Section 2 Threat Risk Assessment

Like a traditional risk assessment, but better!

The risk assessment process is the most critical step in the BSA/AML program development. The risk assessment is a road map for mitigating various types of risk to your organization. It defines your risk profile, your detection strategy and should even inform your detection scenarios. This road map should also recognize the presence of threat groups and threat actors to help inform your KYC/CDD and EDD processes. A good foundation contributes to long term success for your program and the protection of your organization and it’s brand and systems.

The experts at Section 2 can add an additional dimension to your view of risk. Call us to find out how we can use a comprehensive threat assessment to impact detection and even operational efficiencies! 

Risk Assessment

Typical risk assessments look at the dynamic risk of your organization and takes into account a number of factors:

  • Products offered
  • Services
  • Channels
  •  Geographies
  • Customers
According to the FFIEC:
“Generally, the first step in developing the risk assessment is to identify the bank’s risk categories. Money laundering, terrorist financing, or other illicit financial activities can occur through any number of different methods or channels. A spectrum of risks may be identifiable even within the same risk category. The bank’s BSA/AML risk assessment process should address the varying degrees of risk associated with its products, services, customers, and geographic locations, as appropriate. Improper identification and assessment of risk can have a cascading effect, creating deficiencies in multiple areas of internal controls and resulting in an overall weakened BSA/AML compliance program.”
The risk assessment should be specific to your organization’s risk profile and recognize the unique characteristics of the business and operations. 
Section 2 can help create a comprehensive risk assessment and can also help automate this process for your organization.

Threat Risk Assessment

Just like a traditional risk assessment, our threat risk assessment recognizes typical factors like product, services,  geography, channels and customers, but we add layers of intelligence to the view. Using data sampling and a transactional review, we identify potential threat networks that may be operating within your organization. We look at risk from a different perspective by tools to help identify the real risks of your organization. Some of the additional layers help determine the next step which is detection strategy. 

Additional layers of review include:

 

  • Identifying potential threat networks that may be operating across your geographies, channels 
  • Identification of product use at various operational areas of threat group structures
  • Identification of fund flows and patterns of “normal” commerce
  • Multi-jurisdictional geographic review and scoring
  • Threat actor assessment 
 

Typical assessments are manual and time consuming. We believe that this process should drive your detection scenarios, strategies and procedures throughout the organization in an automated fashion.

 

Whether you need a traditional risk assessment or a comprehensive Threat Risk Assessment, the experts at Section 2 can help.

Assess your risk today