Compliance Risk Models: Is It Time to Review Yours?
Risk models drive financial crime compliance decisions at all levels of an organisation – from the policies and procedures designed to mitigate bribery risk in different jurisdictions down to the level of due diligence performed on third parties. Whilst robust risk models should be informed by various inputs, one source many organisations have come to rely on since its inception in 1995 is Transparency International’s annual Corruption Perceptions Index.
With the 2018 edition having just been published, we ask: what’s changed in the perception of public sector corruption over the past year? And what practical steps should compliance officers take when there are adjustments in the indices that drive their risk model?
This year’s index included changes likely to be pertinent to organisations from a risk management perspective:
- Improved scores
Countries such as Estonia, Ivory Coast, Senegal and Guyana significantly improved their index scores.
- Worsened Scores
The scores for the United States of America, Australia, Chile, Malta, Turkey and Mexico declined by various amounts.
Topped this year’s index scoring 88 points – despite the high-profile money laundering case that has come to be known as the ‘Russian Laundromat’. This is because the index does not incorporate perceived levels of money laundering.
Practical next steps
When external sources like these change, compliance officers should employ the following practical steps to ensure their programme remains robust and defensible:
- Risk model adjustment & remediation
Tweak your risk model in accordance with any fluctuations in the country risk scores – both up and down. Where the risk score has increased for a country, look at third parties you have conducted due diligence on in that jurisdiction and assess if a remediation is required, involving further investigation commensurate with the risk. AI-powered technology is increasingly making due diligence exercises like this, along with the compliance process that underpin them, more efficient, cost-effective and ultimately more sustainable.
- Risk assessments start from within
Risks to your organisation are driven by its business activities which are in turn influenced by factors including but not limited to: geography, sector, regulatory environment, politics and risk appetite. It is therefore important to ensure that reliance upon any external index is part of a comprehensive and well documented risk assessment process.
- Context is everything
Whilst it is a useful resource, compliance officers should view the Corruption Perceptions Index in context. This means remembering that the index is based on general perceptions by citizens in those countries, and does not include perceptions of corruption pertaining to the private sector.
We can help
Exiger’s experts have decades of experience managing bribery and corruption risk. We help clients identify and understand their risk exposure and develop proportionate compliance controls, as well as providing market-leading AI-powered due diligence technology solutions.
You may also be interested in
Third Party Risk Management: Moving to ‘Business as Usual’
As third party ecosystems become larger and more complex, how can compliance officers understand risk and manage the problem at scale?