Answer:
The FFIEC provides some guidance for completing the risk assessment; however, you should consider doing more than the basics contained in the suggested risk matrix. We suggest you establish a set of metrics to measure the volume of “high risk” transactions in your bank. For example, how many cash transactions that must be reported occur? How many high risk customers do you have? We also suggest you correlate the high risk customers with the reportable transactions. Where you have a strong correlation, you are exposed to higher risk. Most data processors have additional data fields that would allow you to develop a coding system to monitor specific classes of customers and transactions. Once you can measure the occurrence of the transactions and who is doing them, you can establish what volume constitutes low, medium and high risk. This way you justify the basis for your perceived risk rating.
print
share