Operating the boundary system: A case study of Anti-Money Laundering risk management in a bank

This paper examines the role of boundary systems in operational risk management. The paper is based on a case study of a large Scandinavian bank for which effective Anti-Money Laundering (AML) is a regulatory requirement. Relying on interviews as the primary data source, the study demonstrates how the management control system develops over time in response to regulatory intervention. While the literature has previously accentuated the role of interactive and diagnostic systems in strategic risk management, this study demonstrates the importance of boundary systems in operational risk management. Establishing a separate diagnostic system for AML reporting was ineffective and so was embedding AML in the interactive budgeting system. Instead, establishing AML as a boundary system that delineates rules to be followed rather than opportunities to be sought counterbalances the beliefs systems in decentralised organisations, where effective AML is a prerequisite licence to operate and engage with strategic risks. This paper is one of the first to unravel how boundary systems can be established and operated as part of a management control system. The case study is not only relevant to the banking sector but practitioners in other settings may also consider how boundary systems can ensure effective operational risk management.