Drafting a Business Risk Assessment

The lecture will focus on the drafting and conducting of a Business Risk Assessment. It will focus on matters such as the analysis of the SNRA and the NRA and how these results can be compared with BRA results. Furthermore, an analysis of the ML/FT Risks will be made together with mitigation measures of such risks. The statistical data that is expected to be in the BRA shall also be discussed in detail. Furthermore, the session will go through the understanding of likelihood and how this is derived from the statistical data. The session will explain the inherent risk calculation process and the definitions required in the BRA. The full process of how to analyse the residual risk of the business will be discussed and explained in detail.

The session is ideal for MLROs, Directors of Subject Persons, Risk Officers and Compliance Officers.

The Speaker

John Mark Caruana is one of the co-founders of Radix Compliance Ltd, a local company specialising in AML & GDPR consultancy and outsourcing services. John has over 13 years of experience within various industries, including funds, FX, investments, CSPs and Audit. John holds a B.Com (Hons) degree in Banking & Finance and a Masters of Science in Banking & Finance, both awarded by the University of Malta. He is also a Certified Information Privacy Professional (Europe) and a Certified Information Privacy Manager (CIPM) as recognised by the International Association of Privacy Professionals. John is also a member of the Malta Association of Compliance Officers (MACO). John occupies positions of MLRO, Data Protection Officer and Compliance Director within tax, accounting and gaming industries. He also lectures on AML & GDPR related topics at the University of Malta and other local institutions.