It is essential to have a risk management system that enables deterrence, detection, and prevention. Deter, this means deterring the wrong type of clients from opening accounts or commencing a relationship with the firm. Think about that for a moment. Once upon a time, every potential new client was the right client if they were a good revenue prospect. But this is not the case anymore. Deter means denying service to potential clients if they present financial crime risks that exceed the firm's risk appetite. Practically, this can involve prohibiting relationships with clients in certain business sectors, such as gaming and gambling or arms dealing. Detect. This means having a system to detect unusual and suspicious transactions, such as a transaction monitoring system that flags the unusual for a human to review. Increasingly, AI is being used to improve detection capabilities. Prevent. This means preventing the bad guys from using the firm's products and services to launder dirty money. It is the overall objective, even if the bad guys have been able to evade deterrence and detection.