Assessing and Managing Risks

16 free CySEC AML Chapter 5 flashcards. Tap a card to flip, or use the arrow keys to move through the deck.

Card 1 of 16Risk-based approach
1 / 16

Tap the card to flip · use ← → arrow keys to navigate

All 16 cards in this deck

Risk-based approach

What does the risk-based approach require?
Effort proportionate to the nature and size of the firm, concentrating controls and resources where ML/TF risk is highest.
Which authority leads AML/CFT coordination and the Risk Factors Guidelines from 1 January 2020?
The EBA (European Banking Authority).

Risk assessment

What are the two steps of assessing ML/TF risk?
First identify the risks the firm is exposed to, then assess their level — both are needed.
How current must the firm's risk assessment be?
Updated and under ongoing review — risk is not static, so controls must keep fitting the actual level of ML/TF risk.

Risk factors

What are the four categories of AML risk factor?
Customer, country/geography, product/service/transaction, and delivery channel.

Risk levels

What are the three standard risk levels and their CDD responses?
High (EDD + enhanced monitoring), medium/normal (standard CDD under Article 61(1)), and low (SDD).

Mandatory high risk

Which situations are mandatorily high-risk by law?
A PEP customer or beneficial owner, and dealings involving a high-risk third country — EDD applies regardless of the firm's own score.

SDD / EDD

Does simplified due diligence remove CDD?
No — SDD adjusts the amount, timing or type of CDD to fit low risk, but never removes it entirely.

Delivery channel

What is the main driver of delivery-channel risk?
Distance — non-face-to-face onboarding, and the use of introducers or intermediaries.

Record-keeping

What is the baseline record-retention period, and how far can it extend?
5 years after the end of the relationship or occasional transaction, extendable by up to a further 5 years (10 total) where justified for ML/TF purposes.

Monitoring

Which article requires ongoing transaction monitoring?
Article 61(1)(d) of the AML/CFT Law.

Weighting

What makes a risk-weighting methodology sound?
No single factor disproportionately dominates, profit must not influence the rating, and the model must always be capable of producing a high-risk result.

Geography

Which geographies are higher-risk?
Sanctioned countries, those with strategic AML/CFT deficiencies, significant corruption, or terrorist links.

Records access

When must records be produced to the Unit or Supervisory Authority?
Upon request and without delay.

EDD

Is EDD a replacement for regular CDD?
No — EDD is always applied in addition to normal CDD, never as a substitute.

Customer risk

On what does customer risk turn?
The customer's activity, reputation, and nature/behaviour — for example demands for unnecessary secrecy or unexplained wealth raise risk.
← Chapter 5 guide & exam weightMore CySEC AML decks →