Adopting a risk-based approach means considering the likelihood of unwanted outcomes and focussing efforts where the risks are considered highest. A risk-based approach helps firms to identify situations where additional measures and controls may be appropriate.
Consequently, a risk-based approach requires that measures implemented to reduce financial crime risks, such as, fraud, money laundering and bribery, are commensurate to the level of risk identified. This influences how firms allocate resources, including risk and compliance resource, to ensure that the three lines of defence discharge their functions in a way that supports the application of a risk-based approach by a firm.
Covering policy and procedure, the fabric of a financial crime framework requires a robust quality assurance, which includes:
Senior Management own risk-appetite and is responsible for challenging variance or deviation to approved policy. To inform awareness of when to apply challenge:
FCRM assists clients to plan and mobilise assurance-based reviews of (internal or out-sourced) financial crime arrrangements.
We provide independent challenge to control framework design and assurance-based oversight arrangements, assisting clients to assess financial crime controls and the adequacy of management information reporting arrangements, used to inform executive understanding of a firm's compliance with regulatory requirements for financial crime.