The Financial Action Task Force (FATF) recommendations and the Anti-Money Laundering Act (AMLA) require a risk-based approach. In the following, we discuss some basic aspects of risk-based approaches.


A risk-based approach is an approach that takes risk into account. Risk is related to the impact of possible events and their probability. From a simplified point of view, risk can be defined as:

Risk Based Approach3

Assessment of risks allows resources to be allocated in the most efficient way such that the greatest risks receive the highest attention. It is crucial to distinguish between necessary and sufficient risk factors.

If a necessary risk is low, the overall risk is also. For instance, in avalanche risk, the steepness of the slope to be traversed and the danger lever of the avalanche bulletin are necessary risk factors. Traversing a horizontal plane is safe, even when the danger level of the avalanche bulletin is high.

Examples of necessary risk factors

Risk Based Approach

In contrast to necessary factors, a sufficient risk factor implies a risk independent of other factors. For instance, a ski tour should be cancelled if extreme weather conditions are expected independent of the avalanche risk. Similary, a cancellation is advisable in the case of a high avalanche risk, even when weather conditions are excellent. In this example, weather conditions and avalanche risk are sufficient risk factors.

Examples of sufficient risk factors

Risk Based Approach2

Complete Revision of the Federal Data Protection Act

Complete Revision of the Federal Data Protection Act: „As of 15th September 2017, draft and report for a completely revised Federal Data Protection Act is public. In a first step parliament and the people agreed to adaptations in order to be compliant with EU law. The second part of the revision is debated by the parliament since September 2019. Data Protection is to be increased by giving people more control over their private data as well as reinforcing transparency regarding the handling of confidential data.”


Eurospider Information Technology AG
Winterthurerstrasse 92
8006 Zürich


Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
More information Ok Decline