Country Risk Analysis Framework: World Bank

By

The National Money Laundering/Terrorist Financing Risk Assessment (NRA) Toolkit has been developed by World Bank Group (WBG) staff members to support WBG client countries and jurisdictions in self-assessing their money laundering and terrorist financing risks. The NRA Toolkit contains guidance manuals; Excel worksheets and the formulas therein; PowerPoint presentations; and any other materials provided as part of the NRA Toolkit. Jurisdictions are advised to use the NRA Toolkit with technical assistance from the WBG to ensure proper application. They developed two national risk assessment tools (First Generation and Second Generation National Risk Assessment tools) as well as national risk assessment process, with a view to facilitate the risk assessment even in the countries where the data and statistics are limited. The World Bank tools are essentially, although not limited to, self-assessment tools in order to help the countries develop their capacity to collect and analyse the useful data, statistics and information and introduce a risk based approach


Establishing a NRA Working Group

 In undertaking a national risk assessment, countries are highly encouraged to establish a dedicated NRA working group or a task force. In the Technical Assistance offered by the World Bank, this is a pre[1]requirement for the project. The NRA Working Group should be composed of all relevant AML/CFT stakeholders. It is usually headed by a lead AML/CFT agency in the country. The Working Group usually  consists of the representatives from, Financial Intelligence Unit, Central Bank, Financial Regulation and Supervision Agency (if exists), Capital Markets Authority, Regulator of the Insurance Market, Tax Authority, Intelligence Agency, Police (Units combating organised crime, drugs, arms trafficking, smuggling etc.), Anti-Corruption Agency, Anti-Drug Agency, Customs Authority, Office of Public Prosecutor, Ministry of Finance, Regulators of other financial services, and authorities related to DNFBPs. Private sector representatives may be invited to the NRA Working Group as a full member or a partial member. For example, the private sector representatives can play a key role in assessing the vulnerabilities of the covered institutions in the preventive measures, but may not be ideally placed if sensitive intelligence is shared. Given the heavy analytical work involved in the exercise, NRA Working Group member are suggested to be senior technical specialist and expected to stay as the members of the working group throughout the NRA process to ensure the continuity



First Generation Tool 


First Generation tool is an Excel-based template that was developed initially by the World Bank and later integrated into the Strategic Implementation Programming (SIP) framework, which is a joint initiative by the World Bank and Asia Pacific Group on Money Laundering (APG). In this regard, refinement of the first generation NRA tool has greatly benefited from participation of APG members and partners.


Source: World Bank



The first generation NRA tool utilises a matrix approach in assessing the ML and TF risks. The risk assessment template focuses on the assessment of threat and vulnerabilities as the main components of the ML/TF risk. SIP NRA Template is an Excel file with 5 assessment areas (ML Prevailing Crime Type/TF Threat Analysis, Legal/Judicial/Institutional Framework, Economic and Geographical Environment, Financial Institutions and DNFBPs), accompanied by summary findings. Each of the assessment areas contains carefully selected indicators to assess threats and vulnerabilities. Two separate risk assessments are undertaken on ML risk and TF risk, using the symmetric risk assessment structure. The worksheets designed for the ML/TF assessment consists of following templates:


The main difference between ML and TF risk assessment templates is the threat analysis. The objective of ML Threat Analysis is to understand what type of predicate offenses pose a ML threat in jurisdiction based on data and other information collected, and identify origins (both domestic and foreign) and methods of ML. Outcome of such threat analysis would be useful for law enforcement agencies (LEAs) to prioritise their actions. It is also useful for FIU and covered institutions to understand the type of crimes that generate illicit proceeds and different methods of money laundering. On the TF risk assessment side, TF threat analysis also attempts to capture the statistics and any other information but on TF cases and assesses the level and sources of TF threats. Vulnerability analysis section consists of four assessment matrices, each of which focuses on vulnerabilities arising from different areas. “Legal/Judicial/ Institutional Framework” and “Economic and Geographical Environment” assesses the vulnerabilities arising from the factors at the national level, while “Financial Institutions” and “DNFBPs” focuses on vulnerabilities posed by financial institution and DNFBP categories that are present in assessed jurisdiction. The structure of Financial Institutions and DNFBPs matrices are different from the others, and they are designed to enable assessment and comparison of the inherent vulnerabilities as well as net vulnerabilities (after taking into account the control measures) arising from various sectors, institutions or professions. Vulnerability assessment in ML and TF risk assessment templates are very similar and differ in limited number of indicators. This effort was intentionally made in order to allow comparison of ML and TF risk faced by the country.

 

For each of the indicators in the matrices, a threat, vulnerability or risk level is assessed based on the information and statistics provided. Available information and statistics are filled into designated boxes in the templates. Most of these boxes are designed to capture a short summary of the information/justification. A detailed write up that elaborates the grounds and justification for each assessment, is required in order to ensure the quality and credibility of the assessments.

 

The template includes pre-identified and carefully selected indicators to assess the ML/TF risks; however, the template can be customised by adding new indicators or amending existing ones, to reflect each country’s unique environment.


