We deal with known risks by establishing a plan to mitigate them. In the case of AML plans for mortgage companies, we face the risk of allowing financial crimes to go undiscovered and enter the financial system through our business.
We create compliance plans as multi-tiered tools to deal with the risk. The tiers are the four (or five, depending on your business) pillars of an AML plan
- the plan itself - which identifies the risks your business encounters and how you mitigate them
- training - your employees learn how to identify and report red flags
- compliance officer - the person who implements the procedures, files reports, and ensures the activity, such as training, audits, risk assessments, etc., takes place
- an audit or exam - reviews your plan, determines if it is sufficient for the risks you face, and identifies if you are following it
- ongoing review of accounts - if we are servicing, for instance
Static Plans DO NOT Address the Risks - Make Sure you know what they are
How to Conduct a Risk Assessment?
- Higher risk components - Company-wide
- Business model -
- delegated, non-delegated,
- retail/wholesale, etc.
- Origination strategy -
- Higher risk components - Loan Level
- Loan Type
- Gift Letter
- Borrower Type
- Real Estate
- Cash Business
- Focus on engagements/applications/rate quotes/pre-quals which do not complete
- The greatest risk lies in loans or prospects not reviewed by underwriting/credit.