De-risking is broadly defined as the practice whereby Financial Institutions (FI) terminate or restrict client relationships with whole categories/sectors of clients, so as to not have to manage financial crime risks associated with these groups of clients.

The issue of de-risking is not new. One of the outcomes from a 2014 Financial Action Task Force (FATF) plenary was a note that clarified that “What is not in line with the FATF standards is the wholesale cutting loose of entire classes of customer, without taking into account, seriously and comprehensively, their level of risk or risk mitigation measures for individual customers within a particular sector”. The following year, the FATF continued it’s focus on de-risking as a matter of priority, through a number of projects aimed at looking into de-risking and providing further guidance to help mange risks accordingly.

Cutting off clients or potential clients from the global financial system runs the risks of creating opacity, forcing clients to use unregulated channels and drives financial activity underground. Inclusion in the financial system not only ensures that an equal level of access to financial services is available but the use of regulated financial services also allows for traceability and the ability to put in place Anti-Money Laundering (AML) and Counter-Financing of Terrorism (CFT) controls.

De-risking as a global issue

Addressing and managing de-risking is not isolated to a few countries, nor is it limited to just certain business sectors. One of the regions most affected by de-risking has been the Caribbean – through the loss or termination of Correspondent Banking (CB) relationships. A recent stock-taking exercise by the Caribbean Financial Action Task Force (CFATF) aimed to highlight the negative impact of de-risking on the region in order to enhance the FATF’s work on engagement and coordination on it.

FI’s in the region responded that they had restrictions placed or relationships terminated when it came to correspondent banking relationships, noted as due to the “elevated perception of risk” they posed, which had a knock-on effect in challenges to then being able to provide their own clients with products and services. Two of the most popular reasons for loss of services to FI’s were:

• low volume/small profit margins
• the cost of compliance

Products and services most affected as a result of de-risking included wire transfers and cross border transactions. The Caribbean region has not simply accepted that it should be cut off from the financial system and has made proactive efforts to address the issue. In order to counter the effects of de-risking, the FI’s in the region addressed issues through:

• strengthening AML/CFT compliance programmes
• addressing the concerns of banks providing them correspondent banking services
• making use of publications, such as those put out by FATF, for standards that could be followed
• engaging with both local and international regulators
• using advanced technology

The work of FATF in addressing de-risking

FATF’s most recent plenary, towards the end of 2021, drew much attention on strategic initiatives such as; the revised RBA guidance on Virtual Assets/Virtual Asset Service Providers (VASPs), the consultation on Beneficial Ownership standards, digital transformation of AML/CFT and the progress on work related to Environmental Crime. What drew slightly less attention was the high-level synopsis on the ‘Unintended Consequences of the FATF Standards’.

It was noted that despite a significant amount of resource by FATF, dedicated to examining and mitigating de-risking, as well as; efforts in updating FATF standards, providing further guidance and best practice papers, de-risking and financial exclusion remained a challenge for many sectors – which goes against the RBA promoted by FATF.

FATF notes that “It is difficult to identify a direct correlation between the FATF Standards and de-risking in the financial sector, even though failure to implement the risk-based approach of the FATF Standards at the national level could be one of the many drivers of de-risking”.

The findings conclude that although this was an initial ‘stock-take’ to understand the nature of any unintended consequences of FATF standards and a significant amount of effort by FATF has gone into mitigating de-risking, a Phase 2 into this line of work will look into what more can be done to mitigate any unintended consequences – with options ranging from additional guidance and best practices to training.

