Under the AML legislation, the ‘risk-based approach’ is a cornerstone for companies that must comply.

There are three factors to consider when assessing the risk of ML:

  1. Company risk assessment (also called a ‘firm-wide risk assessment’), which identifies all the risks your company faces.

  2. Client risk assessment, which identifies the risks identified about an individual client.

  3. Transaction risk assessment which assesses what risks there may be with each new piece of work that a client gives you.

Each risk assessment needs to contain an analysis of the risk, the likelihood and severity of the impact were it to occur, and the policies, controls, and procedures that your company is putting in place to mitigate that risk.

At First AML, our Risk Assessment feature allows you to facilitate both factor 2 and 3.

Our Risk Assessment Questionnaire is fully configurable.

By configuring the risk assessment questionnaire, it will appear in each case that you create, with a list of questions that need to be completed and a risk level will be set. 

You will be able to extract this information at a case level (via the print preview) along with extracting the information via the Reporting functionality.


How to configure a Risk Assessment 

The Risk Assessment is made up of 2 components: Risk assessment questions and Risk threshold.

Risk assessment questions

To get started with setting up your Risk Assessment questionnaire and creating questions:

  1. Navigate to the Settings on the left hand navigation bar and click the Risk assessment tab

  2. Click Enable Risk Assessment to ensure the created questions appear in your cases

  3. Click Add another question to start adding in your Risk Assessment question

  4. Continue to click Add another question to add the questions you require in your Risk Assessment

  5. Once you have added all the required questions, click Save to save the Risk Assessment questionnaire

Risk threshold

You are able to create custom risk weighting to drive KYC processes based on risk thresholds.

The risk threshold gives the limits for each of the risk levels.

  • Any total score lower than the low risk threshold will result in a low risk rating
  • Any total score higher than the high risk threshold will result in a high risk rating
  • Any score between the low risk threshold and high risk threshold will result in a medium risk rating

Please see the steps below on how to configure it:

*This can be configured by your First AML contact or a Compliance Admin.

  1. Navigate to the Settings on the left hand navigation bar and click the Risk assessment tab

  2. Click Enable scores, thresholds, and automatically set case’s risk level to ensure the threshold that you add automatically calculates and sets risk level once completed

  3. Set you Risk threshold by adding in the relevant scale for Low, Medium and High risk

  4. Once the Risk threshold has been set, you can now add the weighting to each question. Enter in the weighting for each question (’Yes’ and ‘No’) answers.

  5. Once you have completed adding the weighting to each question, click Save. *Please note if you do not press save, you will lose your progress

Risk assessment configurations

There are three key configuration settings that you can manage for your Risk Assessment questionnaire:

  1. Enable Risk Assessment - ticking this will ensure that the Risk Assessment questionnaire that you have created will appear in the cases you create

  2. Enable scores, thresholds, and automatically set case’s risk level - ticking this will ensure that the Risk thereshold and weighting that you assign to questions will be enabled. This means that once the Risk Assessment questionnaire is completed for a case, a Risk score will be automatically generated

  3. Block case from advancing without Risk Assessment completion - ticking this will ensure that your cases cannot move to ‘Ready for Review’ without having the Risk Assessment questionnaire completed

Example risk assessment questionnaire

For demonstrative purposes, please see an example of a configure Risk Assessment questionnaire within the Source by First AML platform:

Completing the risk assessment in a case

  1. Navigate to the Risk assessment tab in the case
  2. Answer the questions - choose yes, no or n/a and add comments to each question.

Based on the scoring and thresholds set (see above) the risk level will be calculated automatically upon answering the risk assessment in the case. 

Where there is a manual override the risk level (e.g. based on mitigants risk level is actually medium) there will be a note advising there has been a change to the risk level and the original calculated risk score will still be surfaced. 

  1. At the end of the questions, you are able to add an overall comment around the risk questionnaire.

  2. Make sure to press ‘Save’ when you are finished

        *Risk level in Case details is automatically updated based on Risk assessment


Downloading a copy of a completed Risk assessment questionnaire

Use the print preview button to download a copy of the risk assessment questionnaire.

When no risk assessment is set

The Risk assessment tab will be visible within a case, but empty if you do not use the feature. A message will direct the user to reach out to their platform administrator to configure risk assessment questions.


Now you can start inserting all of the steps to your article.