Risk Based Approach

The approach you take to due diligence should reflect the level of risk that your firm faces. Whether that’s in relation to your customers, the services or products that you provide, or the jurisdiction that you work in.

By identifying these risks, they can then be mitigated by implementing adequate and proportionate policies and procedures. Having these in place provides a certain level of protection in investigations regarding money laundering.

The initial step to determining your risk based approach is to identify the potential risks when establishing a business relationship with your customers, or providing a one-off transaction.   The following table provides key areas that should be reviewed and considered :

Area Consideration
Customer Type of customer

Nature of relationship

Location of the customer

Political Exposure

Product/service Nature of the product/service

Risk of use for money laundering

Delivery method Location of product/service delivery

Risk of use of money laundering

Once the potential risks to your firm have been established, it’s unlikely your customers and services will pose the same level of risk, so you won’t necessarily need to know all of your customers equally. Many firms will create three levels of due diligence: simplified, standard, and enhanced. The level of identified risk will determine how much due diligence is required. Any due diligence completed should be in line with your policies and procedures, and should be documented for future reference.