2023 NRA - Financial Institutions

The NRA observes that Financial Institutions (FIs) now service more customers when compared to credit institutions, including customers which were de-risked by credit institutions. The sectorial residual risk remains medium-high and therefore unchanged from the 2018 NRA. The NRA recommends that FIs:
a) Enhance the risk-based approach,
b) Monitor the effectiveness of the transaction monitoring systems used,
c) Remediate identified weaknesses in the AML/CFT control frameworks,
d) Improve internal governance.

The top risks of Financial Institutions highlighted by the 2023 NRA are:

1. Exposure to high-risk jurisdictions due to the processing of international payments (High)
2. Exposure to jurisdictions due to non-resident customers and/or BOs (High)
3. Misuse of FIs services from higher-risk customers (Medium-high)
4. Misuse of FI sector for fraudulent activities  (Medium-high)
5. Abuse of the sector to launder proceeds of foreign crime (Medium-high)
6. Misuse of FI services by customers who are part of complex corporate structures (Medium-high)
7. Abuse of the sector by customer transacting with VFA exchanges (Medium-high)

On the other hand, the top vulnerabilities highlighted by the 2023 NRA include:

1. Conducting CDD and having all relevant documentation (High)
2. Developments ex. virtual IBANs (Medium-high)
3. Abuse of the shareholding structure / BO involvement (Medium-high)
4. Volume and speed of payments (Medium-high)