Articles » Latest Articles

Money Laundering: What is a Risk-Based Approach?

Jan 16, 2023 Red Flag Alert Updated On: October 9, 2023
Money Laundering: What is a Risk-Based Approach?

The UK government has declared a crackdown on money laundering and has strong legislation to aid in this. With £88 billion laundered through the UK economy each year this is a massive undertaking.

The government has, quite rightly, concluded that this must be a joint venture between the public and private sector. As such, businesses in industries at risk from money laundering (as outlined in The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 have a numerous and robust compliance requirements, that are strongly backed up by law.

The foundation of these requirements is that a risk based approach toward money laundering must be employed.

In this article we will look at what a risk based approach means and how it can be implemented.

A Risk Based Approach

A risk based approach, put simply, means that a company must be aware of the ways their services, products and processes could be exploited for money laundering and then design, create and deploy appropriate measures to ensure this does not happen. This is done by reviewing and monitoring both the business and also any clients and business partners.

The truth is that very few directors in relevant businesses are aware of this requirement and do not have the knowledge of money laundering techniques to employ it, even if they did. Under UK law it is a legal requirement that directors and any relevant members of staff have sufficient training to do so.

As stated, most businesses are currently not meeting their legal obligations towards money laundering and are at risk of prosecution due to lack of compliance.

How do you employ a Risk Based Approach?

Whilst the eventual solution will vary from business to business the process of finding this solution is largely the same for all.

Firstly, directors must educate themselves on money laundering and how their company could be exploited by it and then familiarise themselves with the relevant laws and industry body regulations that apply to them.

Once this has been done a Firm-wide Risk Assessment must be conducted. This is a complete review of the business to identify any potential risks of money laundering, we will look at this more below. How this assessment is conducted, what it considered and it’s findings should all be thoroughly recorded and reviewed by the directors of the company. Should a company ever inadvertently be involved in a money laundering scheme the investigating authorities will request to see all risk assessments and the onus is on the directors to prove they conducted a thorough search and met their legal requirements.

This review will serve as the foundation for a company’s strategy against money laundering. As techniques used to launder money are constantly evolving and businesses and markets natural change over time this must be reviewed on an ongoing basis. Different regulatory bodies have different requirements but outside these once a year is usually appropriate.

Should a business under go any significant changes, such as, introducing any new services/products or undergo any changes to how they operate, these changes should be reviewed for their money laundering risk.

After the assessment has been completed, processes to counter money laundering must be created and deployed (or altered if already in existence). These will range from staff training to implementing anti-money laundering check software. Again, why and how these processes were designed and deployed as well as their continued operations should be recorded in detail to produce on request of any money laundering investigators.

What processes are necessary and their design will vary between companies, but there must be a process to review customers for money laundering risk and report any suspicions. We will discuss what to look out for later in the article.

Company-Wide Risk Assessment

We have already outlined the purpose of a company-wide risk assessment and will now look like what it looks like in action.

The aim is to identify any part of the business that could be used by launderers to clean money and assess the likelihood of this happening, how it might happen and how it can be stopped. There is no legislation about how this must be conducted and it will vary between companies; but should a company ever be implicated in a money laundering scheme, investigators will critically review all anti-money laundering processes deployed and any laxity in these could lead to prosecution. So the more thorough the better.

Things to be considered in a company-wide risk assessment are:

  • The risks posed to their industry
  • The risks posed by their business structure
  • The risks posed by their products and/or services
  • The risks posed by their business processes
  • The risks posed by the geographical areas they operate in
  • The risks posed by their distribution and payment channels. E.g. cash over the counter, bank transfers etc
  • The risks posed by their customer base

These, and any other relevant factors, should be regularly reviewed and the findings recorded and acted upon.

Red Flag Alert

Learn how to spot high risk clients

Sign up to our free insolvency mini-course

Customer Risks

It is necessary to review customers, and business partners, on a case by case basis. This is done before any initial transaction takes place and once a year if it is an ongoing relationship, such as an ongoing client of an accountant or lawyer. It is also required that reasonable steps are taken to identify the ultimate beneficiary of any transactions.

Customers and business partners will need to be run through one or multiple of the following: Know Your Customer (KYC), Anti-Money Laundering (AML) and/or Politically Exposed Persons & Sanctions checks. The best way to do this is to use AML Check software.

As well as running these checks, staff must also be able to use their intuition and have sufficient training to spot warning signs of money laundering.

Some indicators to look out for are:

  • Clients seeking undue anonymity or secrecy and not willingly revealing their identity
  • Clients acting through a third party
  • A third party not being transparent about who they are acting on behalf of or who the ultimate beneficiary is
  • Clients introduced to you by a third party, as you do not know the due diligence that has taken place
  • Clients you have not obtained via the methods usual to the business
  • Clients involved with cash based businesses
  • Clients from abroad, especially from countries with low regulatory standards, high corruption or sanctions
  • Clients from outside the usual customer base
  • Clients involved in emerging sectors or who’s business has recently pivoted
  • Clients with, or operating for an individual with, high net worth
  • Clients wanting to deal in cash
  • Clients with a criminal history
  • Politically exposed clients
  • Large transactions
  • One off transactions


UK anti-money laundering legislation puts a tremendous amount of responsibility on the private sector and has purposely harsh punishments for those who have been found to be involved. To be compliant companies need to ensure that all relevant staff are trained in anti-money laundering and understand what their obligations. Anti-money laundering should be thought of as a discipline to be applied in the daily operation of a business.

It is of paramount importance that director’s ensure they are remaining complaint, and keep detailed records to that effect., to protect both their company, staff and themselves.

Red Flag Alert can help by providing an AML check software that supplies:

  • Unbeatable match rates
  • Advanced due diligence
  • A full suite of risk checks
  • Real time PEPs and sanctions checks
  • Time and cost saving automation
  • Ongoing support for users

Check, onboard and monitor your clients, all on one comprehensive platform. Remain compliant and reduce AML risk, Try Red Flag Alert today or read our guide on conducting an AML risk assessment


Published by Red Flag Alert January 16, 2023

Stay informed

Sign up to receive expert insights direct to your inbox.