Risk-Based Approach – Guidance for Money Service Businesses

Risk-Based Approach – Guidance for Money Service Businesses - July 2009 Customer circumstances are as described in paragraph 111 above.Monitoring of Customers and Transactions119. The degree and nature of monitoring by a MSB will depend on the size of the MSB, theAML/CFT risks that the business has, the monitoring method being utilised (manual, automated or somecombination), and the type of activity under scrutiny. In applying a risk-based approach to monitoring,MSBs and their regulatory supervisors must recognize that not all transactions, accounts or customers willbe monitored in the same way. The degree of monitoring will be based on the perceived risks associatedwith the customer, the products or services being used by the customer, the location of the customer andthe nature of the transactions. Monitoring methodologies and processes also need to take into account theresources of the MSB. For example smaller MSBs need not implement technologically sophisticatedtransactions monitoring systems, so long as the methods utilised to conduct monitoring adequately reflectthe risk of the MSBs‟s business.120. The principal aim of monitoring in a risk-based system is to respond to enterprise-wide issuesbased on each MSB‟s analysis of its major risks. Regulatory authorities should, therefore, be mindful ofand give due weight to the determinations made by MSBs, provided that these determinations areconsistent with any legislative or regulatory requirements, and are reasonable and adequately documented.121. Monitoring under a risk-based approach allows a MSB to create monetary or other thresholds todetermine which activities will be reviewed. Defined situations or thresholds used for this purpose shouldbe reviewed on a regular basis to determine their adequacy for the risk levels established. MSBs shouldalso assess the adequacy and integrity of any systems and processes on a periodic basis. The results of themonitoring should be documented, either systematically or manually (or a combination) in order to create acomprehensive audit trail, and maintained according to applicable recordkeeping requirements.122. National law should provide that for all wire transfers of EUR/USD 1 000 or more, thebeneficiary institution should adopt an effective risk-based approach procedure for identifying andhandling wire transfers that are not accompanied by full originator information. The lack of full originatorinformation may be considered as a factor in assessing whether a wire transfer or related transactions aresuspicious and, as appropriate, whether they are thus required to be reported to the financial intelligenceunit or another competent authority.Suspicious Transaction Reporting123. The reporting of suspicious transactions or activity is critical to a country‟s ability to utilizefinancial information to combat ML/TF and other financial crimes. Countries‟ reporting regimes are laiddown in national law, requiring institutions to file reports when the level of suspicion is reached.124. When a suspicious transaction report must be made, a risk-based approach is not applicable.However, challenges arise for those MSBs located in multiple jurisdictions. In order to avoid regulatorysanctions, careful attention should be given to proper format, timely filing, and applicable record keepingrequirements, since jurisdictional requirements may vary.125. A risk-based approach is, however, appropriate for the purpose of identifying suspicious activity,for example, by directing additional resources to those areas a MSB has identified as higher risk, such ascertain products or services or agents or certain patterns of transaction activity. As part of a risk-basedapproach, it is also likely that a MSB will utilize information provided by competent authorities to informits approach for identifying suspicious activity. A MSB should also periodically assess the adequacy andintegrity of its system for identifying and reporting suspicious transactions. The decisions for reporting or© 2009 FATF/OECD - 37