FINMA review of 30 Swiss banks reveals persistent AML deficiencies

Following recent on-site reviews, the Swiss Financial Market Supervisory Authority (FINMA) has announced that many examined banks’ anti-money laundering and counter-terrorist financing (AML/CFT) risk analyses are deficient. The deficiencies, which include inadequately defined risk tolerances, could impede the banks’ability to implement effective risk controls.

“FINMA has repeatedly identified shortcomings in…money laundering risk analysis during on-site supervisory reviews,” the regulator said in its August 24 press release. “This prompted…an in-depth review of the money laundering risk analyses of more than thirty banks in spring 2023. …[M]any of the risk analyses examined did not meet the requirements.”

Requirements for effective risk management

According to FINMA, a firm’s risk control function is responsible for implementing effective risk management. This includes:

• Due diligence processes and systems, such as risk monitoring.
• Risk assessments and analysis.
• Reporting to leadership, as well as to internal and regulatory auditors.
• Oversight to ensure regulatory compliance. 

To adequately assess and manage a firm’s risks, relevant teams must have key information to keep its business practices within responsible limits. This requires a thorough and regularly-updated analysis – which depends on clearly identifying risks and establishing tolerance levels. 

Key AML deficiencies

The regulator identified several key weaknesses in the firms evaluated:

• Unclear risk tolerances – This included a lack of exclusions for key entities, products, or sectors (such as certain politically exposed persons). It also involved a lack of risk indicators based on defined risk limits, which are an important part of a clearly delineated risk tolerance.
• Inadequate risk analyses – FINMA mentioned overly general descriptions of risk that were hard to understand and didn’t break down the analysis by each area. The assessments often were not updated yearly, and did not include an evaluation of the resources needed to effectively implement AML processes.

Following the report, the Swiss Federal Council announced plans to strengthen Switzerland’s AML/CFT framework. On August 30th, it opened a consultation on a bill drafted to:

• Introduce a federal register of companies and their beneficial owners.
• Broaden due diligence requirements to include legal advisors.
• Implement further measures preventing sanctions evasion, lowering cash payment thresholds for precious metals trading, and requiring due diligence for cash payments in real estate.

The consultation concludes on November 29, 2023.

How firms can respond

Swiss firms regulated by FINMA, particularly in the banking industry, are encouraged to study its full report to understand the sector’s deficiencies in AML risk analyses. It may be advisable for firms to renew their current risk analysis – paying special attention to the weak points outlined in the report. This may include technological upgrades to allow for more robust due diligence, including the use of artificial intelligence to prioritize risks and identify new ones by connecting seemingly unrelated entities in large data sets.