AML Firm‑Wide & Sanctions Risk Assessments Workshop (H1039)
A practical workshop on building and updating AML, client and sanctions risk assessments under the new EU AML framework.
✓ Firm-wide AML risk assessment (FWRA)
✓ Client risk assessment (CRA)
✓ Sanctions risk assessment
✓ Scoring, documentation and governance
✓ Controls, mitigation and action planning
An advanced, hands‑on workshop that helps compliance teams design and update firm‑wide AML, client and sanctions risk assessments so they are consistent, documented and future‑proof under the EU AML Single Rulebook and new EU‑level supervisory expectations
Table of Contents
- About the Course
- Who Should Attend
- Key Learning Objectives
- Course Curriculum
- Meet the Trainer
- FAQs – Frequently Asked Questions
- Other Upcoming Courses
- Fees & Registration Details
- Registration Form
About the Course
Under the EU AML Single Rulebook, risk assessments move to the centre of supervisory expectations. Business‑wide AML risk assessments, client risk assessments and sanctions risk assessments must be consistent, documented and aligned with AMLR, AMLA guidelines and EU sanctions standards, with new minimum content and governance requirements being phased in before full application dates.
This workshop provides a practical methodology for designing and updating the three core AML risk assessments: firm‑wide AML risk assessment (FWRA), client risk assessment (CRA) and sanctions risk assessment. It shows how to define risk factors, scoring models, data needs and documentation so that results can be used to calibrate CDD, EDD, monitoring and controls, and presented in a way that satisfies AMLA, national supervisors and internal audit. Through worked examples, templates and workshop exercises, participants construct or refine their own FWRA, CRA and sanctions risk assessment frameworks, and consolidate them into a coherent risk narrative and action plan that complements the EU AML Single Rulebook and AMLD6 courses.
By the end of this workshop, participants will be able to:
- Build a robust firm‑wide AML risk assessment aligned with the latest EU standards.
- Design practical client risk scoring models that genuinely drive CDD/EDD and monitoring.
- Develop a sanctions risk assessment that reflects current and emerging European expectations.
- Connect FWRA, CRA and sanctions risk assessment outputs into a coherent control framework and risk‑based action plan ahead of upcoming AMLR and AMLA milestones.
Register via ERMIS platform using code 688519
*This training program is designed to support continuing professional development (CPD). Participants are encouraged to verify with their professional body or regulatory authority whether the training meets their individual or institutional CPD requirements.
Timetable
Who Should Attend
Recommended experience:
At least 1–2 years’ experience in AML/compliance, risk or audit, or equivalent exposure through legal/accounting work.
Compliance Officers and AML Officers.
MLROs and Deputy MLROs.
Risk Managers and Internal Auditors responsible for AML or sanctions.
Staff in banks, investment firms, payment/EMIs, ASPs/TCSPs and CASPs who own or support AML risk assessments.
Senior managers overseeing AML and sanctions risk governance.
Key Learning Objectives
Following the completion of the course on AML Firm-Wide & Sanctions Risk Assessments, the attendees will be able to:
- Explain regulatory expectations for business‑wide AML risk assessment, client risk assessment and sanctions risk assessment under AMLR and related EU‑level guidance.
- Describe how forthcoming AMLA guidelines and EU‑level technical standards on risk assessment and sanctions controls are expected to shape methodologies, data and governance.
- Distinguish clearly between FWRA, client‑level risk assessment and sanctions risk assessment, and understand how each links to policies, CDD/EDD, monitoring and reporting.
- Design or update a structured firm‑wide AML risk assessment (FWRA) aligned with current and expected AMLR/AMLA minimum content requirements.
- Build practical client risk assessment (CRA) models, including risk factors, scoring approaches and documentation standards that support CDD/EDD decisions.
- Develop a sanctions risk assessment framework that incorporates new sanctions and screening guidelines and integrates with AMLR governance and controls.
- Link FWRA, CRA and sanctions risk assessment outputs into coherent controls and mitigation plans, and consolidate them for management and supervisory reporting.
- Treat risk assessments as living tools that drive business decisions, not one‑off compliance exercises.
- Adopt a forward‑looking mindset towards upcoming AMLA guidelines and EU sanctions expectations, planning ahead rather than reacting at the last minute.
- Strengthen their willingness to challenge weak methodologies, outdated risk factors and undocumented judgments in high‑risk areas.
Course Curriculum
- Role of risk assessments under AMLR, AMLD6 and AMLA: business‑wide, client‑level and product/channel‑level expectations.
- Overview of upcoming AMLA guidelines on the minimum content of the business‑wide risk assessment and sources of information.
