ACAMS Today chatted with Donald Uhlmann, CAMS about the ACAMS Risk Assessment tool and the most pivotal components of a risk assessment process. Uhlmann is the product development manager for ACAMS Risk Assessment and has been with ACAMS for four and a half years. During his tenure at ACAMS, Uhlmann has been instrumental in helping the team deliver on the software as a service (SaaS) solution’s mission of helping institutions worldwide respond to their anti-money laundering (AML) regulatory requirements. In partnership with ACAMS’ lead subject-matter experts, he has been key in ensuring timely and consistent content that meets the guidance of global authoritative bodies and institution supervisors. In addition, within his role, Uhlmann helps drive future development of the ACAMS Risk Assessment tool and assists clients with their training needs, addressing their inquiries pertaining to the tool’s methodology and to their overall risk assessment process. He is especially excited about design thinking and user-centered design and enjoys the opportunity to help drive development of the product in a way that better serves clients and more effectively meets their needs with every update. Prior to joining ACAMS, Uhlmann worked in web and app development and marketing in the startup and real estate sectors and received a B.A. in political science from Yale University in 2013.
ACAMS Today: What does a typical workday look like for you?
Donald Uhlmann: One exciting aspect of being a part of the ACAMS Risk Assessment team is that we wear many hats, which means that my day-to-day can include reviewing new updates to the tool, conducting a training session for a new client, drafting content for our ACAMS Risk Assessment newsletter, assisting clients with questions regarding the tool’s functionality or the methodology behind the risk assessment, or taking part in team brainstorming sessions aimed at planning new feature updates to add to our product road map.
AT: How has the ACAMS Risk Assessment tool evolved throughout your tenure at ACAMS?
DU: One of the most crucial parts of our mission for ACAMS Risk Assessment is ensuring the tool meets global authoritative and regulatory guidance, which is ever-changing and, as such, requires a dynamic, ever-evolving solution. Throughout my time at ACAMS, I have seen a tool that by its nature must be comprehensive and suitable for use by institutions around the globe. It must also remain agile enough to give these same institutions the peace of mind of knowing they can obtain an accurate picture of their institution’s risk that will enable them to understand that risk and effectively explain it to their regulator.
As part of our efforts toward this task, we are continuously responding to recent global authoritative updates, such as the Financial Crime Enforcement Network’s (FinCEN) June 2021 anti-money laundering/counter-terrorist financing (AML/CTF) priorities, Financial Transactions and Reports Analysis Centre of Canada’s (FINTRAC) January 2021 “Risk Assessment Guidance,” COVID-19-related Financial Action Task Force (FATF) and FinCEN advisories, and the Wolfsberg Group’s June 2021 statement on “Demonstrating Effectiveness,” among others.
Major updates have included the addition of a sanctions program risk assessment and a sanctions quantity of risk module released earlier this year, as well as a suspicious activity risk assessment that allows institutions to look not just at the anti-money laundering (AML) risk associated with their products, but at suspicious activity risks and trends occurring within the institution.
AT: How does your team stay up to date with the constantly evolving anti-financial crime (AFC) guidance and regulations worldwide?
DU: Our team’s laser focus on supporting our users means that we must also be focused on the changing global regulatory landscape. The tool must provide the functionality for its users to produce an institutional AML risk assessment and the assurance that how we assist institutions in evaluating the effectiveness of their program and the risk assessment methodology follow the latest global authoritative standards.
To help accomplish this critical objective, we review the latest regulatory guidance from authoritative sources worldwide and determine if the guidance necessitates any updates to the tool’s content or methodology. Our strategy for success in this sense consists of 1) having a team tasked with keeping an ear to the ground and 2) constant communication with our users and frequent requests for feedback. By staying current and anticipating necessary changes to the tool, we can ensure that if an update needs to be made, our dedicated tech team can implement it as early and effectively as possible.
AT: Could you share some highlights of the ACAMS Risk Assessment tool?
DU: ACAMS first highlighted the need for a standardized risk assessment solution in 2011, after seeing a steady rise in enforcement actions and formal regulatory criticisms resulting from inadequate risk mitigation. From the start, the goal has been to enable financial institutions (FIs) to meet the requirements set by their supervisors and regulators by providing a standardized means of measuring, understanding and explaining their money laundering risks, regardless of the institution’s size, complexity or geographic location.
The SaaS solution tackles some of the most basic challenges faced by FIs pertaining to their risk assessments—namely, that manual spreadsheet-based risk assessments can be cumbersome, and proprietary AML risk assessment systems can be cost-prohibitive. A few of the many areas where the tool shines include the following:
- Automation and subject-matter expertise: The automation of processes and the provided methodology eliminate the need for institutions to create their own AML risk assessment and scoring methodologies across the institution’s main areas of risk and provide a holistic approach that incorporates a sanctions and suspicious activity program risk assessment methodology as well.
- Flexibility and scalability: The tool’s streamlining of the risk assessment process makes it effective for FIs ranging from small community banks and credit unions to global FIs.
AT: What are the most pivotal components to any risk assessment process?
DU: A thorough AML risk assessment should use a risk-based approach to assess the main risk areas: the products, services and delivery channels offered by the FI as well as the high-risk customer types and high-risk geographies with which it has relationships.
In addition to the assessment across the main risk areas institutions should use a methodology that meets ever-growing regulatory challenges and abides by global authoritative standards to ensure a sound control framework that adequately mitigates risk across the enterprise.
AT: When you are not working with risk assessment, what do you like to do in your spare time?
DU: My love of reading and hiking has been put on a slight hold by a growing family and a Florida residency, but the time I most cherish is spent with my beautiful wife and children. I am especially interested in studying design that promotes human flourishing and how this positive, meaningful and responsible design can be incorporated into the things we interact with every day to intentionally improve users’ well-being.
Interviewed by: Stephanie Trejos, CAMS, editor, ACAMS, TX, USA, firstname.lastname@example.org