Arctic Intelligence, a global provider of enterprise risk assessment software to regulated institutions, has today released results of its first annual Anti-Money Laundering (AML) Benchmark report. The report highlights how organisations assess their inherent risk* of exposure to money laundering and terrorism financing, their control effectiveness and their residual risk*. Findings are based on a blend of qualitative risk assessment data from Arctic Intelligence’s AML Accelerate Platform and quantitative data from a cross-section of risk professionals across their client base and the industry.
Twenty three percent of risk assessments analysed for the report indicated that control frameworks for managing AML vulnerabilities needed improvement or had not been tested at the time of the assessment. Although 72% were rated as ‘adequate’, only 5% of risk assessment controls rated as ‘strong’. These findings were further supported by qualitative data, which showed that 37.5% of respondents cited ‘developing the framework’ as their top risk assessment challenge.
Other key findings included:
- 53% of companies perform an enterprise risk assessment once a year, with 25% conducting them as often as business changed.
- 21% of respondents were unsure of how long an enterprise risk assessment actually took, because it was either an external process or a fragmented internal one.
- 69% of respondents claimed that digitisation had provided at least two significant improvements for their risk assessment process. These include more effectiveness in understanding AML risks and demonstrating compliance, as well as having more confidence in their risk assessment process with a centralised documentation repository.
Darren Cade, CEO at Arctic Intelligence says, “With an estimated two to five percent of global GDP being money laundered every year, the various findings from our benchmark report indicate that there is still a long way to go in the fight against financial crime and that all stakeholders in the financial ecosystem need to strive for better standards. The enterprise risk assessment is the cornerstone of any strong financial crime compliance program and digitising the process through RegTech, would be a first step in providing a robust and data-driven approach to assessing and reporting on AML risks.”
Qualitative data from 544 risk assessments were executed on Arctic Intelligence’s AML Accelerate platform. These assessments explore the overall risks posed to an institution through its business operations, customer base, products and services, channels to market, the external and internal environments in which it operates and its geographical exposure. 59% of the risk assessment analysed were from financial institutions.
For more details on the findings a copy of the report can be downloaded here.
*Inherent Risk is typically defined as the level of risk in place in order to achieve business objectives and before actions are taken to alter the risk’s impact or likelihood. Residual Risk is the remaining level of risk following the development and implementation of the organisation’s response.