It is a requirement under the AML Regulations and the Firm’s PCPs to carry out ongoing monitoring.
You should review risk assessments at appropriate intervals during the client relationship, during the transaction and just before the transaction is completed to identify if anything has changed. Information you learn while acting for the client should also inform your risk assessment.
The Client risk assessment should be reviewed and updated at least every 12 months and more often if there is any increase in the risk profile of the client (for example, where there is a change in beneficial ownership, a change in the nature of the client’s business or change of address etc). You should review the risk assessment if important new facts emerge or at key stages in the business relationship. You should be looking out for new instructions that do not fit the profile of the client and/or are not consistent with the previous work you have undertaken for the client.
Record details of:
- how you have monitored identified risks since the form was initially completed
- any changes discovered since the form was completed
- any changes to the risk level for the client and the matter and
- how the client and matter will be monitored on an ongoing basis, if necessary.
The risk assessment should be reviewed as many times as is necessary for the level of risk applicable to the client or matter.
Ongoing monitoring includes in relation to PEPs and sanctions checks. Lexis Nexis Risk Narrative provides for ongoing monitoring in relation to these matters.