🔹 Definition
A High-Risk Customer is an individual or entity that presents a greater-than-average risk of involvement in money laundering, terrorist financing, fraud, or regulatory non-compliance, based on their profile, behavior, geography, or other risk indicators. These customers require Enhanced Due Diligence (EDD) measures and more frequent monitoring as part of a financial institution’s risk-based approach (RBA) to compliance.
High-risk customers are identified during customer onboarding, periodic reviews, or trigger events using a risk assessment framework defined by internal policies and regulatory guidelines.
🔹 Frequently Asked Questions (FAQs)
Q1: What factors contribute to a customer being classified as high-risk?
- Jurisdictional risk: Resides in or has ties to high-risk or sanctioned countries
- Occupation or business type: Involvement in industries like crypto, gaming, real estate, or offshore finance
- Ownership structure: Use of shell companies or complex legal entities to obscure ultimate beneficial ownership
- Behavioral risk: Unusual transaction patterns, high cash usage, or reluctance to provide KYC documents
- PEP status: Is a Politically Exposed Person (PEP) or related to one
- Adverse media: Negative news related to crime, corruption, or financial misconduct
Q2: How should high-risk customers be treated?
- Conduct Enhanced Due Diligence (EDD) during onboarding and periodically thereafter
- Obtain additional information such as source of funds and source of wealth
- Apply stricter transaction monitoring rules and set lower alert thresholds
- Escalate for senior management approval
- Document rationale for classification and all review outcomes
Q3: Is it illegal to serve high-risk customers?
Not necessarily. Serving high-risk customers is allowed if the risks are:
- Clearly identified and understood
- Managed with appropriate controls
- Compliant with regulatory requirements, including reporting obligations
However, some entities (e.g. sanctioned individuals, anonymous shell companies) may be prohibited altogether.
Q4: Can high-risk customers be downgraded over time?
Yes—if they demonstrate transparent behavior, maintain consistent transaction patterns, or if the underlying risk factors (e.g., jurisdiction, PEP status) change. Reclassification should follow a documented risk review and be approved by the compliance team.
