Financial Crime World

Classification of Customers: A Key Factor in Determining Simplified or Enhanced Customer Due Diligence Measures

In an effort to combat money laundering and terrorist financing, financial institutions are required to assess the risk posed by their customers and implement appropriate due diligence measures. The Swedish Financial Supervisory Authority (Finansinspektionen) has recently issued regulations on customer classification, providing guidance on when simplified or enhanced measures may be applied.

Risk Assessment of Customers

The new Act contains provisions on customer risk assessment and lists situations that could indicate a low or high risk. These factors can be used to classify customers and inform the overall assessment of their risk profile. The European Banking Authority (EBA), European Securities and Markets Authority (ESMA), and European Insurance and Occupational Pensions Authority (EIOPA) are currently developing common guidelines on risk factors, which will provide further guidance on this topic.

Factors that Indicate Low or High Risk

  • Situations that could indicate a low risk:
    • Simple products and services
    • No international transactions
    • No complex relationships
  • Situations that could indicate a high risk:
    • Complex products and services
    • International transactions
    • Complex relationships

Exceptions to Documented Risk Assessment

Finansinspektionen has been authorized to issue regulations on exceptions to the requirement for a documented risk assessment. However, the authority has chosen not to do so at present, citing ongoing work in the EBA, ESMA, and EIOPA. The possibility of exceptions should be used when the risks of money laundering and terrorist financing are obvious and well-known.

Procedures and Policies

Financial institutions are required to have internal procedures and policies in place to prevent money laundering and terrorist financing. These procedures should cover:

  • The group’s overarching policies
  • How information can be shared within the organization
  • Risk assessment processes
  • Due diligence measures

Determining the Scope of a Risk Assessment

The Swedish Financial Supervisory Authority has emphasized that the scope of a risk assessment should be determined by: + Size and type of undertaking + Risks associated with its activities

This means that a risk assessment for a small business with uncomplicated products may be less extensive than one for a larger organization with complex products and services.

Classification of Customers: A Key Factor

In conclusion, the classification of customers is a crucial factor in determining whether simplified or enhanced customer due diligence measures should be applied. Financial institutions must assess the risk posed by their customers and implement appropriate procedures to mitigate and manage these risks effectively.