It is of utmost importance that the Financial Crime Defence is risk based, and that makes the customer risk scoring model one of the key components having a huge impact on all the controls.
The customer risk scoring model typically contains the quite static risk factors like Customer Type, Industry/Occupation, Geography, Products & Services and Delivery channel.
Depending on the complexity of the model, each risk factor has different scores – e.g. being present in a high-risk country gives a higher score than being domestic only and being in a high-risk industry gives a higher score than in a low-risk industry. The model then applies some weight to each risk factor and the result is that a customer ends up being high- medium- or low-risk scored.
The banks Standards typically require that high-risk customers have ODD each year, medium risk every 3 years and low-risk every 5 years. There is also a huge difference in the depth of the work ranging from KYC analysts scrutinizing each high-risk customer, while simple automatic deviation controls are applied to the low-risk customer’s self-service KYC information.
These huge differences in workload makes it clear why it is so important to calibrate the customer risk scoring model correctly.
Risk scoring models only focusing on the standard risk factors tend to result in too many high-risk customers. As an example, it is simply not a strong enough reason for a customer to be classified as high-risk just because it operates in a high-risk industry or because it uses the banks most risky products. It must be a combination of several of the risk factors before a customer is classified as high-risk.
What matters more is the actual transactions the customers are conducting through the bank. The TM scenarios go across and cover all customers (if correctly designed with lower thresholds for high-risk customers), and putting the effort into having strong scenarios, combined with analytical capabilities like network and payment content analysis, results in a much better defence than having KYC analysts spending a lot of time analysing customers classified as high risk by a customer risk scoring model that is not sufficiently granular.
#FCPadvisory #FCP #AML