Customer Risk Assessment
A form which is a part of the relationship review checklist. It answers questions templated by the organisation's customer risk assessment policies to obtain a risk classification for the customer relationship.
"A documented customer risk assessment is required for every customer, regardless of when the business relationship was established. Similarly, the regular reviews of CRA required by the Code also need to be recorded.
The purpose of conducting a risk assessment for each of a relevant person’s customers is to assist relevant persons to understand how a particular customer exposes them to ML/FT risk and enable them to apply their procedures appropriately to that customer in order to effectively mitigate the ML/FT risk that customer poses. Relevant persons should seek to obtain a holistic view of the business relationship/occasional transaction. This will require gathering enough information, including enhanced CDD where appropriate, to be satisfied that they have identified all relevant risk factors (including those listed in the Code) for assessment and mitigation. It is prudent for relevant persons to start from a position of higher risk and mitigate risk factors accordingly as the CRA is undertaken. "
The Handbook 2023 Section 2.2.9
Anatomy
When a customer risk assessment is started, the most appropriate customer risk assessment policy in the context of the relationship is chosen. This informs what questions the risk assessment will ask. Some organisations may only have one policy, or may have many for use in different contexts.
Once the customer risk assessment policy is chosen, it is used as a template for the risk assessment questions, which team members can then fill out.
The customer risk assessment presents a list of questions, each with a list of possible answers and the corresponding risk level for each answer. There is also a free-text justification for each question and the decision made. At the end of the risk assessment there is an opportunity to leave additional comments and a risk classification to summarise the customer risk assessment.
Relevant Legislation/Guidance
Also refer to The Handbook 2023 section 2.2.9
Last updated