European efforts to tackle de-risking

The focus on de-risking has continued, particularly in Europe. The European Banking Authority (EBA) took action in 2021 to address de-risking via three legal instruments:

1. its 2021 Opinion on money laundering and terrorist financing risks within the European Union (EU) financial sector – where it noted de-risking as a continuing trend and actions competent authorities should take
2. revised money laundering and terrorist financing Risk Factors Guidelines – these clarified the application of a RBA, which does not mean FI’s should refuse or end relationships with whole categories/sectors of clients but rather manage risks using a RBA
3. a public consultation on changes to current Guidelines on risk-based AML/CFT supervision – which include the requirement for competent authorities to ‘take stock’ of the level of de-risking in their jurisdiction, as well as address de-risking as part of money laundering and terrorist financing risk assessments

Actions by the EBA also continued into 2022. In January of this year, the EBA published its Opinion on the detrimental impact of de-risking and the ineffective management of money laundering and terrorist financing risks.

The call for input into the 2022 Opinion by the EBA included 293 respondents, of which 270 were those that were affected by de-risking and 23 of which had been included in the de-risking itself. As part of the conclusions, three key drivers for de-risking were noted:

1. where a money laundering and terrorist financing risks exceed risk appetite
2. a lack of understanding of specific customers’ business models
3. where the cost of compliance drove decisions to exit relationships

For each of the three key drivers of de-risking, the EBA provides existing provisions in EBA instruments that may help competent authorities and FI’s to address de-risking. For FI’s, the following were of particular note.

Where ‘risk appetite’ is concerned, the EBA refers to provisions under the money laundering and terrorist financing Risk Factors Guidelines . It specifically notes provisions that may help address root causes of de-risking identified, namely; high-risk third countries, Politically Exposed Persons (PEPs) and sectoral guidelines (especially correspondent banking relationships, money remitters and Electronic Money Institutions).

In order to address the ‘lack of understanding’ of specific customer business models, which has particularly been around VASPs, the EBA refers FI’s to the money laundering and terrorist financing Risk Factors Guidelines also, which have a section aimed at credit institutions that may help them identify and assess risks associated with such businesses.

For the final key driver of de-risking, ‘cost of compliance’, the EBA again points to provisions under the money laundering and terrorist financing Risk Factors Guidelines which state that as part of money laundering and terrorist financing assessment, FI’s can opt to provide only basic financial products and service, which may restrict the clients ability to abuse them for financial crime. The EBA also adds to this by highlighting provisions in its Opinion from 2016 on Customer Due Diligence (CDD) related to asylum seekers and how FI’s can adjust their basic accounts offerings, should money laundering or terrorist financing risks suggest changes are needed.

The old and the new: the expansion of de-risking

Respondent banks using CB and Money Service Businesses (MSB) often feature in discussions of de-risking but many other sectors also face being such issues – one of those is the diamond trade. The EBA’s January 2022 Opinion noted that businesses operating in the diamond trade made up a significant portion of respondents in its call for input. Diamond businesses claimed they had been denied bank and business accounts and whilst no explanation was provided for being denied services, many claimed it was due to blanket de-risking of the diamond sector. Most indicated that they were not able to find alternative banking services and whilst some found services in other EU countries, most looked to third countries such as India and Dubai, with some even using cash payments as temporary workarounds.

Where there is a lack of understanding and/or appetite in providing financial services for newer sectors such as Virtual Asset service providers, and even the legal marijuana sector in the United States (US) for legal reasons, this may only further add to the issue of de-risking. The CEO of Uniswap, a decentralised cryptocurrency, recently took to Twitter to complain of having his accounts closed at JP Morgan Chase without notice or explanation. Despite efforts through proposed legislation, such as the US’s SAFE Banking Act (from which language may now be fed into the newer America COMPETES Act), aimed at reducing challenges of marijuana businesses obtaining banking services, sectors such as this may still face de-risking issues – even if legislation were to be passed.

A difficult step

Despite significant efforts, signals and guidance from both standard setters and supervisors in the need for taking a RBA in addressing de-risking, the question remains – will FI’s have the practical conviction to take the step of following putting into practice a RBA or will the fear of criminal/civil conviction mean they fall short in taking a truly risk-based approach? One perspective that may help answer this is that ‘knowing’ financial crime and trying to simply comply is not enough – they need to go further and ‘understand’ financial crime.