Blog

Customer Due Diligence – Risk Scoring of Fraudsters to Prevent Crimes

Richard Marley
December 24, 2021
7 minutes read
6391

As per the research of The Journal of Accountancy, fraudsters carry out crimes for two reasons: need or greed. In addition to this, there are three key factors that stimulate criminals to execute fraudulent schemes; motive, rationalization, and opportunity. However, majorly due to lack of financial resources, having the power to build fraudulent schemes, and personal justification of illuminating actions, penetrators commit crimes.

Risk Assessment – How Does it Work?

A fraud risk assessment aims to address businesses’ shortcomings in security systems against internal and external fraud. However, the types of scams vary from business to business, internal fraud includes misappropriation of assets and embezzlement, while external fraud includes data breaches and account takeover.

Often, cybercriminals execute fraud because of loopholes in companies’ internal controls. To identify these gaps and to determine risk linked with the customers, a fraud risk assessment system is mandatory for businesses.

A risk assessment system is tailored according to industries and business operations. Companies management and managers responsible for respective departments have to undergo risk assessments by scrutinizing the institute’s exposure to fraud. As changes in the internal and external business environment are certain, the risk assessment should be conducted on a regular basis to identify and eliminate risks to an optimum level. Fraud risk management can be executed in numerous forms: a matrix, narrative, or any other way that the business finds easiest to understand.

The fraud risk assessment should address four key areas:

Asset Misappropriation

Primarily, inventory, cash, and business assets are subject to misappropriation and must be investigated for skimming and other bogus activities. Asset pilfering is more than theft, company employees who use business equipment such as computers for personal benefits are involved in misappropriation.

Financial and Non-Financial Reporting

The inconsistency between the non-financial and financial information can cause internal fraud. This is commonly executed by the management by overriding the internal controls, altering the financial statements like overstating revenues, assets, and profits. However, risk assessment systems can monitor the financial as well as non-financial performance indicators such as the number of clients’ accounts, number of stores, and bank statements depending on the business.

Illegal Acts

Fraud is fundamentally an illicit act, and analysis and audits have to keep viable information of the indicators and characteristics of scams, techniques to execute fraudulent schemes, and types of scams lined with the business operations. Therefore, fraud risk assessment systems are crucial as it helps out businesses to audit and assess risk while compliance officers can provide assurance in overcoming and identifying frauds.

Risk Scoring for Customers

Risk scoring allows businesses to identify the customers that possess potential threats through which they can harm businesses. A risk scorecard is critically important for two things; a form that includes all the information of the customers that have been gathering for the risk assessment procedure and a model that inputs all the data and transforms it into a risk score.

The scorecards vary from business to business as every company has a different clientele. Similarly, the risks they possess are also different and so are the requirements of the relevant regulatory authorities. In order to be effective, risk scoring procedures must be designed while taking all these aspects into consideration. Apart from the usual KYC information, risk scorecards should also include the sources of funds, the nature of business relationships, and the PEP status. Moreover, transaction monitoring for a specified number of monthly transactions plays a significant role in risk assessment.

Low-Risk Customers: Standard due diligence (SDD) is generally implemented when the customers possess potential risks that could not be identified or realized.
Medium-Risk Customers: Customer Due Diligence (CDD) is mandatory for businesses to identify suspicious transactions that their customers are involved in. It is a crucial part of AML requirements. Generally, financial institutions and banking sectors implement CDD for customer screening to avoid financial crimes. The customers that indulge in hacking, data breaches, and other severe crimes are listed as high-risk entities.
High-Risk Customers: There are high-risk clients in every business. However, a risk-based approach for CDD will identify the higher risk of money laundering or terrorist financing. Therefore, a higher level of due diligence is required to determine such entities before such activities happen. Hence, EDD is crucial as it can screen the customers against the PEPs list and other sanction list for better insight.

Risk Scoring Factors

Geography Risk – Country of Citizenship

The businesses that are operating in the high-risk countries need to verify their clients thoroughly. To do so, enhanced due diligence procedures must be implemented so that a clear image of the customer can be pictured. This will help businesses to create risk profiles.

Source of Wealth

The risk associated with wealth could be adverse for businesses. The businesses that are going to establish relationships with clients that are indulged in money laundering activities or direct exposure with illicit activities can impact the business. Thus, verifying the source of income is essential for developing risk profiles.

Watch List Risk

The potential risk with the customers that are being listed in the global watchlist, sanctions lists, PEPs, and financial crime databases is a red flag for the companies. Onboarding them or making any kind of relationship can lead the company to the road of destruction. Hence, screening customers to identify risk is crucial for businesses.

