google-icon
Trusted by Fintechs & Financial Institutions

Risk Assessment

You can't build an effective compliance program without first understanding where your risks actually are. Pillars FinCrime Advisory conducts thorough, practical risk assessments that give fintechs and financial institutions a clear picture of their financial crime exposure, the strength of their existing controls, and exactly where they need to focus their compliance resources to manage risk most effectively.
Fractional Compliance Services

What a Thorough Financial Crime Risk Assessment Covers

A risk assessment is only useful if it's honest, thorough, and actually reflects how your business operates. Here's what Pillars evaluates when assessing your organization's financial crime risk.

Business Model & Product Risk

We evaluate the inherent financial crime risk in your products, services, and business model. Different products carry different risk profiles and your compliance program needs to reflect that reality accurately.

Customer & Geographic Risk

We assess the risk profile of your customer base including customer types, geographic exposure, and transaction behaviors, giving you a clear picture of where your highest-risk relationships are concentrated.

Control Effectiveness Review

Having controls in place is one thing. Having controls that actually work is another. We evaluate how effective your existing controls are at mitigating the risks your organization faces and identify where the gaps are.

Residual Risk Determination

We assess the residual risk that remains after your controls are applied, helping you understand where your program is managing risk effectively and where additional controls or resources are needed.

Risk Assessment Documentation

We deliver a clear, well-documented risk assessment that satisfies regulatory expectations, supports your compliance program decisions, and gives bank partners evidence that your organization understands and manages its risk thoughtfully.

Periodic Risk Assessment Updates

Your risk profile changes as your business evolves. We help you build a cadence of regular risk assessment updates so your program always reflects your current risk exposure rather than where your organization was when the last assessment was done.

Know Your Risk Before It Knows You

A Compliance Program Built on Assumptions Is a Program Built to Fail

Most compliance programs are built with good intentions but without a clear, honest picture of where the actual risk lives. A risk assessment changes that. It gives you the foundation your entire compliance program should be built on — a documented, evidence-based understanding of your exposure, your controls, and the gaps between them. Pillars conducts risk assessments that are thorough, practical, and built to satisfy both regulatory expectations and the real operational needs of your organization.

risk-assessment
What's Included

What Pillars Evaluates in Every Risk Assessment

A meaningful risk assessment goes well beyond checking boxes. Here are the core areas Pillars examines to give you a complete and honest picture of your financial crime risk exposure.

Inherent Risk Evaluation
We assess the baseline financial crime risk present in your business before any controls are applied, looking at your products, services, customers, delivery channels, and geographic exposure.
Control Effectiveness
We evaluate how well your existing controls actually mitigate your inherent risk. Having controls on paper is not the same as having controls that work and we make that distinction clearly.
Residual Risk Analysis
We determine what risk remains after your controls are applied, giving you a clear, prioritized view of where your program needs strengthening and where resources should be focused.
Documented Assessment Output
We deliver a well-structured, regulator-ready risk assessment document that supports your compliance program decisions and demonstrates to examiners and bank partners that your organization understands its risk.

A Risk Assessment Is Only as Good as the Person Conducting It

Risk assessments done poorly give organizations false confidence. Pillars makes sure yours gives you a genuinely accurate picture of where you stand.

Joshua Douglas has conducted and reviewed financial crime risk assessments across fintechs, payments companies, and financial institutions of varying sizes and complexity. He knows what a thorough risk assessment looks like, what regulators expect to see in one, and how to identify the risks that organizations most commonly underestimate or overlook entirely. When Pillars conducts your risk assessment, we're not filling in a template. We're studying how your business actually operates, what your customers look like, where your transactions flow, and what your controls are really doing. The result is a risk assessment that reflects reality, supports smart compliance decisions, and holds up when a regulator or bank partner asks to see it.
12+ Years
Risk Assessment Experience
Business First
Built Around How You Operate
Regulator Ready
Documented to Withstand Scrutiny
Client Impact

Built for the Challenges Fintechs Actually Face

From first-time compliance builds to regulatory remediation and bank partner readiness — see how Pillars FinCrime Advisory helps organizations move forward with confidence, clarity, and programs that hold up under scrutiny.

Pillars helped us navigate a complex regulatory review with confidence. Their hands-on approach and deep understanding of fintech compliance made all the difference. Our program is now scalable and audit-ready.

