Written by Chidinma Okpara: Project Officer, Regulatory Engagement, NNNGO


Risk assessment; a process of evaluating potential risks, is often tailored round a projected activity as a way to define an estimate of risk related to the known threat. Over the years, Nigeria, like many African countries, has become a significant center for financial crime. This is essentially due to lack of proper checks and balances within the socio-economic purview, weak laws, weaker implementations of the laws already on ground and general lack of attention being paid to the movement of money especially within the third sector; terrorist organizations and corrupt officials therefore take advantage of the situation to launder money through not-for profit organizations and for the most part, get away with it.

The requirement to perform a National Risk Assessment stemmed from the 40 Recommendations on International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation handed down by the Financial Action Task Force’s (FATF), issued in 2012 and subsequently revised in 2016. The FATF is an intergovernmental body established in 1989It is the global body that sets the standards for combating money laundering and terrorist financing as well as other related threats to the integrity of the international financial system.


The National Risk Assessment began in the wake of the revision of the FATF recommendations which was done in 2012, recommending that countries identify, assess and understand the level of risks their countries face in terms of money laundering and terrorist financing. It mandated the need for specific actions to be taken in order to assess and ultimately mitigate these risks in their locales. Before it was officially reviewed and amended in 2016, the FATF Recommendation characterized Non-Governmental Organizations (NGOs) as being particularly vulnerable to terrorists abuse and this impacted the operation of civil society organizations greatly as laws which restricted the free operations of NGOs were then implemented. The revision however helped in gauging the effectiveness of the stringent laws, bringing to light the areas where implementation could be enhanced to mitigate the high risk of terrorist abuse within the sector.


Since inception, assessments have been done via mutual evaluations that are conducted with the country and representatives of the FATF or regional standard setter. It is to ensure that measures which are intended to be put in place to combat and ultimately mitigate the of risks of money laundering and terrorist financing within a country, sector or an organization are proportionate with the level of risks identified; anywhere there is movement of money: Financially-Based Organizations (FBO) as well as Designated Non-Financial Institutions (DNFI) which received sponsorship from various sources; NPOs are a part of , there is a perceived threat and the aim is to prevent criminals from using the financial system to move ill-gotten funds.


The Nigerian Financial Intelligence Unit (NFIU) has established a unit responsible for conducting thematic strategic analysis with a view to identifying money laundering and terrorism financing trends and typologies prevalent in the country. In this capacity, the NFIU relies mainly on the intelligence generated by itself and has not systemically benefited from other information in particular cases investigated by law enforcement agencies which were not triggered by NFIU. To date the NFIU has published one typology report on terrorist financing.


Organizations would demonstrate that the issues which predispose them to risks or amplify their level of vulnerability are taken into consideration; adequate measures to strengthen their structures and mitigate these risks are thought through and implemented. It is important to note however that even in all of these, risk is a dynamic and amorphous concept as it is inherently difficult to describe or measure in quantifiable terms; areas which were not initially considered to be vulnerable could pop up as the weak link if the mitigated measures are not carried out to safeguard the organization or sector as a whole therefore a risk assessment will involve making judgments about these perceived issues to achieve it intended goal.