Main
>
Legal Framework
>
4.2. Business Risk Assessment by Relevant Persons
FINANCIAL SERVICES LEGISLATION
RULES
ANTI-MONEY LAUNDERING AND COUNTER-TERRORIST FINANCING AND SANCTIONS RULES
Figure 1 – The Risk Based Approach
Figure 2 – Customer Risk Assessment
Entire Act

4.2. Business Risk Assessment by Relevant Persons

4.2.1. Risk factors to be considered for business risk assessment

In carrying out a business risk assessment as required under AML 4.1.1 a Relevant Person must take into account risk factors including:

  • (a) its customers;
  • (b) the countries or geographic areas in which it operates;
  • (c) its products or services;
  • (d) its transactions;
  • (e) its delivery mechanisms, channels and partners;
  • (f) the development of new products and new business practices, including new delivery mechanisms, channels and partners; and
  • (g) the use of new or developing technologies for both new and pre-existing products.

4.2.2. Use of the business risk assessment

A Relevant Person must use the information obtained from its business risk assessment to:

  1. (a) develop and maintain the policies, procedures, systems and controls required by AML 4.1.1;
  2. (b) ensure that its policies, procedures, systems and controls adequately mitigate the risks identified;
  3. (c) assess the effectiveness of its policies, procedures, systems and controls ;
  4. (d) assist in allocation and prioritisation of AML resources; and
  5. (e) assist in the carrying out of customer risk assessments under Chapter 5.