What we found in our 2022/23 AML monitoring reviews
We raise this finding if there is no evidence of a client risk assessment on at least one of our sampled client files. Some of the firms in this bracket will have performed a client risk assessment on some of their clients but not all. Some of the firms will have relied on electronic CDD software but misunderstood the scope of the software – relying on it for all three phases of CDD when it is only a verification tool.
Why is it important?
The MLR17 requires all supervised firms to perform a risk assessment of each client that considers those risks identified in their firm-wide risk assessment. The client risk assessment will direct the amount and type of information firms need to obtain to confirm the identity of the client and to mitigate any apparent risks. The risk assessment is important because it will identify when firms should perform enhanced due diligence on high-risk clients, or where they can perform simplified due diligence on low-risk clients.
Resources to support compliance
Read the report
Read our 2022/23 anti-money laundering supervision report for more detail on the results of our monitoring reviews.
Download