Introducer Risk Assessment

A form on an entity that answers questions templated by the organisation's introducer risk assessment policy to obtain a risk classification for the entity. This is utilised by the introducer section of a relationship checklist when the entity is linked as an introducer.

Storing an introducer in this way is referred to by the regulator's guidance as a "centralised introducer risk assessment file". Alternatively, organisations are free to make a second customer risk assessment policy including additional introducer-related questions, completing the introducer risk assessment as part of the customer risk assessment.

"How a relevant person chooses to document and organise the additional elements of the broader CRA should be determined on a case-by-case basis. In some cases, it may be appropriate for the additional elements to be documented as part of the relevant CRA. Alternatively, for example where an introducer has introduced several customers, relevant persons may find it more helpful to have a centralised introducer risk assessment file which is linked to the relevant customer files."

The Handbook 2023 Section 2.2.10.2


Relevant Legislation/Guidance

The Code 2019 - 9 Introduced business

(1) This paragraph applies where a customer is introduced to a relevant person by a person who provides elements of the customer due diligence (the “introducer”).

(2) The relevant person must comply with —

(a) this paragraph; and

(b) paragraph 8 or 11 (whichever is applicable).

(3) The relevant person must carry out a customer risk assessment in accordance with paragraph 6 and sub-paragraph (4).

(4) The risk assessment must include and take into account —

(a) a risk assessment of the introducer;

(b) whether the introducer has met the customer;

(c) whether any elements of customer due diligence provided by the introducer have been obtained by the introducer — (i) directly from the customer; or (ii) from any third parties; and

(d) if sub-paragraph (4)(c)(ii) applies, indicate — (i) how many third parties were involved in the process; (ii) who those third parties were; (iii) whether any of those third parties have met the customer; (iv) whether any third party is a trusted person; and (v) whether in the case of any third parties located outside of the Island, they are located in a List C jurisdiction.

(5) If the risk assessment indicates higher risk, the relevant person must undertake enhanced customer due diligence on the customer in accordance with paragraph 15 including, taking reasonable measures to establish the source of wealth of the customer and any beneficial owner of the customer.

(6) If more than one third party located outside of the Island is involved in the process, as specified in sub-paragraph (4), sub-paragraph (7) applies.

(7) Without limiting paragraph 8 or 11 (whichever is applicable), the relevant person must verify the identity of the customer using reliable, independent source documents, data or information obtained, either —

(a) directly from the customer;

(b) from the introducer, but only if the introducer has obtained such evidence of verification of identity — (i) directly from the customer; (ii) directly from a third party who has met the customer; or (b) directly from a third party who has met the customer.

(8) The relevant person must be satisfied that —

(a) any elements of customer due diligence information provided by the introducer conform to the requirements of this Code;

(b) any document, data or information used to verify the identity of the customer conform to the requirements of this Code; and

(c) there is no reason to doubt the veracity of the documents, data or information produced to verify the identity of the customer.

(9) If the relevant person cannot be satisfied as to the identity of the customer in accordance with the relevant provisions of this Code —

(a) the business relationship or occasional transaction must proceed no further;

(b) the relevant person must consider terminating that business relationship; and

(c) the relevant person must consider making an internal disclosure.

(10) For the purposes of this paragraph, a third party “involved in the process” does not include a third party in the same group as —

(a) the relevant person; or

(b) the introducer, provided that the third party is a trusted person.

(11) For the avoidance of doubt, if further elements of customer due diligence other than evidence of verification of identity are obtained by the relevant person under sub-paragraph (7) then this should be reflected in the customer risk assessment carried out in accordance with paragraph 6 and sub-paragraph (4).

Also refer to The Handbook 2023 section 2.2.10

Last updated