AML 4 AML 4 Applying a Risk-Based Approach
Figure 1. The Risk-Based Approach (RBA)Derived from RM117/2013 [VER9/07-13]
AML 4.1 AML 4.1 The Risk-Based Approach
AML 4.1.1 AML 4.1.1
Relevant Personmust:(a) assess and address its AML risks under this module by reviewing the risks to which the person is exposed as a result of the nature of its business, customers, products, services and any other matters which are relevant in the context of money laundering and then adopting a proportionate approach to mitigate those risks; and(b) ensure that, when undertaking any risk-based assessment for the purposes of complying with a requirement of this module, such assessment is:(i) objective and proportionate to the risks;(ii) based on reasonable grounds;(iii) properly documented; and(iv) reviewed and updated at appropriate intervals.
AML 4.1.1 Guidance1. Rule 4.1.1 requires a
Relevant Personto adopt an approach to AML which is proportionate to the risks. This is called the "risk-based approach" ("RBA") and is illustrated in figure 1 above. The DFSAexpects the RBA to be a key part of the Relevant Person'smoney laundering compliance culture and to cascade down from the senior management to the rest of the organisation. Embedding the RBA within its business allows a Relevant Personto make decisions and allocate AML resources in the most efficient and effective way.2. In implementing the RBA, a Relevant Personis expected to have in place processes to identify and assess money laundering risks. After the risk assessment, the Relevant Personis expected to monitor, manage and mitigate the risks in a way that is proportionate to the Relevant Person's exposure to those money laundering risks. The general principle is that where there are higher risks of money laundering, a Relevant Personis required to take enhanced measures to manage and mitigate those risks, and that, correspondingly, when the risks are lower, simplified measures are permitted.3. The RBA discourages a "tick-box" approach to AML. Instead a Relevant Personis required to assess relevant money laundering risks and adopt a proportionate response to such risks. The outcome of using the RBA is akin to using a sliding scale, where the type of CDDundertaken on each customer will ultimately depend on the outcome of the risk-based assessment made of such customer under this chapter.4. The Rules regarding record-keeping for the purposes of this module are in section 14.4. These Rules apply in relation to Rule 4.1.1(b)(iii).