Customer Risk Rating Guideline
Q1 2025 - Risk Assessment Framework
Lan’s Enterprise Limited Training Program
Training Objectives
What you’ll learn today:
- Understand the risk-based approach (RBA) to AML/CFT compliance
- Identify key risk factors in customer assessment
- Apply the customer risk rating framework
- Recognize high, medium, and low risk indicators
- Implement ongoing monitoring and risk reassessment
The Risk-Based Approach
Two Pillars of AML/CFT Compliance
Holistic Risk Assessment
- Business-wide risk evaluation
- Product, service, and channel analysis
Targeted Risk Assessment
- Individual customer evaluation
- Transaction-specific monitoring
Regulatory Framework
Key Legislative Requirements
- AML/CFT Act 2009: Risk-based approach (Section 58)
- Customer Due Diligence: Standard, Simplified, or Enhanced CDD
- Ongoing Monitoring: Transactions must align with risk profile (Section 31)
- Requirements and Compliance Regulations 2011: Risk factors and EDD scenarios
Risk Rating Framework
Six Key Risk Factors
- Channel - How customer interacts with us
- Geography - Location and jurisdictional risks
- Products - Services used by customer
- Customer - Profile and business structure
- Transaction - Payment patterns and behavior
- External Risks - Sanctions, PEPs, adverse media
Channel Risk Assessment
- Face-to-face identity verification
- Direct document review
- Greater control and oversight
- Challenges in verifying identity
- Enhanced verification methods required
- Biometric checks and certified documents
Channel Risk Assessment (2)
Referrals (Varied Risk)
- Risk depends on referrer reliability
- Regulated sources: lower risk
- Unregulated sources: higher risk
- Independent validation essential
Key Considerations
- Complexity of interaction
- Cross-border involvement
- Record retention requirements
Geographic Risk
Risk Classification
High Risk: Direct ties to high-risk jurisdictions or cross-border transactions with minimal transparency
Medium Risk: Limited connections to higher-risk regions or developing regulatory frameworks
Low Risk: Strong regulatory environments with low corruption indices
Geographic Risk Factors
Key Considerations
- Jurisdictional Risk: FATF high-risk list, sanctioned countries
- Transactional Geography: Cross-border and international transactions
- Customer Nexus: Residential, business location, dual nationality
- Offshore Entities: Tax havens and secrecy jurisdictions
- Geopolitical Factors: Conflict zones, embargoed countries
Product and Service Risks
Foreign Exchange Services
- High volume transactions may indicate layering
- Cross-border transfers to high-risk jurisdictions
- Anonymous cash transactions
Crowdfunding Services
- Anonymity of contributors
- Geographic linkages to high-risk areas
- Political, charity, or development campaigns
Product and Service Risks (2)
Financial Adviser Services
- Complexity of structured investments
- Source of funds/wealth verification
- High-net-worth individuals and PEPs
- Cross-border investments
Shared Risk Factors
- Minimal reporting requirements
- Unexplained customer behavior
- Weaker AML/CFT jurisdiction oversight
Customer Risk Factors
High-Risk Customer Types
- Trusts or personal asset holding vehicles
- Non-residents from insufficient AML/CFT countries
- Nominee shareholders or bearer shares
- Politically Exposed Persons (PEPs)
- Complex ownership structures
- Charities in conflict zones
Customer Risk Factors (2)
High-Risk Industries
- Cash-intensive businesses (bars, restaurants, laundromats)
- Real estate and construction
- Gambling and gaming
- Virtual assets and cryptocurrency
- Import/export operations
Income and Source Assessment
- Disproportionately high income
- Unexplained wealth sources
- Sudden income pattern changes
Customer Behavior Analysis
High-Risk Behaviors
- Reluctance to provide information
