RISK ASSESSMENT POLICY - Teto bank

Teto bank > RISK ASSESSMENT POLICY

INTRODUCTION

This Risk Assessment Policy (Policy) establishes ground for TETO Bank risk management regarding to money laundering and terrorist financing risks

 

The Policy is the subject of a review by TETO Bank management board at least annually. The proposal for a review and the review of these Guidelines may be scheduled more often by the decision of the MLRO.

 

The words used in the Policy shall be interpreted in accordance with definitions provided for in the Guidelines, which annex this Policy is. 

 

RISK ASSESSMENT PROCEDURE

TETO Bank shall prepare and regularly update the risk assessment in order to identify, assess and analyses the risks of money laundering and terrorist financing related to its activities.

 

The process of risk assessment, executed by TETO Bank shall include at least the following actions: 

• Risks identification; 

• Risks analysis; 

• Risks evaluation.

 

The risk assessment and the establishment of the risk appetite shall be documented and the documents shall be updated where necessary.

 

THE RISK CATEGORIES

TETO Bank identifiesthe risks/threatsrelated to its activities, as well asthe risks/threatsthat may arise in the near future, that is foreseeable risks/threats, and assesses and analyses their significance and impact. The risks/threats are identified and assessed on a case-by-case basis as of the moment of the risk assessment and separately considering the situation where TETO Bank should take the risksto the maximum extent permitted by the risk appetite. TETO Bank identifies, assesses and analyses risks of money laundering or terrorist financing taking into account the following risk categories:

 

• Risks relating to customers; 

• Risks relating to countries, geographic areas or jurisdictions: 

• Risks relating to products, services or transactions, including risks relating to new and/or future products, services or transactions: 

• Risks relating to communication, mediation or products, services, transactions or delivery channels between TETO Bank and customers.

 

THE RISK ASSESSMENT SCALE

TETO Bank shall identify risk factors for the risk categories specified in above that increase or decrease the risk of money laundering and terrorist financing. The following scale (score) for the each identified risk factor grade impact (likelihood x impact) shall be used:

 

Low (1 point) – assessed risk factor which meets the following: 

• Has insignificant or does not have affect to the occurrence of risks of money laundering or terrorist financing; 

• Does not increase or increase insignificantly the occurrence of risks of money laundering or terrorist financing.

 

Medium (2 points) – assessed risk factor which meets the following: • Has medium affect to the occurrence of risks of money laundering or terrorist financing; • Increase the occurrence of risks of money laundering or terrorist financing. 

 

High (3 points) – assessed risk factor which meets at least one of the following: • Hassignificant affect to the occurrence of risks of money laundering or terrorist financing; • Increase the occurrence of risks of money laundering or terrorist financing significantly.

 

prohibited (4 points) – assessed risk factor which meets all of the following: • Hassignificant affect to the occurrence of risks of money laundering or terrorist financing; • Increase the occurrence of risks of money laundering or terrorist financing significantly; • Does not meet TETO Bank risk appetite.

TETO Bank RISK APPETITE

The following information establishes the TETO Bank risk appetite: 

• TETO Bank management board made a decision on establishment of business relationships with the Customers from non-EEA countries. 

• TETO Bank will provide only services, specified in the Guidelines; 

• TETO Bank will provide the services, specified in the Guidelines, only in the course of an established Business Relationship; 

• Risks which correspond TETO Bank risk appetite (the risks assessed from low to high) and their assessment are specified in the Customers’ profiles (annex of this Policy); 

• Risks which TETO Bank intends to avoid (the risks assessed as prohibited) are specified in the Customers’ profiles (annex of this Policy). 

INCIDENTS´ MANAGEMENT

TETO Bank shall manage incidents, which related to the occurrence or potential occurrence of risks of money laundering and terrorist financing or shall specify the risks which were not considered during the latest risk assessment. TETO Bank shall keep a register of such incidents, which shall contain at least following data:

 

• Time of detection; 

• The time of the event; 

• The source of the incident information; 

• The staff member and the structural unit that identified the incident; 

• Description of the incident; 

• The staff member and the structural unit involved in the incident; 

• The consequences of the incident and their extent; 

• The cause of the incident; 

• The actions taken. 

 

THE UPDATE OF RISK ASSESSMENT

TETO Bank shall update or renew the risk assessment and the related documents when necessary, but not less than once per year. PTETO is obligated to update or renew risk assessment in the each of following cases:

• There are violations of restrictions set by TETO Bank risk appetite; 

• The financial performance (for example, profit or turnover) of PTETO has increased significantly over a short period; 

• Customers number significantly increased; 

• Customers number with certain risk level significantly increased; 

• Number of claims from Customers increased significantly; 

• Number of refusals for business relation with Customers increased significantly.; 

• Number of notifications sent to the authorized bodies increased significantly; 

• More than 20% of the employees were replaced or removed within 6 months; 

• The number of orders from supervisory authorities has increased significantly; 

• It systems used by TETO Bank were changed significantly; 

• Main service providers of TETO Bank were changed; 

• New national risk assessment has occurred; 

• New supra-national risk assessment has occurred; 

• In the other cases if it’s required on the opinion of compliance officer or management board of TETO Bank shall update risk assessment and the related documents before: 

• Starting of use new or emerging technologies; 

• Starting of providing new products or services; 

• Starting of using non-traditional sales channels; 

• Starting of using new channels for providing services or products.

MODEL TO IDENTIFY CUSTOMER´S RISK PROFILE

TETO Bank shall analyze the data obtained during implementation of CDD measures, compare the aforementioned data with risk factors identified for each ML/TF risk category and determine the Сustomer´s risk profile in accordance with the following. 

 

For the Customer´s ML/TF risk assessment TETO Bank uses the following risk categories: 

• Risks relating to customers; 

• Risks relating to countries, geographic areas or jurisdictions: 

• Risks relating to products, services or transactions; 

• Risks relating to communication, mediation or products, services, transactions or delivery channels between TETO Bank and customers; 

 

For the each of aforementioned risk categories following risk score may be identified: 

 

• Low risk (1 risk point) – No influential risk factors exist in risks category, the customer itself and the customer’s activities are transparent and do not deviate from the usual activities, i.e. the activities of a reasonable and average person, in that field of activity, and there is no suspicion that the risk factors as a whole could lead to the realization of the risk of money laundering or terrorist financing; 

 

• Medium risk (2 risk points) – One or several risk factors exist in the risks category that deviate from the usual activities of a person acting in that field of activity, but the activity is still transparent and there is no suspicion that the risk factors as a whole could lead to the realization of the risk of money laundering or terrorist financing; 

 

• High risk (3 risk points) – One or several risk factors exist in the risks category that as a whole growssuspicion of the transparency of the person and their activities, which causes the person to deviate from persons usually acting in that field of activity and it is at least possible that money laundering or terrorist financing is taking place; 

 

• Prohibited risk (4 risk points) – Risk is not acceptable by TETO Bank due to risk appetite. Each risk category shall be assessed in accordance with risk factors identified for the assessing customer´s risk profile. The score for risks category shall be determined in accordance to higher identified risk factor´s score in the risk category.

 

The risk score of each risk category shall be used in the following table to determine the Customer´s risk profile.

 

ANNEXES

Teto bank