Adopting a risk-based approach to customer screening means being responsive to risk throughout the screening process.
As the Financial Action Task Force puts it, a risk-based approach involves “analysing and seeking to understand” how any money laundering or terrorist financing risks you identify affect your business, and responding accordingly.
Example of a mechanistic (non risk-based) approach
Step 1 – Initial screening reveals that a potential customer is a PEP
Step 2 – You flag this information on the customer’s record and fill in the appropriate documentation
Step 3 – You move on to the next customer
Due diligence is no ‘box-ticking’ exercise
In a risk-based approach, the individuals or entities deemed highest risk are allocated the most resources—further investigation, more regular review and so on.
In a mechanistic approach, risks are identified but not investigated or acted upon appropriately.
A mechanistic approach to screening often emerges in organisations in which there is a general lack of knowledge concerning financial crime, or which are highly siloed such that screening is carried out without oversight by experienced compliance professionals.
It’s a common theme of financial crime scandals that the organisations involved have all the tools to identify criminal behaviour, but fail to stop it because compliance is seen as a box-ticking exercise and clear red flags are missed. All compliance staff should have at least a basic understanding of the crimes they are working to prevent.