- Complex ownership structures
- Use of intermediaries
- Unusual transaction sizes/frequencies
- Cross-border transactions to high-risk jurisdictions
- Large deposits without clear purpose
Transaction Risk Assessment
General Transaction Factors
Type of Transactions
- Cash: Higher risk (anonymity)
- Checks: Lower risk (traceable)
- Wire Transfers: Risk varies by jurisdiction
Volume and Frequency
- Unusually high volumes
- Inconsistent with customer profile
Wire Transfer Risks
Critical Risk Indicators
- Origination/Destination: High-risk jurisdictions, tax havens
- Intermediary Banks: Multiple banks obscure fund origins
- Beneficial Ownership: Lack of transparency
- Purpose: No clear economic justification
- Structuring: Repeated transfers below thresholds
- Rapid Movement: Funds through multiple accounts
External High Risks
Sanctions Risk
- Customer on sanctions lists (OFAC, UN, EU)
- Transactions with sanctioned jurisdictions
- Business sectors vulnerable to sanctions
- Dual-use goods (chemicals, technologies, aerospace)
Mitigation: Regular sanctions screening, EDD for high-risk sectors
External High Risks (2)
Politically Exposed Persons (PEPs)
- Prominent public position holders
- Immediate family and close associates
- Domestic or foreign PEPs
- Unexplained wealth inconsistent with income
Mitigation: Identification, screening, EDD on fund legitimacy
External High Risks (3)
- Links to illegal activities or corruption
- Multiple credible source mentions
- Connections to known criminals
Complex Legal Structures
- Layers of ownership
- Shell companies
- Lack of beneficial ownership transparency
Risk Rating Model
Three-Tier Classification
High Risk: ECDD Required
- Trusts, non-residents from FATF list countries
- Nominee structures, PEPs
- Complex transactions over NZ$500,000
- High-risk industries (gambling, cryptocurrency)
Risk Rating Model (2)
Medium Risk Level
- Non-face-to-face customers
- Multi-layer ownership structures
- Annual volume NZ$150K-$1M (individuals)
- Annual volume NZ$500K-$2M (entities)
- Third-party payments
- Medium-high jurisdiction transfers
- Cash-intensive businesses
Risk Rating Model (3)
Low Risk Level
- Face-to-face customers
- Visited residential/business address
- NZ/AU residents below NZ$150K annually
- NZ/AU companies below NZ$500K annually
- Retirees below NZ$150K annually
- Students (tuition and living costs)
- Whitelist customers
Ongoing Risk Management
Dynamic Risk Rating
Annual Screening
- Sanctions lists
- PEP status
- Adverse media
Risk Rating Adjustments
- Multiple criteria: highest risk applies
- Risk evolves over time
- Both dealers and compliance can adjust ratings
- All changes systematically recorded
Due Diligence Levels
Risk-Based CDD Requirements
Standard CDD: Default for most customers
Simplified CDD: Low-risk customers (government agencies, publicly listed companies)
Enhanced CDD: Mandatory for high-risk scenarios
- PEPs, nominees, trusts
- High-risk jurisdictions
- Complex structures obscuring ownership
Key Takeaways
Remember These Points
Risk-Based Approach is Central
- Focus on risks and mitigation measures
- Two pillars: holistic and targeted assessment
Six Key Risk Factors
- Channel, Geography, Products, Customer, Transaction, External Risks
Dynamic Risk Management
- Ongoing monitoring and reassessment
- Highest risk criteria determines overall rating
Key Takeaways (2)
Critical Actions
Enhanced Due Diligence for High Risk
- PEPs, complex structures, high-risk jurisdictions
- Transaction volumes over thresholds
Documentation and Monitoring
- Maintain clear audit trails
- Regular screening (sanctions, PEPs, adverse media)
- File SARs for unusual or high-risk activity
- AML Compliance Team: aml@gmfinance.co.nz
- Emergency Hotline: +64 09-309-8808
- Training Program: Lan’s Enterprise Limited
Questions?
Thank You
Stay Vigilant, Stay Compliant