%20(2).png)
FAQs - AML Risk & Risk Assessments
What is a Risk Assessment?
A Risk Assessment is your firm’s formal review of how likely it is that your services or clients could be used for money laundering, terrorism financing or proliferation financing.
It looks at things like the types of clients you have, how you deliver your services, and whether any part of your practice works with higher-risk jurisdictions.
It also needs to look at the types of designated services you offer and take into account any new or emerging technologies related to the services you offer.
If you have any plans to change the types of clients you have, how you deliver your services, the countries that you operate in or the designated services you offer, this must also be assessed.
Why do I need an AML Risk Assessment?
Under the upcoming AUSTRAC reforms (and existing AML/CTF law) you must know how you understand and manage your money-laundering/terrorism-financing/proliferation financing risks.
It also helps you build your AML/CTF Program (the documented procedures your firm will follow) in a way that is tailored to your business, instead of a generic “one size fits all” approach.
How often should I review my AML Risk Assessment?
You should review it regularly and update it when there are changes in your firm, your services, your clients or your operating environment.
If you introduce a new service, expand into a new jurisdiction, start working with new types of clients (for example higher risk ones) you should revisit the assessment.
It also needs to be updated when information is communicated by AUSTRAC that identifies or assesses ML/TF risks related to your designated services.
What is a Risk-Based Approach?
A Risk-Based Approach means you apply your compliance efforts based on the level of risk each client, service or transaction presents, i.e., you don’t treat everything as if it’s the same risk.
It means you focus your resources where the risks are highest (for example enhanced checks for higher risk clients) and simpler measures where the risk is low.
What are “red flags” in AML/CTF?
“Red flags” are warning signs or indicators that something could be off or that your client or transaction might carry a higher risk of money laundering or terrorism financing.
Examples include: a client who won’t explain where their funds came from, one who insists on unusual or anonymous ways of dealing, or a transaction that doesn’t match the client’s normal business.