More and more financial services firms are undertaking investigations into Wwft and integrity risks. But when a client with a high risk profile comes along? It is often rejected. And that is unnecessary, because you can make risks manageable. How? With risk and control measures.
What are risk & control measures?
The meaning of management measures or control measures is simply translated: the control action you have on risks.
‘Control measure’ is a term common in compliance and risk management. How does it work? It starts with your organization’s risk policy. This defines what you consider to be low or high risks in client acceptance and monitoring. Have you identified what your risks are? Then it makes sense to link actions to them. These are your control measures.
In your policy you include: if risk x occurs, then control measure x goes into effectz
An example of control measure
Ok, say you have included in your (risk) policy that country x is a risk country.
When onboarding your client, it turns out that your client does business with parties in the risk country in question and/or has ongoing transactions in this country. Then, instead of immediately rejecting this client, you can also make this risk manageable with a clear measure.
- Every 7 days – do transaction monitoring to and from entities located in a high-risk country
By applying this management measure, you can then serve the client despite the increased risk.
Why are control measures important?
Control measures are mostly mentioned in combination with monitoring, policy, and process. One reason this happens mostly is because more and more accountants and financial services firms are implementing SIRA (systematic integrity risk analysis).
Your firm is expected to consider how you identify potential money laundering and integrity risks, but also how and which risks you then make manageable.
How do you set up control measures?
When you recognize a risk, for example, an industry-related risk, cash payments or a person who is negatively in the news, you need to manage that risk.
Record the management measures taken for this file. You have the freedom to determine your own management measures for potential AML-risks. After all, the control measures you take must fit your firm’s characteristics and the risk policy geared to them. Management measures are tailor-made.
Control measures automated in Grub
You don’t have to come up with all the control measures yourself. In Grub, we have predefined management measures for a large number of AML risks. These are management measures that specifically address money laundering and terrorist financing risks. If desired, this list can be expanded. For example, with additional control measures that respond to integrity risks such as cybercrime, fraud, and regulatory compliance avoidance.
With Grub, you automatically have access to preset sample control measures. You can apply these immediately and adjust them if necessary. Make control measures part of your risk policy.
Curious about the control measures within Grub? Request a free trail.