Customer Risk Assessment Policies
Last updated
Last updated
Customer Risk Assessment Policies are effectively templates for your Customer Risk Assessment. They pre-define the questions your team will ask in a customer risk assessment, and the risk classification associated with each answer.
You can choose to make many different Customer Risk Assessment Policies, for instance an organisation may choose to have one for each different type of customer. When it comes time to do a Customer Risk Assessment, you can pick which policy is the right one for that particular relationship.
An organisation can have many customer risk assessment policy forms.
They are each presented as a table with a list of questions which can be added, reordered or deleted. Each question has a corresponding list of possible options as answers with a corresponding risk level. As many or as few questions and options can be added as required. Each question also has a corresponding justification.
In Proofdesk when customer risk assessment policies are reviewed, they can be assigned a "next review date". This keeps your team informed about which procedures are up for review when the time comes.
"Relevant persons must establish, record, operate and maintain procedures and controls for conducting risk assessment reviews so as to ensure their risk assessments remain up to date and relevant in every case.
Risk assessments must be reviewed periodically, but in order to ensure the relevant person can manage and mitigate its ML/FT risks, risk assessments should also be reviewed when circumstances change or relevant new threats or technologies emerge."
The Handbook 2023 Section 2.2.6
Also refer to The Handbook 2023 section 2.1 through 2.2