Less Water, More Purpose: Wolfsberg’s Second Act

The Wolfsberg Group has released the full two-part update to its Market Standard Approach to Payment Transparency and it’s a notable break from tradition.

While the Group’s past guidance largely focused on satisfying regulatory expectations, the updated approach leans into outcomes-based thinking, data-driven decisions, and a sharp pivot toward innovation and materiality in managing correspondent banking risks.

This newsletter unpacks the two key documents now in circulation:

• Part I: The foundational statement outlining the principles. Source.

• Part II: The new “Transitioning to Innovation” guidance. You may think of it as a tactical roadmap for implementation. Source.

Let’s dive in.

What’s Happening?

The outlined framework is Wolfsberg’s vision for a more risk-intelligent, innovation-friendly compliance model for correspondent banking, particularly as it relates to AML/CFT.

The key shift?

Instead of enforcing rigid standards or “tick-the-box” controls, Wolfsberg advocates for an approach grounded in:

• Material risk: Resources should be allocated based on actual, not hypothetical, risk.

• Measurable outcomes: Effectiveness should be evidenced by impact, not effort.

• Innovation enablement: New technologies such as AI and blockchain analytics, should be used, not feared.

Part I: The Six Core Outcomes

The framework identifies six outcomes that financial institutions should aim to deliver. In other words, what does a successful risk management framework look like?

1. Identifying and Understanding Customer Risk
   Risk assessments must be dynamic and contextual as opposed to static templates.

2. Detecting and Managing Risk Indicators
   Go beyond rule-matching: leverage pattern detection, analytics, and root cause analysis.

3. Responding to Identified Risks
   Actions should be proportionate, fast, and informed by escalation logic.

4. Sharing Information
   Internally and externally, including with law enforcement and industry forums.

5. Evaluating Program Effectiveness
   Use data, feedback loops, and independent review as opposed to audit checklists.

6. Embedding a Risk-Conscious Culture
   Governance, tone from the top, training, and empowerment all matter.

The message is clear: less focus on how many alerts were closed, more focus on whether they mattered.

Part II: Implementation Roadmap

The second part of the release gives the implementation roadmap:

• How to operationalize outcomes

  Mapping outcomes to internal controls, risk assessments, and governance.

• The role of experimentation

  Encouraging test-and-learn approaches within risk appetite.

• Embracing technology

  Institutions should build compliance stacks that enable tech adoption.

One particularly useful section is a maturity model that allows firms to assess where they stand on the journey from legacy compliance to intelligent design. It asks not, “Are you compliant?” but rather, “Are you effective?”

It Takes Two to Tango

The document targets not just the financial institutions, but also the regulators.

Wolfsberg encourages competent authorities to:

• Accept diversity in controls if outcomes are demonstrably effective.

• Tolerate measured risk-taking in the name of innovation.

• Participate in building shared typologies and cross-institution intelligence.

It feels like the document encourages the supervisory conversation to shift from “what did you do?” to “what did you solve?”, and reframes compliance as statecraft, not just reporting.

Final Thought: Compliance That Works

For years, compliance has operated on a binary: comply or don’t.

Wolfsberg Group introduces a third axis, posing the question: “Does it work?”

By centering materiality, effectiveness, and innovation, Wolfsberg is giving banks the permission (and the pressure) to rebuild their AML programs with intelligence, not inertia.

In an industry where risk evolves faster than rules, this isn’t just welcome.

It’s essential.

Thanks for reading,
Alexey