Financial institutions’ risk-based anti-money laundering (AML) and counter-terrorist financing (CTF) programs are designed around a comprehensive risk assessment, based on a decade-old model focused on compliance risk which, in turn, acts as a proxy for financial crime risk.

Today, financial institutions find themselves exposed to a more diverse and complicated set of criminal threats, with the threat landscape continuing to evolve as criminal activities proliferate and money laundering techniques expand.

The rise of new banking entrants, non-traditional business models, and an exploding diversity of fintech providers means that it is time to think beyond the status quo. The gains brought by incremental digitization in financial crime compliance should be pursued to consider a model that is threat-centric, based on a collaborative ecosystem of intelligent controls at the heart of the banking sector.

If achieved, financial institutions will be better able to understand and quantify financial crime risk whilst improving the effectiveness and efficiency of their financial crime compliance strategies. This also creates an opportunity for international co-operation on reimagining globally accepted compliance standards through a transition to a threat-based assessment of risk and corresponding dynamic response capabilities.

In early 2021, Oliver Wyman, Financial Crime News, and Mox Bank came together with an idea to collaborate on the creation of a financial crime threat view in practice. This involved development of a methodology and application of a threat-based control assessment. The paper discusses the case study of Mox, a new digital bank based in Hong Kong, applying the threat lens to its risk control framework.

The report is co-authored by John Cusack, the Founder of Financial Crime News, Wendy Ennis, Head of Financial Crime Compliance Asia at Standard Chartered, and Sean Kennedy, Partner and Head of Finance and Risk Practice Asia Pacific at Oliver Wyman.