ASK MAT:- What does the JFSC say about RISK APPETITE, and what do I need to do?

Section 2 of the JFSC Handbook for the Prevention and Detection of Money Laundering, the Countering of terrorist financing, and the Countering of Proliferation Financing (THE HANDBOOK) outlines the requirement for having an agreed, understood, and available RISK APPETITE

• https://www.jerseyfsc.org/media/7584/section-2-clean-20240507.pdf

Section 2 applies to all supervised persons, from large banks to sole traders and non-executive directors.

THE HANDBOOK REQUIRES:-

1. Consideration of RISK APPETITE:
1. The board of a supervised person must conduct and document a Business Risk Assessment (BRA) that considers the organisation’s RISK APPETITE regarding Money Laundering and associated predicate crimes, the Countering of terrorist financing, Countering of Proliferation Financing, and targeted financial sanctions (FINANCIAL CRIME).
2. This assessment should be ongoing and reflect the cumulative assessment of threats and vulnerabilities and their probability of occurrence.  
2. The BRA and CRA and appetite
1. A supervised person must conduct a BRA before any customer risk assessment [CRA].
2. When a CRA is prepared, the BRA may need to be updated (for example, to consider new risk factors or the supervised person’s changing risk tolerance/risk appetite).
3. The BRA and Strategy:
1. Based on the BRA and the organisation’s RISK APPETITE, the board must establish a formal strategy to counter FINANCIAL CRIME  
4. Documenting risk documents
1. The board must document its systems and controls, including the policies and procedures that reflect the RISK APPETITE.  
5. Factors for Determining RISK APPETITE: The board should examine various factors when considering the RISK APPETITE.
1. Acceptance of a certain proportion of business rated at each risk level (e.g., high-risk customers forming a specific percentage of overall income)
2. Connections to countries or customer risk levels that the board is not prepared to engage with
3. Sensitivity of activities or industries undertaken by potential customers
4. Consideration of politically exposed persons (PEPs) and whether to accept business relationships involving them.
5. Characteristics of the supervised person that may expose it to more significant risks.
6. Types of customers and activities considered outside Jersey’s national RISK APPETITE.
6. Clarity and Enforcement of RISK APPETITE
1. The RISK APPETITE must be sufficiently clear to guide decision-making regarding business relationships and transactions.
2. The board should ensure that the RISK APPETITE is not ignored, particularly in cases where high-risk customers present attractive business opportunities.
7. Monitoring and Compliance:
1. The board is responsible for assessing the effectiveness of systems and controls related to the RISK APPETITE and promptly addressing any deficiencies.  
2. The board must ensure compliance with the established RISK APPETITE when maintaining business relationships or conducting transactions.
8. Responsibilities
1. Board of Directors: Conducting the BRA, defining, documenting, and enforcing the RISK APPETITE, and ensuring adequate systems and controls are in place.  
2. MLCO (Money Laundering Compliance Officer): This officer assists the board in monitoring compliance with the RISK APPETITE and provides reports on the effectiveness of the systems and controls.  
3. MLRO (Money Laundering Reporting Officer): While primarily responsible for handling Suspicious Activity Reports (SARs), the MLRO will also ensure that the organisation adheres to the RISK APPETITE.
9. Conclusion
1. The document outlines a structured and detailed approach for supervised persons to manage risks associated with FINANCIAL CRIME.
2. Establishing a clear RISK APPETITE is a critical component of the AFC framework, requiring active involvement from the board, the MLCO, and the MLRO to ensure compliance and effective risk management practices.

As always, if you would like assistance with the above matters, please don't hesitate to call COMSURE.