Skip to content
English - Australia
  • There are no suggestions because the search field is empty.

Does the platform automatically determine the customer's risk rating?

Yes, the customer risk rating calculated from the firm's baseline Risk Assessment plus per-transaction inputs (entity type, structure, country, value) and screening results.

The customer risk rating is calculated from a combination of your firm's baseline Risk Assessment outcome and per-transaction inputs (entity type, structure complexity, country exposure, transaction value) plus the live screening results (PEP, sanctions, adverse media). AUSTRAC's risk-based approach expects exactly this kind of structured scoring - a model that's transparent, repeatable and auditable.

How the score works (simplified):

The platform combines three signals into a numerical score and maps it to a risk band:

  • Input: Business baseline (from the firm's RA)
    What it contributes: The "starting floor" - a higher-risk business profile lifts all customer scores
  • Input: Customer profile (from the KYC / KYB)
    What it contributes: Entity type, ownership complexity, jurisdiction, source-of-funds picture
  • Input: Screening result
    What it contributes: PEP / sanctions / adverse-media hits; structural red flags

Worked examples:

  • Mum-and-dad buying with a bank loan, AU-based, no PEP.
    Low baseline (1) + simple profile (1) + clean screening (1)
    = Score 3, Low Risk.
  • Same buyers via a discretionary trust with savings as source-of-funds, AU-based, no PEP.
    Higher baseline (2) + trust-structure complexity (1) + clean screening (2)
    = Score 5, Low / Medium Risk depending on the firm's threshold.
  • Foreign buyer through a multi-layered corporate structure, with adverse media. Higher baseline (3) + complex profile (3) + adverse media (3)
    = Score 9, High Risk - ECDD required.

What the rating drives automatically:

  • CDD intensity. High Risk triggers Enhanced CDD - source-of-wealth and source-of-funds workflow.
  • Re-screening cadence. Low annually, medium 6-monthly, high quarterly (transactional sectors re-screen per matter).
  • Compliance Officer sign-off. High-risk transactions require Senior Manager/CO approval before designated services proceed.
  • Monitoring sensitivity. Higher-risk customers get tighter thresholds in transaction-pattern monitoring.

Manual override is supported - a user with CDD role or higher can escalate the rating; downgrades require CO sign-off with a documented reason. See "Can the firm override the risk rating produced by the system?" later in this section.

See AUSTRAC's Overview of customer due diligence.

Related articles