The bronID ML/TF Risk Assessment process estimates the level of 2 groups of risk: Business Risk and Regulatory Risk. The Business Risk is the risk your organisation is facing of being exploited by criminals for money laundering or terrorism financing (ML/TF). The Regulatory Risk, on the other hand, is the risk associated with your organisation not meeting its obligation under the AML/CTF laws.
Furthermore, bronID divides the Business Risk into six different categories:
This is the risk that your organisation is facing due to the industry or environment where it is operating. The key component that we analyse here is the vulnerability of your business to predicate offences (i.e. crimes that may result with proceeds that need to be laundered or crimes related to terrorism activities). The Environmental Risk is external to your business, and bronID performs the assessment based on expert reports published by various regulators or international bodies. For example, if you are operating an online business, it is likely that it will be more susceptible to cybercrime, ransomware or online scams in comparison to a business that only operates through physical branches. Similarly, investment platforms or brokers are more vulnerable to predicate offences related to securities fraud where other businesses such as payment platforms or remittance are less exposed. Every industry has a different level of exposure to various predicate offences. Other factors, such as the location of your operations or types of clients you serve also impact your Environmental Risk.
This is the risk that your organisation is facing as a result of the way you operate. The Operational Risk is an internal risk and can be managed by changing your internal processes and procedures. Factors such as the number of employees, whether you are outsourcing part of your operations, the existence of a separate compliance function within the organisation or the way you develop the product/service impact the level of your Operational Risk.
This is the risk that your organisation is facing as a result of the nature and attributes of the products/services that you are providing. To assess the Product/Service Risk, we look at different features such as whether the product allows any level of anonymity, can customers deposit or withdraw cash, does the product facilitate instant transactions or the typical range of values that can be transacted. The product characteristics significantly influence the level of ML/TF risk that your organisation is facing, and for each characteristic, you can develop mitigation measures that will reduce the associated risk.
Your organisation's ML/TF risk also depends on the types of customers that you are serving. Factors such as whether you only serve individuals or provide services to more complex structures such as companies and trusts, or you serve high-risk customers such as PEPs or cash-intensive businesses will affect the level of your ML/TF risk.
The channels that you use to deliver your products or services to your customers will affect the ML/TF risk that your organisation is facing. For example, although not a strict rule, online businesses have higher ML/TF risks than businesses that meet their customers face to face. One of the reasons is because it is more difficult to verify the identity of your customers online. Other factors, such as the use of intermediaries or third parties when providing your service will also affect your Delivery Risk.
Different countries and regions experience different types and levels of vulnerabilities to ML/TF. Your Jurisdiction Risk depends on the location of your business activities, your target market and customers, or even the location of the third-party partners that you use to deliver your service. bronID Jurisdiction Risk rating is a composite index, and it provides a simplified comparison of countries' risks of ML/TF based on the following data sources:
- FATF Uncooperative / AML Deficient List;
- FATF Mutual Evaluation Reports;
- US State Department - International Narcotics Control Strategy Report;
- US Secretary of State - Terrorism Report ;
- International sanctions;
- Transparency International's Corruption Perception Index;
- World Bank's Governance Indicator ;
- Presidential Determination on Major Drug Transit or Major Illicit Drug Producing Countries;
- US Department of State - Human Trafficking Report;
- EU Tax Blacklist;
- List of Offshore Finance Centres.