Risk Assessment

AML Risk Assessment. The Foundation of Compliance

How to conduct an AML/CTF risk assessment. Learn the AUSTRAC framework for identifying and assessing ML/TF risks.

Contact Sales View Program Guide

Why risk assessment matters

According to AUSTRAC, identifying and assessing your ML/TF risk is the first thing you must do β€” it determines what measures you need in your AML/CTF program.

Assessing the ML/TF risk your business faces enables you to develop an AML/CTF program with appropriate measures to protect your business from being exploited by criminals.

Four elements of risk

πŸ‘₯

Customer Types

Assess risk based on your customer profiles, especially PEPs.

πŸ“¦

Products & Services

Evaluate the designated services you provide.

πŸ”—

Delivery Channels

How you deliver services (face-to-face, online, etc.).

🌐

Foreign Jurisdictions

Countries you operate in or do business with.

Risk Assessment Process

1

Identify Risks

Consider customer types, services, channels, and jurisdictions

2

Assess & Rank

Measure each service as low, medium or high risk

3

Document Controls

Set out how you minimise and manage each risk level

4

Review & Update

Regularly review when business or risks change

AUSTRAC Resources

To stay up to date with new guidance on emerging ML/TF risks, AUSTRAC recommends subscribing to InBrief notifications, checking their guidance updates page regularly, and reviewing international FATF guidance.

Frequently asked questions

What is an ML/TF risk assessment?

A money laundering and terrorism financing risk assessment identifies and evaluates the ML/TF risks your business faces, enabling you to develop appropriate controls in your AML/CTF program.

Why is risk assessment important?

According to AUSTRAC, it's the first thing you must do because it determines what measures you need in your AML/CTF program. It enables you to protect your business from being exploited by criminals.

How do I rank risks?

You must measure the level of risk for every designated service you provide and rank each as low, medium or high risk. Your program should set out how you manage each level.

How often should I update it?

You must review your risk assessment regularly and update it when there are changes to your business, customers, or external ML/TF risks.

Related resources

AML/CTF Program β†’ Customer Due Diligence β†’ Ongoing Monitoring β†’

Risk-based CDD

ARCaml helps you apply appropriate due diligence based on customer risk.

Contact Sales Learn about ARCaml