Can you please clarify how to draft RBA and EWRA?

Can you please clarify about how to draft RBA and EWRA?

Adopting a Risk-Based Approach (RBA) moves away from a mere tick-box exercise, ensuring a more tailored and effective compliance process. When conducting an Enterprise-Wide Risk Assessment (EWRA), it is crucial to incorporate RBA principles.

To develop an effective EWRA, a thorough understanding of the regulatory framework is essential, alongside considering insights from the National Risk Assessment (NRA). Key sections to include in your EWRA are:

  1. Overview of Your Business
  2. Products and Services Offered
  3. Organisational Structure
  4. Risk Appetite
  5. ML/TF/PF (Money Laundering/Terrorism Financing/Proliferation Financing) Risk Factors Impacting Your Business
  6. Mitigating Controls in Place
  7. Evaluation of Residual Risks
  8. Overall Risk Assessment Methodology
  9. Conclusion

Including these elements will ensure your EWRA is comprehensive and aligned with regulatory expectations.

For more information on Enterprise-Wide Risk Assessment, refer:

1 Like

Really Interesting question and the answer is also very helpful Thanks to AML UAE Team