What types of risk assessment and client/case approval are possible?
In essence, we have three types of risk assessment and/or client/case approval and they are:
- Direct risk assessment - this is a risk assessment that is done typically by the compliance officer within the workspace.
- Direct risk assessment with approval - this is the same process as the above, but with an extra approval step. The approver could e.g. be the client responsible person.
- External risk assessment - this is when an external party (to the workspace) is performing the risk assessment. Typically this could be a partner at a law firm or similar, that is the responsible party for the client relationship but they should not get access to the full compliance system.
Risk assessment of clients/cases
When doing a risk-based assessment of the AML risk of the client relationship, then we offer a fully-customisable risk assessment tool. This is essentially a process where you can standardize your risk assessment, so that every client is assessed in the same way. Each risk assessment will be saved on the client, and it will therefore be possible to see how the risk has evolved over time.
Meo has some templates that we can help set up for you, but we strongly recommend that you customize the risk assessment tool to match the risk environment that you are navigating in. Please contact care@meo.io for more information.
In the risk assessment, the system can propose a “calculated risk”. This calculated risk is a weighing of the answers to the different risk questions. We are operating with two types of risk calculation:
- Highest risk value - A very simple risk calculation. This is simply the highest risk value that is mentioned. So e.g. if you consider any client outside of the EU for a high risk client, then it would automatically suggest high risk.
- Summed risk - This is a more precise risk calculation. Here every answer can have an associated risk value as a number. All of the selected risk values are summed up at the end and compared to a pre-set risk range. E.g. low risk could be from 0-50, medium risk could be from 51-100 and high risk could be anything above 100. This is a very flexible system that can be tailored to your needs.
Client/case approval
The last part of a risk assessment, can be to get the client responsible party to approve of the KYC work that has been performed by the compliance officer. This is an easy process and it essentially goes like this:
- The compliance officer in Meo, uses the ‘Create profile report’ action (needs custom setup, contact care@meo.io if interested). This can either be started on a specific profile or on the identities section for multiple profiles. The compliance officer creates a request and sends it to the approver (e.g. the partner).
- The approver receives an email with a unique link, and they login with their Meo account. They can now review the report(s) and approve or reject them.
- If they approve, then the reports are digitally signed and placed on the entities as attachments.
- If they reject, then they must provide a comment for why. This comment is then added to a notification sent to the compliance officer in the Meo workspace.