Do you like cookies? 🍪 We use cookies, just to track visits to our website, we store no personal details. By using our site, you acknowledge that you have read and understand our Cookie Policy, Privacy Policy, and our Terms of Service.
Cutting ties to minimize risk might sound smart, but what happens when de-risking goes too far? In 2015, Dr. Iraj Hashi, a U.K.-based economics professor, had his bank accounts abruptly closed after 40 years of banking without any explanation. The most likely reason? His Iranian origin.
De-risking can be defined as the practice of reducing or eliminating financial exposure to perceived risks, often by severing ties with certain clients, markets, or business activities deemed high-risk.
While designed to protect, de-risking policies can inadvertently cause harm. Overly broad de-risking can exclude legitimate businesses or communities from the financial system, reducing their access to essential financial services and potentially fostering informal economies.
De-risking can also bring harm to the financial institution itself, leading to hefty fines or reputational damage, as customers and regulators may question its commitment to fairness and transparency.
Is there a more balanced way to conduct de-risking without the unintended consequences? Let’s explore how.
What is the regulation behind de-risking?
Before diving into ways to optimize de-risking, it’s important to understand the regulatory landscape behind it.
In the EU, there is no regulation that mentions de-risking. The EU Anti-Money Laundering Directive (AMLD6) indirectly addresses de-risking by strengthening guidelines on how financial institutions assess and manage customer and transaction-related risks.
It is important to note that the EU Payments Account Directive (PAD) of 2014 mentions in Article 15 that all individuals in Member States have the right to to open and maintain a payment account with basic features. This ensures financial inclusion and access to essential banking services for all citizens and legal residents.
Similar views were shared by the Financial Action Task Force (FATF) in its Statement of 23 October 2014 on risk-based approach and de-risking, and by the World Bank in its 2015 World Bank De-Risking Report on correspondent banking.
In 2023, the U.S. Treasury released a de-risking strategy. The first of its kind, the report examines the phenomenon of financial institutions de-risking, explores its root causes, and identifies the groups most affected. It also outlines key policy recommendations to mitigate its negative impacts.
How to use a risk-based approach when de-risking
When it comes to de-risking, a risk-based approach ensures that decisions are made based on an objective assessment of individual risks and not broad, indiscriminate policies or assumptions.
By evaluating each case separately, institutions can implement proportionate risk-mitigation measures, such as enhanced due diligence or exclusion of services, rather than resorting to outright exclusion. This approach also aligns with regulatory expectations, which emphasize the importance of managing risk without undermining access to financial services.
When deciding to de-risk a customer, follow this risk-based process:
1
Assess the risk and reward of continuing the relationship. Does the potential risk outweigh the benefits, or can mitigation measures be applied to manage it effectively?
2
Evaluate the potential for mitigating risk. Should EDD be applied to the customer or can certain services be restricted to them? For example, no use of pre-paid cards, no cash, etc. Analyze the customer’s transaction history and overall behavior to determine if there are actual red flags or just perceived risks based on broad categorizations.
3
Before deciding, communicate with the customer to clarify any concerns, request additional documentation, or explore alternative arrangements that reduce risk.
4
Consider whether de-risking would disproportionately affect vulnerable individuals or businesses and explore alternatives that support financial inclusion.
5
Assess the financial and reputational impact of de-risking decision, ensuring they are justified and beneficial to the financial institution.
If all options have been considered, but the risk is still deemed too high, the financial institution can then go ahead and end the relationship with the customer.
The importance of customer communication
Maintain open lines of communication with customers whose relationship was stopped because of de-risking. Provide them with clear reasons for actions taken and offering guidance on resolving risk issues when feasible.
How to document your de-risking decision
Maintaining documentation of de-risking decisions is crucial for ensuring transparency and accountability, demonstrating that decisions were made based on a thorough, risk-based analysis. It also provides a clear record for regulatory reviews, audits, or potential legal challenges, safeguarding the institution against future scrutiny or disputes.
Creating a spreadsheet to log de-risking decisions is a practical way to organize and track key information for each case.
The spreadsheet should include columns for the customer's name, account details, risk assessment findings, rationale for the decision, mitigation measures considered, actions taken, and the date of the decision, along with any follow-up actions or reviews planned.
There are also key documents that should be saved in an organized folder dedicated to any de-risking decision. These documents include risk assessment reports, CDD files of the customer, internal decision logs, communication records with the customer, and regulatory reports.
Financial institutions should have a centralized record-keeping system and have audit-ready documentation in case of regulatory inspections or internal audits.
How to support staff when it comes to de-risking
Staff members of financial institutions, particularly the first line of defense, should be supported in how to deal with de-risking. This includes:
1
Policies & procedures: financial institutions should have clear, comprehensive policies and procedures in place that outline the criteria and process for de-risking, ensuring staff can make informed, consistent decisions in line with regulatory requirements.
2
Training: staff members should undergo regular training on recognizing the signs of high-risk customers and understanding the risk-based approach to de-risking, empowering them to handle complex situations effectively. Training should also cover legal obligations and the potential consequences of improper de-risking decisions.
3
Ongoing support & resources: financial institutions should provide continuous support through accessible resources, such as guidance documents, risk assessment tools, and a dedicated helpline or expert team.
4
Interdepartmental cooperation: there should be seamless communication between compliance, risk management, legal, and frontline teams to ensure a holistic approach to de-risking.
What are the negative effects of de-risking?
If a blanket approach is used instead of a risk-based approach, de-risking could lead to negative consequences that can have a profound impact on our world.
Individuals and businesses who are de-risked because they are born or are resident in a high-risk jurisdiction may lose access to essential financial services, exacerbating economic and social inequality. They may turn to unregulated or informal financial channels, increasing the overall risk of money laundering, fraud, and financial crime.
Disrupting correspondent banking relationships can hinder cross-border transactions, affecting businesses reliant on global supply chains and remittances.
Smart de-risking: protecting institutions and clients
By focusing resources on high-risk customers, transactions, and jurisdictions, financial institutions can allocate their efforts more effectively, ensuring that their AML frameworks are both comprehensive and adaptable.
This approach not only helps in identifying potential threats more accurately but also mitigates unnecessary disruptions to low-risk clients, fostering a more sustainable financial ecosystem.
Conduct Risk has been the hot topic of the past years. From principles to outcomes, discover how to articulate your busi...
Financial firmsMon 28 May 2018
Experts in risk management and regulatory compliance
Pideeco is a consultancy firm providing legal services, business solutions, operational assistance and educational material for professionals in the financial industry.
We are based in Brussels and we specialize in regulatory risk compliance services covering the Eurozone.
Pideeco combines professional Regulatory knowledge and technical expertise to safeguard your business’ reputational and operational risk. Our unique customer-centric approach helps us build strategical and legitimate cost-efficient remedies.
Working with us means reaching out to complementary people, allowing for original thinking and innovative vision.
