicate offences and the enforcement capacity. We propose that the Risk Factors Guidelines may categorise and provide in a separate list the following sources of information (non-exhaustive list):
A.) Qualitative assessment and reports
• FATF Mutual Evaluations, International Monetary Fund assessments, Financial Sector Assessment Programme (FSAPs) and Organisation for Economic Co-operation and Development (OECD) reports.
• The European Commission’s supranational risk assessment; information from government, such as the government’s national risk assessments
• OECD country reports on the implementation of the OECD’s anti-bribery convention; and the UNODC World Drug Report
B.) AML, corruption and good governance indicators:
• Information on overall money laundering and terrorist financing risk (Basel AML Index)
• Information on the level of perceived corruption (Transparency International’s Corruption Perceptions Index; World Bank Governance Indicators on control of corruption)
• Information on the quality and the stability of the political system, the state of law, freedom of the press (World Bank Governance Indicators on the rule of law, Freedom House, etc)
As a backgound, the Basel AML Index justifies this approach through it's research which identified and categorized a number sources of information and indicators in the following groups:
Money Laundering/Terrorist Financing Risk:
FATF Mutual Evaluation Reports
TJN - Financial Secrecy Index
US INCSR – Volume II on Money Laundering
Corruption:
TI CPI – Perception of Public Corruption
Financial Transparency & Standards:
World Bank Doing Business – Business Disclosure
WEF Global Competitiveness Report - Strength of auditing & reporting
WEF Global Competitiveness Report – Regulation of securities
Word Bank IDA IRAI – Financial Sector
Public Transparency & Accountability:
Int. IDEA – Political Finance Database
IBP - Open Budget Index
WB IDA IRAI – Transparency, Account.& Corr.
Political & Legal Risk:
Freedom House - Press Freedom & Freedom in the World
WEF Global Competitiveness Report - Institutional Strength
World Justice Project – Rule of Law
These suggested sources and categories provide firms with a useful starting point, although they can still make their own determination as to the selection of risk and sources. Most of today’s AML country risk ratings go beyond the assessment of pure AML aspects to include such aspects as a country’s involvement in predicating offences (such as corruption or drug trafficking), the quality of the political and legal system and the effectiveness of the cooperation between the financial sector, regulators and law enforcement. Firms therefore face challenges in compiling and analyzing information to ensure these sources are credible and appropriate for a country risk assessment. Moreover, the selection and the methodology used for compiling these sources need to be adequately justified because any firm need to evidence why countries are rated as high, medium or low risk. For most firms it is a resource-heavy undertaking to develop a sound methodology and to compile the sources for a risk rating. The Basel AML Index has already analysed and carefully selected a number of credible sources and created a composite index that covers a number of different elements contributing to a holistic assessment of a country’s AML risk. It also verifies the methodology by conducting an annual review with external experts to re-assess and validate the methodology. The Basel AML Index project report (attached), which is published annually, includes details of the methodology and the annual review that firms can utilize for their own risk assessment and for validation purposes. The Risk Factors Guidelines would thus benefit from making reference to the Basel AML Index as a public source for country or geographic risk in money laundering and terrorist financing.
3. General Note
The implementation of a risk-based approach through the use of a risk rating might differ between different banking situations. While the risk rating can be very helpful for the risk assessment of all cross border business with a particular country its application for a domestic business within the very same country might be less appropriate in particular when dealing with a local retail business. Classifying all such business as high risk in practical terms may not make sense because it might force firms to de- risking and to quit any such engagement.
Money laundering risk may be more relevant for the assessment of a correspondent banking relationship then for retail banking whilst for the risk assessment of a politically exposed person the perceived level of corruption in that country should be the prevailing risk factor. Firms should be made aware of these differences and that the risk assessment should be based on the size, the diversity and the risk exposure of their business.
Sources:
- FATF - Specific Risk Factors (http://www.fatf-gafi.org/media/fatf/documents/reports/Specific%20Risk%20Factors%20in%20the%20Laundering%20of%20Proceeds%20of%20Corruption.pdf)
- Basel AML Index (index.baselgovernance.org)
b) Do you consider that these guidelines are conducive to competent authorities effectively monitoring firms’ compliance with applicable AML/CFT requirements in relation to individual risk assessments and the application of both simplified and enhanced customer due diligence measures?
See abovec) The guidelines in Title III of this consultation paper are organised by types of business. Respondents to this consultation paper are invited to express their views on whether such an approach gives sufficient clarity on the scope of application of the AMLD to the various entities subject to its requirements or whether it would be preferable to follow a legally-driven classification of the various sectors; for example, for the asset management sector, this would mean referring to entities covered by Directive 2009/65/EC and Directive 2011/61/EU and for the individual portfolio management or investment advice activities, or entities providing other investment services or activities, to entities covered by Directive 2014/65/EU.
N/AUpload files
Basel AML Index Report 2015_FINAL.pdf
(752.45 KB)