Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Elements of Customer Risk: Profiles and Relationships


Customer risk rating is an integral part of the customer due diligence process, yet it can be a difficult tool to implement. The risk tolerance of the organization, what products are used, what data is available and the weighting of each risk factor are just some of the variables that need to be considered to determine whether the overall aggregate score is considered high-, medium- or low- risk.

In Part 1 of this webinar series, Laurie Kelly, CAMS will discuss her experience with calculating risk ratings and things that every financial institution should consider.

Viewers will learn about the objectives and fundamentals of customer risk scoring, as well as a logical way to categorize types of risks. She will then review various risk factors to consider when assessing customer risk from a demographic/profile and relationships perspective.

Finally, Laurie will explore separately individual and business/commercial customers risk factors but with a greater focus on business customers, which have more nuanced and complex risk considerations.

About Alessa, a CaseWare RCM product:
Alessa is a financial crime detection, prevention and management solution offered by CaseWare RCM Inc. With deployments in more than 20 countries in banking, insurance, FinTech, gaming, manufacturing, retail and more, Alessa is the only platform organizations need to identify high-risk activities and stay ahead of compliance. To learn more about how Alessa can help your organization ensure compliance, detect complex fraud schemes, and prevent waste, abuse and misuse, visit us at

Connect with us online:
Visit the Alessa WEBSITE:

Follow Alessa on LINKEDIN:
Follow Alessa on TWITTER:
SUBSCRIBE to Alessa on YouTube:

