A comprehensive and well-developed risk assessment framework is an important tool in evaluating a financial institution's AML risk profile. Jocata will assist management in developing a unique risk assessment framework based upon the institution's products, customers, transactions, and geographic locations. Once developed, the framework will be applied to the institution's data, applicable policies and procedures, resource levels, training protocol, transaction monitoring systems and audit practices in order to assess the risk management and control processes in place. The result will be a prioritized list of deficiencies or weaknesses and recommended mitigants for management's consideration.
POLICIES AND PROCEDURES
Effective compliance programs require robust internal controls - policies and procedures that identify and address the risks according to severity. The creation of policies and procedures is the very cornerstore of an effective AML/KYC compliance program as technology deployments are only as effective as the policies dictating them. Most regulatory guidelines require financial institutions to take a formal approach not only to assess AML compliance with its policies and procedures, but also to assess whether the compliance program is effective in addressing AML risks and meets regulatory requirements. It also allows top management to set the tone regarding acceptable risks and adequate safeguards.
CUSTOMER RISK RATING
Once policies and procedures have been developed based on the risk assessment, an important step is developing a risk-scoring methodology to apply the risk assessment across the financial institution's customer base. The customer risk-scoring methodology should identify how each risk assessment factor is applied to formulate the risk score of a customer. In addition to developing a risk-scoring methodology, Jocata will also help clients apply the methodology consistently and accurately to all of the financial institution's customers (old and new). A manual process to assign risk to each customer is fraught with inconsistencies and is susceptible to employee fraud. Using its proprietary KYC management application Jocata categorizes the financial institution's customers into discrete risk levels (e.g. high, medium or low).
The KYC aspect of an AML program that includes the identification of customers requires financial institutions to obtain certain information from a customer and use that information to verify the customer's identity. This information coupled with effective monitoring can be a significant tool in the detection of suspicious or unusual activity. Most financial institutions neglect this important aspect of a compliance program.
Jocata helps financial institutions identify customers that require remediation, "back-fill" missing information for the customers identified, update the risk scores for the remediated customers and creates a complete customer file that can then be used to build a solid base for the AML program.