- Evolving expectations for sanctions risk assessments and screening governance under EU and EBA guidelines.
- How this workshop fits with the EU AML Single Rulebook and AMLD6 programmes (no duplication, deeper methodology focus).
- Principles of an effective AML risk assessment framework: consistency, traceability, use‑test, proportionality.
- Governance and ownership: roles of the board, senior management, MLRO/compliance, risk management and internal audit.
Interaction between FWRA, CRA, sanctions risk assessment and other risk processes (operational risk, ICAAP/ICARAs, enterprise risk). - Defining risk appetite and tolerances at a high level and reflecting them in risk assessment design.
- Example framework: how a medium‑sized group structures its AML risk assessments, approvals, review cycles and documentation.
- Regulatory expectations for business‑wide risk assessment content and data sources.
- Defining FWRA scope: entities, business lines, products, services, delivery channels, geographies and customer segments.
- Building the FWRA methodology:
Inherent risk factors (customer types, products, geography, channels, delivery models). - Control environment assessment (policies, systems, staffing, monitoring, sanctions, reporting).
- Residual risk scoring and thresholds for risk appetite.
- Workshop exercise: participants work on a FWRA template for a sample obliged entity (or their own organisation, where appropriate).
- Documenting FWRA assumptions, data and judgments for supervisors and internal audit.
- Regulatory and supervisory expectations for client‑level risk assessment under AMLR and future AMLA guidance.
- Distinguishing CRA from CDD/EDD steps, and how CRA results drive CDD/EDD depth, monitoring and escalations.
- Designing CRA models:
Risk factors (customer type, occupation/activity, ownership/control, geography, products/channels, behaviour). - Scoring approaches (additive, weighted, banded) and handling qualitative factors.
- Setting risk bands (e.g. low/medium/high/very high) and their implications.
- Handling special cases: PEPs, complex ownership, high‑risk third countries, crypto‑asset customers.
- Documentation standards: capturing rationale for risk ratings, overrides and high‑risk decisions in a way that withstands supervisory scrutiny
- Regulatory drivers for sanctions risk assessment: EU restrictive measures, AMLR requirements and EU/European supervisory guidance on sanctions.
- Components of a sanctions risk assessment: exposure to sanctioned persons/entities, countries, sectors, products, counterparties and supply chains.
- Assessing the effectiveness of sanctions governance, policies, screening tools, alert handling and escalation.
- Integrating sanctions risk into FWRA and CRA (including documenting sanctions‑related risk factors and controls).
- Example: high‑level sanctions risk assessment for a financial institution and a non‑financial obliged entity.
- Translating FWRA, CRA and sanctions risk assessment results into concrete control enhancements (policies, screening parameters, CDD/EDD standards, monitoring scenarios).
- Prioritising remediation: quick wins vs medium‑term projects; linking to budgets and project plans.
- Setting review cycles for FWRA, CRA models and sanctions risk assessment in light of regulatory developments (AMLA guidelines, EU guidance, new EU sanctions).
- Building a consolidated AML risk narrative and dashboard for senior management and the board.
- Workshop: participants outline a risk‑based action plan for their own organisation, based on FWRA/CRA/sanctions outputs.
- Recap of key decisions made in FWRA, CRA and sanctions risk assessment exercises during the course.
- Aligning the three assessments with the EU AML Single Rulebook course outcomes (governance, customer lifecycle, monitoring, documentation) and AMLD6 obligations on supervision and liability.
- Testing plausibility: peer review of sample FWRA/CRA/sanctions frameworks and challenge of weak assumptions.
- Individual consolidation: each participant drafts a short “risk assessment enhancement plan” summarising priority changes, timelines and stakeholders.
Meet the Trainer
Fees & Registration Details
FAQs – Frequently Asked Questions
The workshop focuses on Firm-Wide Risk Assessment (FWRA), Client Risk Assessment (CRA), and Sanctions Risk Assessment (SRA)—all required under AML laws and CySEC guidelines.
Participants learn to structure and document AML risk assessments using standard models, identify common regulatory weaknesses, and align risk findings with real monitoring and due diligence controls.
Yes. It is designed for both compliance experts and senior managers, with a step-by-step approach, real examples, group exercises, and practical templates ready for implementation.
You will be able to build and review FWRA, CRA, and SRA, design risk scoring systems, link assessments to AML policy, and prepare documentation that meets CySEC and supervisory standards.
Other Upcoming Courses
ERMIS Registration Required for HRDA-Subsidised Seminars
This seminar is eligible for HRDA subsidy, which means participation requires a valid ERMIS profile. If you don't have one yet, don't worry — simply complete the form below and our team will guide you through the registration process step by step after your submission.