JD

James Donovan

Chief Compliance Officer

The fractional CCO service provided exactly what we needed—senior-level expertise without the overhead. Joshua and his team integrated seamlessly with our operations and gave us the strategic guidance to grow safely.

SW

Sarah Wagner

Head of Risk

From transaction monitoring optimization to KYC redesign, Pillars delivered measurable improvements. Alert quality is up, operational friction is down, and we're better prepared for regulatory exams.

MT

Michael Thompson

VP, Compliance Operations

Pillars helped us navigate a complex regulatory review with confidence. Their hands-on approach and deep understanding of fintech compliance made all the difference. Our program is now scalable and audit-ready.

JD

James Donovan

Chief Compliance Officer

The fractional CCO service provided exactly what we needed—senior-level expertise without the overhead. Joshua and his team integrated seamlessly with our operations and gave us the strategic guidance to grow safely.

SW

Sarah Wagner

Head of Risk

From transaction monitoring optimization to KYC redesign, Pillars delivered measurable improvements. Alert quality is up, operational friction is down, and we're better prepared for regulatory exams.

MT

Michael Thompson

VP, Compliance Operations

Frequently Asked Questions

What is a financial crime risk assessment and why do we need one?
A financial crime risk assessment is a structured evaluation of your organization's exposure to money laundering, fraud, and other financial crime risks. It looks at your products, customers, geographies, delivery channels, and the controls you have in place to manage those risks. Regulators require it because it's the foundation of a risk-based compliance program. Without a current, accurate risk assessment, your compliance program is essentially guessing at what it needs to address.
How often should a risk assessment be updated?
Most regulators and industry guidance recommend updating your risk assessment at least annually and whenever significant changes occur in your business. That includes launching new products, entering new markets, onboarding new customer segments, or experiencing meaningful changes in your transaction volume or patterns. A risk assessment that's two or three years old and hasn't been updated is unlikely to accurately reflect your current exposure and that's exactly the kind of gap examiners look for.
What's the difference between an inherent risk and a residual risk?
Inherent risk is the level of financial crime risk your organization faces before any controls are applied. It's essentially the raw exposure that comes from your business model, customers, and operations. Residual risk is what remains after your controls are factored in. A well-run compliance program should have controls strong enough to bring residual risk down to an acceptable level. If your residual risk is still high after controls are applied, that tells you something important about where your program needs more work.
Can Pillars help us if we've never had a formal risk assessment before?
Absolutely. Many organizations, particularly early-stage fintechs, have never gone through a formal risk assessment process. We start from scratch with you, walking through your business model, your customer base, your products, and your current controls to build a risk assessment that accurately reflects where you are today. Having a documented, well-structured risk assessment in place is one of the most important foundational steps you can take for your compliance program and it's a great place to start the relationship with Pillars.

Who We Work With

Pillars FinCrime Advisory partners with a range of organizations across the financial services ecosystem — from early-stage startups to established institutions managing complex compliance demands.

Houston, Texas

Headquarters

United States

Remote & On-Site Engagements

Founded 2025

By Joshua Douglas

Fintechs

Payments Companies

Sponsor Banks

Financial Institutions

Why Pillars
Why Organizations Trust Pillars to Assess Their Risk
We Don't Miss What Others Do
Joshua Douglas has reviewed enough compliance programs to know where organizations consistently underestimate their risk. We look at the areas most assessments gloss over and make sure your risk picture is complete and accurate.
Built to Satisfy Regulators
We know what regulators and bank partners expect a risk assessment to look like. Every assessment Pillars delivers is structured, well-documented, and ready to be examined without requiring last-minute revisions.
We Tell You What to Do Next
A risk assessment without clear next steps is just a document. Pillars delivers actionable findings that tell you exactly where your program needs attention and how to address what we find.
Ready to Strengthen Your Financial Crime Program?
Let's discuss your compliance needs today
Reach out to Joshua Douglas and the Pillars team at 281-825-1603 or pillarsfincrimeadvisory@gmail.com . Whether you're launching a new product, preparing for regulatory review, or scaling your compliance program—we're here to help.
Headquarters: Houston, Texas (Serving clients nationwide)
Contact Us Today