Skip to main content Skip to navigation

State of Financial Crime 2023 Report

How To Prioritize Risk During Customer Onboarding

AML Compliance Knowledge & Training

Customer onboarding is any financial institution’s first line of defense when tackling money laundering and financial crime. Before providing access to their services, firms must legally vet new clients for money laundering, terrorist financing, and sanctions evasion. As a result, organizations invest billions of dollars in building and deploying anti-money laundering and counter-terrorist financing (AML/CFT) processes at onboarding.

Part 1 of The Compliance Team’s Guide to Customer Onboarding discusses best practices for identifying, prioritizing, and mitigating risk during this preliminary stage. These crucial steps form the foundation for any successful compliance program, so teams should regularly refresh their knowledge and test their program against the fundamentals. 

Implementing a risk-based approach

Since not all risk is created equal, compliance staff should be careful not to treat all threats with the same urgency and importance. Instead, firms should implement a risk-based approach (RBA) to deploy systems and risk management protocols that are flexible enough to devise an effective, proportionate response to different levels of risk. 

This process encompasses recognizing the existence of relevant threats, undertaking an assessment of the risks, and developing control strategies to mitigate and monitor them. In doing so, firms can improve compliance and lower the function’s overall cost by reducing the need for intervention where the threats are less severe. 

How to rate risk

At the time of onboarding, compliance staff also need to figure out what level of risk any given client or transaction presents. As part of a firm’s RBA, a risk-scoring approach can be employed to identify four levels of risk that directly impact the decision of whether to accept the new client and what level of due diligence to apply.

Identifying levels of risk

Organizations typically set out their tolerance for certain customer types in their risk appetite statement, taking into account all elements of financial crime, including bribery and corruption, AML, and sanctions legislation. 

Risk ratings are usually derived as a composite of the three main types of risk: Client, Geography, and Product. To ensure the customer type is correctly classified, many organizations use recognized Standard Industrial Classification Codes (SIC) published by authorities in their jurisdiction. Some clients can be deemed high-risk depending on factors such as the customer’s industry and their residential status. Similarly, firms may rate jurisdictions for risk based on publications from the Financial Action Task Force (FATF). Each product or service also carries a different level of risk. For example, private banking and correspondent banking are considered a higher risk, as transactions may be confidential and attempt to mask ownership.

Uncover more risk management best practices throughout each section of The Compliance Team’s Guide to Customer Onboarding, including:

  • How to determine what level of due diligence is appropriate for different customers
  • The importance of understanding ultimate beneficial ownership (UBO) structures
  • How to report potentially suspicious behavior
  • What training is required to equip new onboarding team members properly

After reviewing all five sections of the training, test your knowledge with a questionnaire and receive a completion certificate you can share with your LinkedIn network.

Compliance’s Critical Role

Learn more about how to effectively prioritize risk in Part 1 of The Compliance Team’s Guide to Customer Onboarding.

Read Part 1

Originally published 05 December 2022, updated 05 December 2022

Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.

Copyright © 2023 IVXS UK Limited (trading as ComplyAdvantage).