  • Be the first to comment

Elements of Customer Risk: Profiles and Relationships

  1. 1. Elements of Customer Risk: Profiles and Relationships
  2. 2. 2 Alessa: Integrated AML Compliance Solution Customer Due Diligence Transaction Monitoring/ Screening Regulatory Reporting Sanctions Screening AML Capabilities Data Management, Workflows, Case Management, Fraud Detection & Prevention (Advanced Analytics) Traditional FIs FinTechs Gaming and Casinos MSBs Markets Questions? Email us at
  3. 3. Agenda 3 1. What is risk, and why do we care about it? 2. Customer Due Diligence vs. CIP 3. Categorizing, quantifying and measuring customer risk 4. Profile and Relationships risk factors for individuals/consumers and businesses/legal entity clients 5. Relationships in context of customer risk 6. Key Takeaways and Q & A
  4. 4. 4 What is risk? The intentional interaction with uncertainty Uncertainty is a potential, unpredictable, and uncontrollable outcome Risk is an aspect of action, taken despite uncertainty A subjective judgment made about the severity and probability of a risk Risk Perception: Risk:
  5. 5. FinCEN CDD Rule: Customer Risk Profile Challenge for compliance professionals: Not so much WHY, but HOW? Certain elements of customer risk scoring only you can determine: • How you build your institution’s scoring model – which risk factors you choose, and if/how you assign weights to different factors • How you incorporate customer risk scores into your transaction monitoring software 5 Why a Customer Risk Score/Rating? “A financial institution should establish an understanding of the money laundering and terrorist financing risks of its customers.” Department of the Treasury, Financial Crimes Enforcement Network (2016)
  6. 6. 6 Customer Due Diligence vs. CIP Customer Due Diligence is:  Detailed analysis of a customer from a money laundering risk perspective  Assessment of risk factors involving demographic data, products/services, anticipated transaction behavior, and geography  May expand into enhanced due diligence  Ongoing, continuously evolving over life of customer relationship CIP + CDD = KYC CIP is:  Identity verification  For new customers  For beneficial owners of legal entity customers  Government photo ID, address, date of birth for individuals  OFAC screening  One and done
  7. 7. 7 Categorizing Risk Elements Profile & Relationships Products/ Services, Activities & Behaviors Geographic Risks Where Who What
  8. 8. • Customer risk scoring model: Keep it simple • Need to quantify risk objectively, but be able to modify for judgement • Most models are way too complex • Will never be perfect 8 Quantifying and Measuring Risk Important: Risk scores should be dynamic
  9. 9. Customer Profile and Relationship Risk Factors: Individuals/Consumer Clients
  10. 10. 10 Risk Factors: Individual/Consumer Clients Risk Factor Why? Channel – online or third party Anonymity factor - collusion Depth & length of relationship Mitigating factor – longer/deeper is lower risk Employment status –Unemployed ask why Cash basis – placement risk; potential undocumented status Assets & sources of wealth Higher than expected for stated employment; unusual or irregular sources – red flags Citizenship status & residence Non-resident alien; potential money mule Politically Exposed Person (PEP) Higher risk of involvement in money laundering, bribery, corruption or terrorist financing Joint account – no familial relationship Red flag for potential fraud or funnel account Anticipated risky transaction activity Cross border transfers, frequent cash deposits are high risk indicators – risk of comingling, fraudSelf-employed
  11. 11. 11 Individual/Consumer Clients: Case Study Mr. Talal Chahine: • Naturalized citizen, native of Lebanon • Prominent businessman, self-made • Founded a chain of restaurants in greater Detroit area • Highly respected in the community, family man • Deep customer relationship with his bank: personal and business accounts, commercial and personal loans, investment services Risky?
  12. 12. • Four-year period: skimmed $20 million in cash proceeds from the restaurants • Maintained double set of computerized books – computer generated • Altered books artificially reduced amount of cash receipts • Employees converted millions of dollars in cash into cashier’s checks, sent to people in Lebanon • Employees converted cash from smaller to larger denominations – smuggled to Lebanon • Paid employees in cash • Strong ties to high-level leaders of Hezbollah terrorist organization • Currently a fugitive, believed to be in Lebanon • Wife pled guilty, served 18 months in prison 12 Individual/Consumer Clients: Case Study cont’d
  13. 13. Profile/Relationships Risk Factors: Businesses/Legal Entity Customers
  14. 14. 14 Business/Legal Entity Clients – ML Risk Risk Factor Lower Risk Higher Risk Ownership Transparent, easily verifiable Beneficial owners hidden behind trusts or layers of LLCs/other entities Entity legal structure Simple — sole proprietorship, general partnership, or publicly traded corporation Complex — less transparency, such as LLCs, trusts, joint ventures, limited partnerships Third party oversight Regulatory or licensing oversight required No independent oversight Cash Intensive No Yes Foreign business activities None Extensive, especially involving higher risk countries Length and depth of customer relationship Over 5 years; multiple accounts & services Less than 5 years; one or two accounts
  15. 15. 15 Risk Factors: Business/Legal Entity Clients Risk Factor Lower Risk Higher Risk Ownership Transparent, easily verifiable Beneficial owners hidden behind trusts or layers of LLCs/other entities Entity legal structure Simple — sole proprietorship, general partnership, or publicly traded corporation Complex — less transparency, such as LLCs, trusts, joint ventures, holding companies, limited partnerships Third party oversight Regulatory or licensing oversight required No independent oversight • Less transparency/oversight = greater risk • Money laundering risk associated with certain entity types and related ownership structures is based on: • Ability to disguise human (beneficial) owners • Potential to hide actual business purpose and activities • Lack of external/internal oversight of business activities
  16. 16. Nominee incorporation services (NIS) firms • AKA corporate formation agents • Can legally form a business entity in any state • Provides Resident Agent, mail forwarding, and “corporate office service packages” - gives a shell company the illusion of legitimacy • Establishes “nominee” officers, directors, stockholders, or bank signatories - hides true owners’ identities from public records 16 Red Flags – Ownership/Legal Structure
  17. 17. Domicile location - higher risk: • Not domiciled where business operations located • Domicile state known to promote anonymity: Delaware, Wyoming, Nevada • Physical address: nominee incorp service? • Off-shore domicile 17 Red Flags – Ownership/Legal Structure cont’d
  18. 18. Cash Intensive Risks • Ability to easily comingle dirty cash with legitimate receipts • Large cash deposits are routine – may be exempt from CTR reporting • Examples: 18 Cash Intensive Businesses: Risks Risk Factor Lower Risk Higher Risk Cash Intensive No Yes Convenience store Car wash Nail/hair salon Restaurant Private ATM operator Tavern/bar/nightclub Marijuana dispensary Thrift/retail store Liquor store Parking lot/garage Money service business Vending company Pawnbroker
  19. 19. Cross border activity • Export/import businesses: foreign payments typical, especially wire transfer • Involves frequent transportation of goods across southwest US border – land or air • Money service business in southwest border region – Casas de Cambio 19 Foreign Business Activities: Risks Risk Factor Lower Risk Higher Risk Foreign business activities None Extensive, especially involving higher risk countries
  20. 20. Consider that:  Money laundering:  Introduces criminal $$ into legitimate/respectable business  Uses techniques developed for legitimate business purposes  Uses service providers: attorneys, accountants, financial advisors  The more profitable organized crime becomes, more important to shift profits into legitimate activities Conclusion: “Family owned and operated” respectability now a red flag  Closely-held entity with few or no controls/oversight  Money laundering & fraud increasingly committed through:  Legit businesses with strong reputations  Traditional or well-respected industries  In perceived “safe” rural/small urban areas 20 The “Respectability Factor” and Customer ML Risk The perfect hiding places for illegal activities?
  21. 21. 21 Business/Legal Entity Clients: Case Study CATT International Inc. • Yuma, Arizona • Husband and wife team with two other employees • Cattle broker: arranges for live cattle to be driven from Chihuahua, Mexico into the US. Chihuahua: • Just south of New Mexico/Texas • Largest cattle producing state in Mexico • Major center of the illicit Mexican drug trade • Ciudad Juarez: heavy drug cartel violence; political/law enforcement corruption
  22. 22. 22 Business/Legal Entity Clients: Case Study #2 Business model: • Individuals in Mexico paid a per-head fee to drive herds into US • Payments: $10,000 to $20,000 per person • US dollar wire transfers through Mexican casas de cambio • Report gross income of $20 million + annually What makes this small, “family owned” business a high-risk customer? • Massive cattle herds - convenient vehicle for drug smuggling? • Business dealings primarily with unidentifiable Mexican individuals • Large payments through Mexican casas de cambio • High-intensity drug trafficking region
  23. 23. Length of customer relationship to the institution: risk mitigator • Established pattern of normal activity • 5 years is a common threshold Individuals: Two or more unrelated individuals are owners or authorized signers • Possible funnel account • Potential indicator of human trafficking or elder abuse 23 Customer Relationships and Risk
  24. 24. 24 Customer Relationships and Risk cont’d Businesses: • Look for hidden connections: Bob Smith Logistics LLC Salon Pro LLC NuChem LLC Magic Nails LLC Speedy Cleaners LLC LoDo Trucking Inc 100% 100% 100% Customers: Not Customers: Not a Customer: • Foreign subsidiaries, parent or affiliates – in what countries
  25. 25. • Keep the customer risk scoring model as simple as possible • DOCUMENT the how/why of your model • Educate front line staff • Ensure customer information and resulting risk factors are regularly updated • Customer risk profiles: continuously evolving • Address change • Ownership change (business) • New foreign payment sources/destinations • Changes in behavior • SAR filing 25 Concluding Comments
  26. 26. • Use technology built into your AML systems – machine learning • No one risk factor exists in a vacuum • Risk profile has limited value unless consider customer behavior as well 26 Concluding Comments
  27. 27. Elements of Customer Risk: Profiles and Relationships