376 Views

Australia’s Tranche 2 AML reforms are fast approaching, set to extend regulatory obligations to Designated Non-Financial Businesses and Professions (DNFBPs) such as lawyers, accountants, real estate agents, and trust and company service providers. As these sectors prepare for the new requirements, building a robust, risk-based AML/CTF program is essential for effective compliance and long-term resilience.

What is a Risk-Based Approach (RBA)?

At its core, a risk-based approach means identifying, assessing, and managing the money laundering and terrorism financing risks based on the unique characteristics of each customer or transaction. It recognises that not all customers or transactions carry the same level of risk and that a one-size-fits-all approach is neither practical nor efficient. Instead, institutions are encouraged to focus their efforts where the risks are highest, applying more intensive measures to high-risk areas and less strict controls in lower-risk situations.

aml-programme

Key Components of the Risk-Based Approach

To implement a robust RBA, regulated entities must perform thorough risk assessments. These assessments consider several key factors, including:

Customer Risk

This involves evaluating the risk associated with the customer and their beneficial owners. Some of the key elements to assess include:

  • Business or Professional Activity: Certain businesses or professions are inherently riskier than others. For example, industries with high levels of cash transactions or complex financial operations may pose greater risks.
  • PEP/Background Checks: Perform necessary screening checks to determine whether the customer is a Politically Exposed Person (PEP) or has links to a PEP. Additionally, conduct checks to understand the background, knowledge, and experience of the customer or the individuals involved in performing specific activities.
  • Reputation: Screen the customer against adverse media to identify any past behavior that could pose a risk. A history of involvement in financial crimes or associations with criminal entities is a significant red flag.
  • Nature and Behaviour: A customer’s behavior, including how they conduct transactions or manage their account, can provide important risk indicators. Unusual patterns of activity, frequent changes in account details, or attempts to obscure the origin of funds may signal a higher risk.
  • Sanctions Screening: Ensure that the customer is not subject to international sanctions by screening against relevant sanctions lists. This includes lists maintained by bodies such as the United Nations, the European Union, and the Office of Foreign Assets Control (OFAC). Customers or beneficial owners found on these lists are considered high-risk and may require enhanced due diligence or could be prohibited from conducting business altogether.

free-pep-check

Geographical or Country Risk

The jurisdictions where the customer or their beneficial owners are based or do business can significantly impact the level of risk. Factors to consider include:

  • Customer Location: Countries with weak AML controls or those identified by international bodies (e.g., FATF) as high-risk jurisdictions should be given additional scrutiny.
  • Business Operations: If the customer’s business is based in or linked to high-risk countries, the likelihood of exposure to ML/TF increases.
  • Personal or Business Links: Customers who have financial or legal interests in high-risk countries or have close connections to entities in these jurisdictions may also be at higher risk.

sanctions-check

Product, Service, and Transaction Risk

Different financial products and services carry different levels of risk. Some of the factors to evaluate include:

  • Transparency: The degree to which a product or transaction is transparent plays a key role. Products with complex structures or limited transparency, such as private equity investments or offshore accounts, are often considered higher risk.
  • Complexity: Highly complex financial transactions, such as those involving multiple layers of intermediaries or jurisdictions, can obscure the true purpose of the transaction and increase risk.
  • Value and Size: Large transactions or those with unusual patterns may require enhanced scrutiny, especially when the size does not match the customer’s known financial profile.

Delivery Channel Risk

How a business relationship is conducted, especially the use of intermediaries or non-face-to-face methods, can also increase risk. Key considerations include:

  • Non-Face-to-Face Transactions: When a customer relationship is conducted remotely, without in-person interaction, the risk of impersonation or misrepresentation of information increases. Use advanced ID verification methods.
  • Use of Introducers: If intermediaries or introducers are used, the nature of their relationship with the customer and their reputation should be carefully evaluated.

Why Start Now?

Although Tranche 2 reforms are still being finalised, starting early gives your business time to prepare without the pressure of tight deadlines. Early adopters will be better positioned to build trust with clients, regulators, and partners, and reduce the cost of last-minute compliance efforts.

contact-us