A methodology for enterprise-wide risk assessment in small banks and credit union

Date01 February 2021
Pages372-393
DOIhttps://doi.org/10.1108/JMLC-08-2020-0098
Published date01 February 2021
AuthorPhilippa Duncan
A methodology for enterprise-wide
risk assessment in small banks
and credit union
Philippa Duncan
University of Belize Belize City Campus, Belize City, Belize
Abstract
Purpose This paper aims to provide an easy to follow, practical guide for small traditional banks and
credit unions to conduct an enterprise-wide risk assessment of the f‌inancial institutions anti-money
launderingcompliance program.
Design/methodology/approach Information was collected from relevant documents published by
global standard setters in the disciplines of anti-money laundering, f‌inancial crime prevention and risk
management.The data was integrated with common challenges experienced by small f‌inancialinstitutions to
produce an application-basedguide that practitioners can readily implement.
Findings Though not a new concept, macro-level f‌inancialcrises and institutional level f‌inancial crimes
have inf‌luenced the rapid evolutionof risk management in f‌inancial institutions over the past three decades.
Small unsophisticatedbanks and credit unions are expected to now perform an internal risk assessment.An
abundance of informationis available on risk assessment, but small institutions remain challengedin f‌inding
a turnkey document that is readily actionable to stimulate a less arduous undertaking, especially given the
institutionslimitedresources.
Research limitations/implications The setting ref‌lects small deposit-taking institutions with
traditionalservices. It is tailored for easy understandingand practical use by the institutions.
Originality/value This could inf‌luence small institutionsto conduct enterprise-wide risk assessments
and formulateand use more specif‌ic risk managementpolicies.
Keywords Risk management, Risk assessment, Anti-money laundering,
Enterprise risk methodology, Enterprise-wide risk assessment
Paper type Research paper
Introduction
Macro-level f‌inancialcrises and institutional level f‌inancial crimes have inf‌luenced the rapid
evolution of risk management in f‌inancial institutions over the past three decades. Post
mortem conducted on the 2008 f‌inancial crisis highlighted weaknesses in risk management
practices within f‌inancial institutions (Financial Crisis Enquiry Commission, 2011). Risk
management is not a new concept and had always maintained a vivid presence in the
insurance industry, but as risks evolved, the tentacles of risk management have extended
with more prominence in other f‌inancial sectors. Also, the scope of mitigating strategies
expanded to areas other than credit and market risks, for example, one of the more recently
emerged risks in f‌inancialinstitutions is money laundering.
The Financial Action Task Force (2012) (FATF) continually revises its series of
recommendations to encourageeffective implementation of robust policies that can mitigate
the risks of money laundering and other f‌inancial crimes. A new anti-money laundering
(AML) trend is for f‌inancial institutions to perform an enterprise-wide risk assessment
(EWRA) to understand their exposureto money laundering. EWRA inf‌luences an approach
to risk management that is institution-wide, transparent, forward-looking and specif‌ic. An
JMLC
24,2
372
Journalof Money Laundering
Control
Vol.24 No. 2, 2021
pp. 372-393
© Emerald Publishing Limited
1368-5201
DOI 10.1108/JMLC-08-2020-0098
The current issue and full text archive of this journal is available on Emerald Insight at:
https://www.emerald.com/insight/1368-5201.htm
abundance of information is available on various approaches to risk assessment, but small
institutions with limited resources remain challenged in f‌inding aturnkey document that is
readily actionable to fostera less arduous undertaking. Such could dissuade institutions and
stymie the formulation and implementation of policies specif‌ic to the institutions
circumstances. This documentaims to provide an easy to follow, actionable guide for small
traditional banks and credit unions to conduct EWRA of its anti-money laundering
compliance program.
Blueprint for small banks and credit unions
Under FATF Recommendation 1, countries should require f‌inancial institutions to identify,
assess and establish strategies pertaining to money laundering (ML) risks. The common
model ref‌lected in small banks and credit unionsincorporated risk management of f‌inancing
terrorism, corruption, bribery and other f‌inancial crimes with ML. Therefore, in this
document, ML is used holisticallyfor all f‌inancial crimes.
Authors have published copious amounts of information on EWRA. However, the
information is largely generalto cover diverse f‌inancial services and institutions of all sizes,
educational to complementcollege lectures and theoretical to communicate best practiceson
risk assessment. This article expands on existing material to increase the body of
information at theapplication level.
Multiple variations are recognized in the approaches to EWRA; thereby, underscoring
the importance of a clearly documented methodology to articulate the model used by the
f‌inancial institution (The Wolfsberg Group, 2015). Financial institutions perform EWRA,
and a written EWRA methodology approved by the institutions board of directors can
minimize biases in conducting the assessmentand increase credibility in the results. While
internally generated, EWRA results are also of interest to external stakeholders, including
regulators and examiners who now considerEWRA f‌indings in the broader examination of
banks and credit unions. In the US Bank Secrecy Act/Anti-Money Laundering Examination
Manual (2020), the authorities conf‌irmed EWRA results could increase bank examiners
understanding of the institutions risk prof‌ile and inf‌luence scoping and planning of the
examination.
In upcoming sections of this paper,a methodology is presented as a solution to ignite the
process and make it less onerous on small banks and credit unions. The products and
services in these institutions are largely traditional, operations and structures are
noncomplex and roles and responsibilities are not highly specialized. Consequently, the
adequacy of this blueprintfor small deposit-taking institutions.
Limitations
The setting ref‌lects small deposit-takinginstitutions with traditional services; however, the
underlying risk management concepts can be extended to f‌inancial institutions of varying
types and sizes. This article was written from an application perspective based on global
standards pertaining to anti-money laundering and risk assessments; therefore, theoretical
discussions of such standards were notreproduced. Presented in the article is a systematic
model simplif‌ied for small banks and credit unions, which couldnot ref‌lect risks peculiar to
individual institutions, but idiosyncrasies will be recognized in performing the EWRA and
highlighted in the report. Procedures to carry out the risk assessment were not detailed in
this manuscript because the focus was on preparing a written methodology within which
framework the EWRA could be conducted.
Small banks
and credit
union
373

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT