Skip to main content
Version date: 4 March 2021 - onwards

6.1. Sequencing to establish risk-based supervision

139. Where there are new supervisory responsibilities or AML/CFT supervision is applied to new sectors, it may be difficult to achieve a fully effective risk-based supervision over the short term.

140. Strategies to address this challenge:

Consider building into the supervisory strategy a step-by-step approach to risk-based supervision. For example, below is the process followed by the Anti-Money Laundering Compliance Unit in the Irish Department of Justice which supervisors several DNFBP sectors.

Box 6.1. Step-by-step approach to establishing risk-based supervision

Develop legal framework and define scope of the regime (e.g. what activities or types of entities will be regulated). Think about powers needed for the specific sector based on the risks it presents. For example: specific powers to enter premises, remove files etc.

Establish a preliminary understanding of the sector, including identifying an estimate of the entities in scope, the size of their operations, etc.

Establish supervisory authority and staff (think about needs, e.g., knowledge and skills gaps, additional technology, etc.)

Programme of staff training (Who should deliver it? Who should you involve? What training is available?)

Develop inspection procedures around obligations in legislation, international best practice (e.g. FATF/EU)