Legal Structure & Ownership Risk

The risk associated with the legal structure of a client is based on whether it is privately or publicly held. The risk assessment management system identifies if the client is publicly or privately held and then looks for legal structure from the information that is acquired during the onboarding procedure. Upon gathering data, the businesses can decide their risk profiles.

Free Email Domains

No doubt, free email addresses increase the risk of fraud and scams. So if such bogus domains are used for emailing individuals or businesses, fraudsters can get access to the information or systems through phishing attacks.

Ongoing Monitoring for Better Risk Insights

High-risk entities like PEPs and money launderers are a potential threat for the companies in several ways. Businesses identify the risk level of clients during customer onboarding procedures. High-risk consumers are to be thoroughly examined regularly due to the risk of high profile crimes and as Anti-Money Laundering obligations. However, ongoing monitoring is a crucial attribute of the AML control procedure that is implemented on high-risk customers.

It’s critical to have up-to-date information of customers to assess risk with accuracy. However, several data sources like PEPs lists, global watchlists, and financial crime databases are readily available that businesses can get access to screen their clients in order to make risk customer profiles. Other than this, companies can also create customer risk reports that must be easy to understand and compliant with international data standards. Furthermore, firms can also incorporate CDD and EDD processes that fulfill AML compliance obligations as well as protect businesses from financial losses.

What Shufti Pro Offers

Shufti Pro offers Identity Verification and Anti-Money Laundering solutions that enable businesses to comply with global financial regulations and data privacy laws. It verifies the customers’ identity by analyzing the ID documents and performs real-time facial recognition, hence eliminating the chances of frauds. Identity verification results are 98.67% accurate and the process takes less than a second to complete.

Want to learn more about identity verification for your business?

Talk to experts

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
FATF and EU Delist Bahamas from AML Blacklist
Risk Assessment – How Does it Work?
Risk Scoring for Customers
Risk Scoring Factors
Ongoing Monitoring for Better Risk Insights
What Shufti Pro Offers
European Union has finally removed Bahamas from its AML blacklist, right after FATF has delisted the country from the grey list.

The European Union implemented a new regulation on 7 January to amend the EU AML blacklist, including removing the Bahamas, just a few days after it was delisted from the FATF’s (Financial Action Task Force) grey list as it has some shortcoming in its anti-money laundering defense framework.

The Office of the Attorney General said in a statement that “the FATF congratulated The Bahamas for the ‘significant progress’ it has made in improving its AML/CFT/CFP regime”.

The Bahamas has been delisted from the EU anti-money laundering (AML) blacklist, Attorney General Ryan Pinder announced today.

— Nassau Guardian (@GuardianNassau) January 12, 2022

“The Bahamas has strengthened the effectiveness of its AML/CFT system and addressed related technical deficiencies to meet the commitments in its action plan and remedy the strategic deficiencies identified by the FATF in October 2018. The Bahamas is therefore no longer subject to the FATF’s increased monitoring process. The Bahamas will continue to work with CFATF to improve further its AML/CFT regime.” FATF added.

On 11 January OAG (Office of the Attorney-General), while providing additional details on EU delisting the country from AML blacklist said: “This favorable outcome of the many months of engagement is a welcomed one and comes almost 12 months after the Financial Action Task Force (FATF) delisted The Bahamas on the 18th of December 2020 from its List of Jurisdictions Under Increased Monitoring (FATF’s Grey List). The Bahamas will continue to work with European Union and all international partners as we seek to maintain our AML/CFT/CFP regime on par with international agreed measures which safeguard the global financial system.”

Financial watchdog also acknowledged and paid thanks to collaborate teams including National Identified Risk Framework Coordinator, Dr. Cassandra Nottage, the member of International Legal Cooperation and Compliance Units of the OAG and DG FISMA team, for this desired conclusion to the EU AML Review Process.

Suggested Read: EU Removes Iraq From List of High-Risk Money Laundering Countries

Customer Due Diligence – Risk Scoring of Fraudsters to Prevent Crimes

Risk Assessment – How Does it Work?

Asset Misappropriation

Financial and Non-Financial Reporting

Illegal Acts

Risk Scoring for Customers

Risk Scoring Factors

Geography Risk – Country of Citizenship

Source of Wealth

Watch List Risk

Legal Structure & Ownership Risk

Free Email Domains

Ongoing Monitoring for Better Risk Insights

What Shufti Pro Offers

Understanding the Concept of Metaverse

Metaverse – New Emerging Crime Source?

People’s Bank of China to Monitor Metaverse

Legal Issues Related to Metaverse Content

1. Copyright

2. Trademark

3. Right of Publicity

How Shufti Pro Can Help

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.