Question 3 - Acams CKYCA Real Exam Questions [Jan 2026 Update]

Q: 3

A bank’s business team has developed a new strategy, which includes the introduction of prepaid cards as a new high-risk product offering. The compliance team has proposed to impose a monetary limit on each prepaid card and limit the offering to the existing customers of the bank only. Which best describes the risk impact of the controls proposed by the compliance team?

Options

Correct Answer:

Explanation

Inherent risk is the level of risk present before any controls are applied. The introduction of a high-risk product like prepaid cards establishes a high inherent risk. The measures proposed by the compliance team—imposing monetary limits and restricting the offering to existing customers—are risk mitigation controls. The purpose of such controls is to reduce the initial, inherent risk to a more acceptable level. The risk that remains after these controls are implemented is known as residual risk. Therefore, the direct impact of applying these effective controls is a decrease in residual risk.

Why Incorrect

A. Inherent risk will increase: Inherent risk is the baseline risk of the product itself, which is not increased by the application of controls; controls are meant to mitigate it.

C. Inherent risk will decrease: Controls do not change the inherent risk of a product. They are applied to the inherent risk to manage it, not to change its fundamental nature.

D. Residual risk will increase: This is the opposite of the intended effect. Effective controls are implemented specifically to reduce risk, causing the residual risk to decrease.

References

1. Financial Action Task Force (FATF). (2014). Guidance for a Risk-Based Approach for the Banking Sector. FATF

Paris

France.

Section 3

Paragraph 3.4

Page 16: "The RBA involves banks assessing the ML/TF risks they face and putting in place mitigation measures that correspond to those risks... The outcome of the risk assessment should be an understanding of the bank’s residual risk

i.e. the risk remaining after the application of risk mitigation measures." This source confirms that mitigation measures (controls) are applied to initial risks to determine the remaining (residual) risk.

2. Basel Committee on Banking Supervision. (2014). Sound Management of risks related to money laundering and financing of terrorism. Bank for International Settlements.

Annex 2

Paragraph 10

Page 21: "The first step in the ML/FT risk assessment is to identify the inherent risks... The second step is to assess the mitigating controls... The final step is to assess the residual risk

which is the risk that remains after the controls are taken into account." This document clearly outlines the process where controls are applied to inherent risk

resulting in residual risk. The application of controls is the step that reduces the risk from its inherent to its residual state.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE