What is a Risk-Based Approach (RBA)?

Illustration of the elements that make up a risk management framework

The risk based approach (RBA) is central to the effective implementation of the Know Your Customer (KYC) and Anti-Money Laundering (AML) framework. This modern risk control technique departs from the previous rule-based approach and is advocated by the Financial Action Task Force (FATF).

A brief history of Risk Based Approach (RBA)

In the mid-1990s, the KYC and AML laws were still novel and prescriptive. The prescriptive approach was that the regulations initially centred on the risks and controls of retail banking and did not fit other business structures, such as corporate, institutional, or investment banking and wealth management.

This resulted in companies attempting to customise and adjust AML controls to suit their market models, trying to accommodate the regulatory paradigm but potentially ignoring the real risks they were exposed to. The enforcement efforts have also failed to meet regulatory requirements.

As a result, RBA came into existence.

The components of RBA

There are two distinct pillars of RBA risk assessment:

  1. Each country must consider its susceptibility to money laundering on a country-by-country basis. This is being implemented by way of national risk evaluations.
  2. Each financial institution (FI) must complete its internal risk evaluation against the backdrop of national risk, tailoring its money laundering/financing risk management systems.

EU’s Anti-Money Laundering Directives

The European Union (EU) has adopted several directives incorporating FATF’s AML/KYC recommendations, including an RBA framework. The most recent directive added in 2020 is called the 6th Anti-Money Laundering Directive (6AMLD). These directives have then been transposed into national legislation by the Member States and now govern financial institutions operating in their jurisdiction in the form of regulations.

The EU system of AML is decentralised – within each EU member state lies a Financial Intelligence Unit (FIU). The FIUs are small units responsible for collecting Suspicious Transaction Reports (STRs) and prosecuting suspected money laundering cases.

Also, the EU’s framework emphasises the role played by mandated agencies to determine the extent of risk of money laundering that transactions present. Unique forms of Customer Due Diligence (CDD) are implemented by experts, depending on the degree of risk. They are expected to file an STR with their national FIU to decide that the transaction is suspicious. The role played by professionals is, therefore, paramount to the efficiency of the AML mechanism.

Table of contents
    Add a header to begin generating the table of contents

    More posts

    What is an Ongoing Monitoring Process?

    An ongoing monitoring process is vital in ensuring compliance is met with regulatory bodies. This guide discusses what comprises an AML monitoring strategy and how continuous monitoring strengthens Anti-Money Laundering efforts....
    The crypto travel rule and the need for AML Compliance Software

    The Crypto Travel Rule: The Need for AML Compliance Software

    The crypto travel rule endorses VASPs to use AML compliance software to share user data when transactions exceed a specific value to achieve crypto compliance. This initiative is designed to mitigate crypto money laundering....
    Choosing the right automated KYC verification service ComplyCube

    Choosing the Right Automated KYC Verification Service

    Increasingly complex regulations have muddied the regulatory water for some time. The high demand for an automated KYC verification service has led to a spike in the number of KYC vendors on the market. Choose the right one for you....