Today, the scope of compliance with laws and regulations (compliance) goes beyond the rules and guidelines governing the organization and includes other duties such as technical standards, methods, code of ethics, and social and environmental responsibilities. Compliance risk or the risk caused by not complying with the above tasks can lead to serious financial, regulatory, legal consequences and damage to the good reputation of the organization and should be identified, evaluated and controlled by compliance management procedures. On the other hand, the emergence of new technologies leads to modern trade and business practices and as a result, regulations have become more complicated, for this purpose, a risk-based approach with the aim of allocating funds to more risky cases can be a way forward. This article, while explaining the role of compliance risk management and then reviewing the methods adopted to assess compliance risk by other authorities and large auditing and financial consulting companies, presents a model for the purpose of assessing compliance risk in financial institutions. The proposed method is designed according to the definitions of compliance risk management in the documents of the International Organization for Standardization (ISO) and the characteristics of this risk. In the presented model, while paying attention to the inherent risk of not complying with the requirements and its possible consequences, the remaining risk is evaluated based on measuring the effectiveness of the risk reduction strategies.