2.1.2 Identifying and Assessing the Risks Associated with Specific Customers
Effective from 15/8/2021The LFI should assess the risk of each customer to identify those that require EDD and to support its entity risk assessment. As discussed in Part I section 3 above, the regulatory environment and illicit finance risks in the jurisdictions in which they do business, the products and services they provide and its customer base, are critical determinants of a hawala provider's inherent risk. In assessing the risks of a hawala provider customer, LFIs should consider:
| i. | Controls Risk: LFIs should seek to understand the regulatory requirements in place for the customer, as well as how well they are enforced. The regulatory requirements placed on hawala providers vary markedly across jurisdictions. | |
| ii. | Geographic Risk: The risks associated with the jurisdictions in which the provider lives (for individuals) or is registered/established (for legal persons) and where it operates, including the jurisdictions where its main counterparties are based and where it has subsidiaries. | |
| iii. | Product, Service, and Delivery Channel Risk: LFIs should assess risk in this category on two dimensions: | |
| a. | The products and services that the hawala provider offers to its customers, and | |
| b. | The delivery channels through which it offers these products and services. | |
| Products, services, and delivery channels that promote the rapid, anonymous transfer of high values are particularly attractive to illicit actors. | ||
| iv. | Customer Risks: For hawala provider customers, customer risk can be assessed as the proportion of higher-risk customer types (e.g. politically exposed persons, legal persons, and customers from high-risk jurisdictions) within the provider's customer base. | |
Questions that an LFI may ask to determine the risk profile of a hawala provider customer include, but are not limited to:
| • | Where is the provider incorporated? Where does it operate? Are these high-risk jurisdictions? | |||||
| • | What products and services does the provider offer its customers? | |||||
| • | What volume of transactions does the provider carry out? | |||||
| • | What customer base does the provider serve? | |||||
| • | What is the regulatory environment in the jurisdiction(s) where the provider is incorporated/has operations? | |||||
| • | Is there an authority that actively enforces the requirements? | |||||
| • | Does the provider perform appropriate CDD, transaction monitoring, record keeping, and sanctions screening? | |||||
| • | Does the provider intend to use its account to execute transactions on behalf of its customers? | |||||
In addition to risk rating hawala providers, LFIs should also consider the risks of specific transactions, especially high-value transactions, those involving high-risk jurisdictions, and those that represent departures from a customer's standard or expected behaviour.