Anti-Money Laundering/Countering the Financing of Terrorism for Fund Management Companies

What is an enterprise-wide risk assessment?


  • According to MAS (Guidelines)
    last revised 24 April 2015

    In addition to assessing the ML/TF risks presented by an individual customer, a CMI shall identify and assess ML/TF risks on an enterprise-wide level. This shall include a consolidated assessment of the CMI’s ML/TF risks that exist across all its business units, product lines and delivery channels. 

    The enterprise-wide ML/TF risk assessment is intended to enable the CMI to better understand its overall vulnerability to ML/TF risks and forms the basis for the CMI’s overall risk-based approach.

    The scale and scope of the enterprise-wide ML/TF risk assessment should be commensurate with the nature and complexity of the CMI’s business. 

    As far as possible, a CMI’s enterprise-wide ML/TF risk assessment should entail both qualitative and quantitative analyses to ensure that the CMI accurately understands its exposure to ML/TF risks. A quantitative analysis of the CMI’s exposure to ML/TF risks should involve evaluating data on the CMI’s activities using the applicable broad risk factors set out in paragraph 4-6.

FinReg business tip

The scale of the risk assessment should be commensurate with the nature and complexity of the CMI's business.