Pursuant to the section 5 of the FTRA, SCB rules and joint Guidelines, all Licensees of the SCB are required to document and implement business risk management. This document will follow the outline of the Joint Guidance, which mandates licensees adopt sound practices to mitigate financial crime risk relative to its clients and business operations; more specifically that licensees should undertake a four prong approach. Under this approach inherent and residual risk factors should be identified and considered at the following levels:
Country
Sector/Industry
Entity Specific
Business Relationship
The Joint Guidance urges licensees to take the National Risk Assessment (NRA) in account in their overall assessment of the financial crime risk, along with the assessment of reputable and methodically sound vendors and international organizations. The assessment should take into account the primary jurisdiction of client bases, cross-border transaction origins and cross-border transaction destinations
The NRA also identifies vulnerabilities and risks that are sector-specific. Licensees should take these into account where applicable, when conducting enterprise risk assessments.
All licensees must undertake and document an appropriate entity-specific financial crime risk assessment, in concert with the assessment of all other inherent and external risks.
Pursuant to section 5 of the FTRA 2018, each licensee must develop a risk assessment framework which is approved by senior management, to ensure appropriate measures are taken to identify, assess and mitigate its identified risks. This framework must be appropriate for the type of products offered by the licensee, and capable of assessing the level of potential financial crime risk each client relationship poses.
Factors to be considered in developing this framework are listed in (but not limited to) the FTRA, AML/CFT/PF Rules and Guidelines and Risk Assessment Framework of the Regulatory Authorities. All relationships must be risk rated/assessed. The ratings/assessment results must be documented and be replicable by other stakeholders such as compliance, internal audit and the Regulatory Authorities to ensure that the risk rating methodology has qualitative integrity and consistency
It is the policy of Easyterms Ltd. to be compliant with all relevant legislation. Rules, Guidelines and its own Policies and Procedures in order to identify and mitigate its business risk within its risk appetite.