Customer Risk Categorization
‘Customer risk’ in the present context refers to the money laundering risk associated with a particular customer from a bank’s perspective. This risk is based on the risk perceptions associated with the parameters comprising a customer’s profile, and the risk associated with the product and channel being used by him.
For effective implementation of KYC, anti-money laundering (AML) and combating of financing of terrorism (CFT) measures, Risk Categorization of customers along with compilation, periodic updation of customer profile and monitoring in accounts by banks are very important. Bank becomes vulnerable to operational risk in case there is a weakness in the KYC/AML process. The main goal of risk management is to avoid unfavorable surprises. A list of identified risks is required for this. Risks are grouped under a common area which provides a structured & systematic approach for identifying risks.
The risk to the customer shall be assigned on the following basis:
i. Low Risk (Level I)
Individuals (other than High Net Worth) and entities whose identities and sources of wealth can
be easily identified and transactions in whose accounts by and large conform to the known profile
may be categorized as low risk. Examples of low-risk customers may be salaried
employees whose salary structures are well defined, individuals from the lower economic strata of
the income level whose accounts show minimal balances and low turnover, Government Departments and Government-owned companies, regulators and statutory bodies etc. In such instances, only the basic needs of verifying the identity and location of the customer can be met.
ii. Medium Risk (Level II)
Customers that are likely to pose a higher than average risk to the bank may be categorized as
medium or high risk depending on customer’s background, nature and location of activity, country
of origin, sources of funds and his client profile etc; such as:
a) Persons in business/industry or trading activity where the area of his residence or place of
business has a scope or history of unlawful trading/business activity.
b) Where the client profile of the person/s opening the account, according to the perception of
the branch is uncertain and/or doubtful/dubious.
iii. High Risk (Level III)
The branches may apply enhanced due diligence measures based on the risk assessment, thereby
requiring intensive ‘due diligence’ for higher risk customers, especially those for whom the
sources of funds are not clear. The examples of customers requiring higher due diligence may
include
a) Non Resident Customers,
b) High Net worth individuals
c) Trusts, charities, NGOs and organizations receiving donations,
d) Companies having close family shareholding or beneficial ownership
e) Firms with ‘sleeping partners’
f) Politically Exposed Persons (PEPs) of foreign origin
g) Non-face to face customers, and
h) Those with dubious reputation as per public information available, etc.
The persons requiring a very high level of monitoring may be categorized as Level IV.