Wolfsberg Group reinforces the centrality of a risk-based approach in financial crime compliance

The Wolfsberg Group has reaffirmed its longstanding position that the risk-based approach (RBA) remains fundamental to the design and maintenance of robust financial crime risk management (FCRM) programmes. In a recent statement, the Group called upon financial institutions (FIs) to deepen their understanding of financial crime risks and to calibrate their controls proportionately and effectively.

First recognised in its 2006 Guidance on an RBA for Managing Money Laundering Risks, the Wolfsberg Group’s latest statement reflects the evolving global regulatory environment and the increasing focus on demonstrable effectiveness. The Group’s view aligns with the Financial Action Task Force (FATF) definition, emphasising that countries, competent authorities and FIs should identify, assess and understand financial crime risks and apply controls proportionate to those risks.

Crucially, the Wolfsberg Group articulated three core pillars that should underpin any FI’s RBA:

1. Proportionality: FIs must tailor their FCRM frameworks to reflect their individual business models, factoring in size, scale, geographical footprint, customer base and risk appetite.

   
   

2. Prioritisation: Firms should allocate resources where they are needed most, focusing on higher-risk customers and activities while eliminating redundant or low-value controls that do not contribute meaningfully to risk mitigation.

   
   

3. Effectiveness: Rather than a mechanistic, rules-based approach, FIs are encouraged to adopt a dynamic, forward-looking methodology that targets tangible outcomes and ensures that controls remain fit for purpose.

   
   

The Wolfsberg Group also underscored the importance of supervisory regimes that enable and support the application of an RBA, cautioning that overly prescriptive supervision could undermine the flexibility needed for effective financial crime prevention.

In recognition of the continued relevance of RBA, the Wolfsberg Group plans to update its 2006 RBA Guidance and 2015 FAQs on Risk Assessments, signalling a renewed commitment to ensuring that industry practice evolves alongside regulatory expectations. The statement encourages FIs to read this guidance in conjunction with related Wolfsberg publications, including Developing an Effective AML/CTF Programme, Principles for Auditing for Effectiveness and Statement of Effective Monitoring for Suspicious Activity.

The Wolfsberg Group’s message is clear: collaboration, dialogue and a proportionate focus on the highest risks remain key to achieving effective outcomes in the fight against financial crime.

Read the statement here.