Every money laundering reporting officer (MLRO) knows the pattern. A request goes out for financial crime risk assessment (FCRA) input. The business goes quiet. When responses eventually arrive, they are incomplete, controls are exaggerated, and problems are downplayed. Deadlines pass. Frustrations mount.
According to Arctic Intelligence, yet this cycle is not evidence of bad faith — it is a predictable consequence of competing demands, stretched teams and a fundamental misunderstanding of what the FCRA is actually for. Treating it as a solvable problem, rather than a character flaw within the business, is where meaningful change begins.
Arctic Intelligence recently discussed why business units resist Financial Crime Risk Assessments and how to bring them onside.
Front-line business units are operating under considerable strain. Customer expectations, revenue targets, staffing shortages, product roadmaps and a growing pile of regulatory obligations already crowd their attention.
In that context, an FCRA input request rarely registers as urgent. More often, it feels like an unwanted audit, opaque in its requirements, time-consuming in its demands and risky in its potential to surface weaknesses that could draw scrutiny. The resistance this triggers is as much emotional as it is logistical, and in some organisations it runs far deeper, rooted in culture and structure rather than individual reluctance.
Fear is a significant driver of that resistance. Business leaders who suspect that transparency will invite audit findings, regulatory attention or executive criticism may choose instead to underreport problems and overstate the strength of their controls. This is not malice, it is self-preservation. It reflects an organisational culture in which the FCRA has become a mechanism of judgement rather than a tool for improvement. The MLRO’s task is to dismantle that perception and reframe the assessment as something the business does with compliance, not something that is done to it.
Part of that challenge is linguistic. Risk professionals communicate in terms of inherent risk, control effectiveness, typologies and exposure. Business leaders think in terms of customer experience, revenue and operational efficiency. When those two vocabularies meet without translation, misunderstanding is almost guaranteed. The compliance function’s role is to bridge that gap — articulating risk concepts in operational terms and, equally, converting business constraints into risk considerations that the framework can accommodate. That two-way translation is where resistance begins to soften.
The shift from enforcement to partnership is equally important. When compliance is framed as a policing function, defensiveness intensifies. When it is positioned as a collaborative effort to protect and strengthen the organisation, the dynamic changes almost immediately. Genuine partnership means listening, acknowledging operational pressures, celebrating honesty rather than punishing it and committing to improvement rather than blame. When the business believes the FCRA exists to help rather than to catch them out, engagement follows.
Ambiguity compounds resistance. Shifting timelines, inconsistent scoring logic, unclear evidence requirements and unpredictable governance give business teams little reason to invest effort in a process they cannot plan around. MLROs who establish clear expectations, consistent methodology and transparent governance remove a significant source of anxiety. When teams understand exactly what is required and when, they are far more willing to engage — and engagement improves the quality of the output for everyone.
Underpinning all of this is psychological safety. The most effective MLROs understand that honest disclosure only happens when people feel safe to give it. Creating that safety is not a cultural nicety, it is an operational necessity. When business teams can acknowledge risks and control gaps without fearing punishment or judgement, the accuracy and depth of the FCRA improves dramatically. That environment is built through consistent behaviour: acknowledging constraints, inviting challenge, explaining context and valuing contribution. Without it, the FCRA becomes a performance rather than a genuine assessment.
Resistance to financial crime risk assessments is, ultimately, a symptom of cultural misalignment rather than a compliance failure in isolation. Where purpose and perception are at odds — where what the FCRA is meant to achieve collides with how it is experienced by the business, disengagement follows. MLROs who approach the process with clarity, empathy and genuine partnership can close that gap. When first-line teams feel invested in the outcome, they do not merely tolerate the FCRA. They become its most valuable contributors.
Read the full Arctic Intelligence post here.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
