Entire Section
AML 4 AML 4 Applying a Risk-Based Approach
Figure 1. The Risk-Based Approach (RBA)
Derived from RM117/2013 [VER9/07-13]AML 4.1 AML 4.1 The Risk-Based Approach
AML 4.1.1 AML 4.1.1
A
Relevant Person must:(a) assess and address its AML risks under this module by reviewing the risks to which the person is exposed as a result of the nature of its business, customers, products, services and any other matters which are relevant in the context of money laundering and then adopting a proportionate approach to mitigate those risks; and(b) ensure that, when undertaking any risk-based assessment for the purposes of complying with a requirement of this module, such assessment is:(i) objective and proportionate to the risks;(ii) based on reasonable grounds;(iii) properly documented; and(iv) reviewed and updated at appropriate intervals.Derived from RM117/2013 [VER9/07-13]
[Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]AML 4.1.1 Guidance
1. Rule 4.1.1 requires aRelevant Person to adopt an approach to AML which is proportionate to the risks. This is called the "risk-based approach" ("RBA") and is illustrated in figure 1 above. TheDFSA expects the RBA to be a key part of theRelevant Person's money laundering compliance culture and to cascade down from the senior management to the rest of the organisation. Embedding the RBA within its business allows aRelevant Person to make decisions and allocate AML resources in the most efficient and effective way.2. In implementing the RBA, aRelevant Person is expected to have in place processes to identify and assess money laundering risks. After the risk assessment, theRelevant Person is expected to monitor, manage and mitigate the risks in a way that is proportionate to the Relevant Person's exposure to those money laundering risks. The general principle is that where there are higher risks of money laundering, aRelevant Person is required to take enhanced measures to manage and mitigate those risks, and that, correspondingly, when the risks are lower, simplified measures are permitted.3. The RBA discourages a "tick-box" approach to AML. Instead aRelevant Person is required to assess relevant money laundering risks and adopt a proportionate response to such risks. The outcome of using the RBA is akin to using a sliding scale, where the type ofCDD undertaken on each customer will ultimately depend on the outcome of the risk-based assessment made of such customer under this chapter.4. The Rules regarding record-keeping for the purposes of this module are in section 14.4. These Rules apply in relation to Rule 4.1.1(b)(iii).Derived from RM117/2013 [VER9/07-13]
[Amended] DFSA RM196/2016 (Made 7th December 2016). [VER13/02-17]