This paper presents a theoretical model and algorithms for calculating the security risks for planning active counteractions in transaction processing under security threats. It is a part of an integrated cybersecurity framework, which combines AI-based planning of active counteractions with Machine Learning for the detection of security threats during transaction processing. The risk assessment is based on the optimal strategy for decision making which minimizes the security risks in controlled transactions modeled as Partially Observable Markov Decision Process (POMDP). By statistical reduction, this model is converted into a Markov Decision Process (MDP) with full information so that the algorithm for calculating the risks can use the standard dynamic programming. Although developed primarily for applications in fintech industry, this framework can be adapted to a wide range of business process workflows that incorporate both synchronous operations and asynchronous events caused by human errors, technical faults, or external interventions.