Risk scoring



Risk evaluation is a key component of an AML and risk policy. It is a standardized measure of risk across all customers. Best practices in managing a risk scoring model include easy-to-understand risk rules that can handle a broad set of data inputs as well as dynamic risk scores that are constantly refreshed.

Risk score

A risk score is a number that represents the risk of a case. It is high when the underlying entity looks risky to deal with and low when it looks safe.

A risk score comes from evaluating a case against your risk matrix. Your risk matrix is made of rules. Each rule is associated with a weight. A rule assesses a risk factor (information within the case) with conditions. When the result of this condition is true, the total risk score is increased by an amount equal to the weight associated with the rule.

Similarly to building your workflow, you can build your own risk assessment rules. Rules are created using a simplified coding language. They can use tasks' results, default case data fields, and custom fields.

For example:

ifthen(any(application.persons, x => is_pep(x)), Add(1))

The computing of the risk score is continuously refreshed across all cases. It means it is continuously updated and instantly reflects any changes to the underlying data of a case.


Create your own approach to risk management

Risk scores are a critical tool to improve the efficiency and accuracy of onboarding processes.

Manual adjustment

Sometimes, risk needs a little human intervention. To account for the unpredictable factors, the risk score can be manually adjusted with positive or negative increments.

Risk level

The risk level is an appreciation of the risk of a case towards the simple and classic nomenclature:

  • High risk
  • Medium risk
  • Low risk

In opposite to the risk score that is very detailed and precise, the risk level can be used to have broad and rapid appreciation of the risk of a case. In Ondorse, it can be used to:

The risk level is set automatically according to your risk score matrix and any other parameters useable in the rules engine . A typical risk level setup would look like this:

- high risk: risk score >= 200 OR cases has sanctioned directors
- medium risk: risk score >= 150 AND < 200
- low risk: risk score < 150

What’s Next