Many banks are delegating the analysis to their individual business lines and then developing a composite analysis. For a complex institution, it is probably the only realistic approach. It also not only educates the managers on the risks involved, it's abundantly clear to them that if the analysis is flawed they will be held responsible.
Banks that do this generally begin with a training session where they bring the units up to speed on the issues. Then they distribute questionaires that track Appendices J and M in the interagency examination procedures. The managers of the business lines complete their reports and return them to the BSA Officer who analyzes them for credibility. When the process is completed, the BSA officer compiles a bank wide risk assessment.
You won't build the documentary structure for this between now and Wednesday unless someone here just decides to donate their work product. My suggestion is that you hand out a memo describing the risk assessment overall, include a time table for the steps leading to its completion, provide copies of the matrices and see what questions people have in advance.
_________________________
In this world you must be oh so smart or oh so pleasant. Well, for years I was smart. I recommend pleasant.