Maestro-Solutions for

AML Risk Assessment

Identifying your AML risks and matching them to controls is the first step to robust AML defenses.


The underlying cause of most AML failures is the failure to identify the very risks themselves.

AML controls have to be designed and implemented in response to the AML risks. If a firm fails to identify an AML risk then it won’t design and implement a control to address the risk, plain and simple. Therefore, performing a comprehensive AML Risk Assessment is the first, and greatest, step a firm can take in building robust AML defences.


GRC-Maestro helps ensure firms ensure they have undertaken a through AML Risk Assessment. We have codified the AML Risk Assessment process which helps firms design the optimal approach to defining their distinct business areas by AML risk profile.

After determining the child level AML Risk Assessment, the firm can load each relevant AML Inherent Risks into GRC-Maestro and assign a risk frequency and severity level. AML Controls for each AML Risk are identified and entered into GRC-Maestro, resulting in a Residual Risk Rating.

AML Risk Identification

Formally identify the various AML Risks across your firm based on products/services, customers/clients and geographic factors.
Knowing your firm’s risks is the critical first step to designing and implementing robust defences.

AML Risk Assessment

Each AML Risk identified needs to be assessed in terms of the potential event frequency and resulting business impact.

AML Risk Controls

Every AML Risk should have one or more controls.
The greater the AML Risk Assessment the more robust the controls need to be.

Review and Update

Firms need to update their AML Risk Assessment on an ad-hoc basis, as new risks emerge, along with a periodic comprehensive review and update.


Prove Compliance – Evidence your Governance, Risk & Compliance (GRC)

Automate GRC – Run manual checks and processes automatically

Low Cost – Quick and easy to use + low pricing