The Second Generation NRA Tool 


The Second Generation NRA Tool has been developed by the World Bank with a view to enable more rigorous and sophisticated risk assessment. This NRA tool was modeled on the Bayesian Network which utilises the laws of probability at its core of the modeling and analyses the sources and causes of risk. Strong logical sequence of events and causal relations between variables affecting risk is carefully modeled. This enables capturing main drivers of the money laundering risk, formularising the complex environment of money laundering taking into account the interactions among various components of risk and vulnerability and generating a final measure of the risk/vulnerability level. In order to make the tool user friendly and easily accessible, this Second Generation tool has been remodeled based on excel and using weighted averages instead of probabilities, while keeping the logic and concept of ML risk assessment built from the initial Bayesian Network approach.

 

The Second-Generation NRA tool is a knowledge-based diagnostics and decision making tool that can assist decision-makers to assess and analyse money laundering risk in a jurisdiction. The tool provides a means to understand sources of vulnerability in a country and how various factors that influence the vulnerability are inter-related. The tool can also be used to iteratively observe and analyse the effects of various policy options based on scenarios. For example, the impact of actions (individually or collectively) to reduce the vulnerability can be determined.

 


Source: World Bank


The model defines the ML Risk as a combination of national threat and national vulnerability. The national threat module is the “Proceeds of Crime” exercise that provides guidance to countries to assess the ML threat. In assessing national vulnerability, a number of variables are evaluated as main drivers (input variables) of vulnerability to ML. All these input variables constitute the building blocks of a network which ultimately feeds into the national vulnerability node. 

Second Generation NRA Tool consists of 8 modules. Two main modules, namely National Threat Analysis and National Vulnerability Analysis modules that feed into the National ML risk and determine the country’s position on the risk map.

 

Threat and vulnerability modules are different in their nature. Threat module is not based on modeling but provides guidance to countries to analyse the prevailing predicate offences and proceeds derived from these offences in a particular jurisdiction. A sample template provided to the countries is a starting point to collect data and to trigger the threat analysis to have a better understanding on the scale of the proceeds of crime and associated money laundering. The National Vulnerability Module and the sectoral modules which feed into the former are based on initial Bayesian network modeling. Assessment methodology guides the assessment of “input variables.” Inputs variables are identified as the main drivers of the vulnerability. Each assessment template includes the definition of the variable, the criteria that should be used during the assessment and a section designed to record the result of the assessment. Using the criteria, the assessors (of the risk assessment) are asked to assign a score that ranges from 0.0 to 1.0.

 



Source: World Bank

 For each input variable assessment, assessors are asked to provide a write up to explain the grounds and justification for the assigned rating. This write up is a crucial part of the assessment and needs to include reliable information and analysis, as well as the available data and statistics supporting the assessment.


Scores assigned to each input variable are populated into the Excel model. The excel model combines these scores based on interactions between various factors, weighted averages, and defined prerequisites. The sectoral vulnerability ratings feed into the National Vulnerability Module. In addition to the vulnerabilities arising from the various sectors, National Vulnerability Module requires the assessment of 24 other input variables, which affect the country’s ability to combat money laundering. 


Second Generation NRA Tool also includes a module on Financial Inclusion Product Risk Assessment. This module aims to assist authorities in evaluating money laundering and terrorist financing risks arising from both existing and emerging/new financial inclusion products and can be used as a basis for designing a risk-based approach in the preventive measures. It can also be used by regulators to design low or lower ML/TF risk financial products. This module is different from other modules and benefits from the output of NRA, rather than feeding into it.

Second Generation NRA tool provides a practical and transparent framework that assist countries to better understand and analyse the complex web of ML risk. Following items can be described as the main strengths of the tool:

 

1.      Provides an idea on the overall risk and vulnerability in the country.

2.      Allows diagnostic and scenario analysis.

3.      Allows comparison of vulnerabilities arising from various products/services.

4.      Allows comparison of vulnerabilities arising from various sectors.

5.      Prioritisation and sequencing of potential AML actions.

6.      Contributes to the cooperation and collaboration among AML/CFT stakeholders

 

The World Bank attaches particular importance to the undertaking of risk assessment at the national level, notwithstanding the potential benefit of more focused sector risk assessment. This is because it is extremely important for each country to gain a common understanding among all relevant authorities and stakeholders on the level and nature of ML/TF risk faced by them. Further, the outcome of the NRA should guide sectoral assessments and assessments undertaken by the private sector.

 

Although it can also be used for assessment by external parties, the World Bank NRA tools are developed and are essentially being offered as self assessment tools. It is an assessment organised, led and owned by the country, while the World Bank provides the risk assessment tools, guidance, and review. One of the main objectives of this self assessment approach is to facilitate the development of the country’s own capacity to undertake risk assessments and to implement risk based approach in AML/CFT area. Countries are encouraged to customise and tailor the tools to fit to the specific needs and conditions of the country.

 

World Bank’s NRA Process is designed to facilitate the inclusion of all stake holders in the national risk assessment, which will also enhance the cooperation and coordination among various government agencies as well as the government agencies and private sector, and ensure the completion of national risk assessment in a reasonable time frame.





Happy Reading


Those who read this, also read

1. Country  Risk Analysis Framework : IMF

2. Country Risk Analysis: The Basel AML Index

3. National Risk Analysis(NRA) Framework 

4. Framework for Country Risk Analysis : FATF








Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more