Assessing risks associated with clients and matters is enforced by Regulation 28(12) and (13) of the MLR 2017 and are a legal obligation in force since 26 June 2017.

Regulations 28(12) and 28(13) obligate the firm to take measures to evaluate the potential money laundering and terrorist financing risks associated with specific customers (or ‘clients’) and matters.

This entails conducting a thorough written assessment of both client and matter risks in the form of a Client-Matter Risk Assessment (CMRA).

The client risk assessment should aim to identify and evaluate the risks posed by individual clients, while the matter risk assessment should focus on the unique risk factors presented by a particular matter, distinct from those already identified for the client.

These assessments serve to comprehend laundering and terrorist financing risks, aiding in decision-making processes such as whether to accept the client, the extent of CDD required, and any additional measures necessary to mitigate identified risks.

Additionally, your firm’s CMRA plays a crucial role in determining the level and frequency of ongoing monitoring essential for maintaining compliance, as stipulated in Regulation 28(11) of the MLR.

This monitoring entails scrutinising transactions throughout the duration of a business relationship, including verifying the source of funds when deemed necessary.

Failure to conduct proper risk assessments could potentially expose your firm to exploitation by criminals as well as fines if they are not conducted correctly.