1. Defining a Risk Policy
A Risk Policy should be based on a number of criteria, or pillars, on which risk is assessed. For example, in some jurisdictions the pillars include Customer details and Jurisdiction, the type of Service required, and the Intermediary or Delivery Channel.
The technical requirements to assist in defining a risk policy include having a centralised customer database containing all the information required to be able to determine and monitor risk. This information should include structure charts to be able to identify shareholding and ultimate beneficial owners, access to information related to country risk, and information about the client from external sources to be able to identify PEPs, sanction checks and adverse media.
2. Stratify Clients by Risk
The client’s profile together with the company’s risk policy will help the company stratify customers into strata of different risk levels based on objective criteria without any human bias. Technology can also help here to react to changes in client profile and risk policy.
3. Enforce checks based on risk
This step includes tools and approaches for enhanced due diligence including frequently reviewing risk assessments, further checks and checklists, and requesting additional or updated documentation.
4. Reporting to Authorities
Probably the most important part of the process, this includes the possibility of being prepared for ad-hoc visits, questionnaires and annual reporting.
5. Ongoing Risk Assessments and Ongoing Monitoring
1) ongoing risk assessments that mimic changes to individuals, entities and the company risk policy. 2) ongoing monitoring of the client base against third party sanction, PEP and adverse media lists, through integration with third-party tools.
3) Transaction monitoring, through the integration into third-party systems, which is applicable to some industries more than others.
InScope is a comprehensive and secure tool for all your AML and KYC needs which puts you in control through an end-to-end automated system, providing you with a 360-degree view of the customer. It also ensures that you are covered for any challenges arising from the AML and KYC process.