RBI directs banks, NBFCs to strengthen risk assessments

Mumbai: The Reserve Bank of India on Thursday asked banks, NBFCs, and other entities regulated by it to use information obtained from all relevant internal and external sources for their risk assessment exercise.Reserve Bank's Regulated entities (REs) have to carry out ‘Money Laundering and Terrorist Financing Risk Assessment' exercise periodically to identify, assess and take effective measures to mitigate their Money Laundering (ML), Terrorist Financing (TF) and Proliferation Financing (PF) risks for clients, countries or geographic areas, products, services, and transactions or delivery channels.

In this regard, the central bank has issued 'The Internal Risk Assessment Guidance for Money Laundering/ Terrorist Financing' for the REs, particularly for the dealing staff and the Anti-Money Laundering (AML)/ Countering Financing of Terrorism (CFT) / Counter Proliferation Financing (CPF) practitioners of the REs. It specifies key principles for an internal risk assessment (IRA) exercise. "The enterprise-level risk assessment forms the bedrock of RBA (Risk-Based Approach). It enables the REs to understand how and to what extent they are vulnerable to ML/TF/PF risks which help REs in determining the allocation of attention and AML/CFT resources necessary to mitigate that risk," the RBI said. REs should use information obtained from all relevant internal and external sources for the IRA exercise, it said.

Internal sources include data/information from specific business relevant information from other related verticals of REs (such as fraud/cyber/IT risk management verticals).