From banking
Activate for: KYC risk rating, customer risk classification, AML risk score, customer risk assessment, high-risk customer, risk-based approach, risk rating, customer due diligence risk score, PEP risk, geographic risk, product risk, customer risk categories. NOT for: transaction monitoring alerts (use aml-typologies), SAR/STR drafting (use aml-sar-drafting), sanctions screening (use sanctions-screening).
npx claudepluginhub panaversity/agentfactory-business-plugins --plugin bankingThis skill uses the workspace's default tool permissions.
The FATF Risk-Based Approach requires that AML/CFT measures be proportionate
Performs customer risk scoring with four-factor weighted model (Geographic 30%, Customer 35%, Product 25%, Channel 10%) aligned with Basel III, EBA, FATF, FinCEN. Classifies into LOW/MEDIUM/HIGH/CRITICAL bands for onboarding.
Activate for: CDD, EDD, customer due diligence, enhanced due diligence, simplified due diligence, KYC, know your customer, customer onboarding, source of wealth, source of funds, PEP, politically exposed person, beneficial ownership, UBO, corporate structure, ongoing monitoring. NOT for: personal finance advice or retail banking product recommendations, tax compliance or tax residency determinations, credit underwriting decisions.
Guides implementation of customer identification, due diligence, beneficial ownership collection, enhanced due diligence, risk rating, and KYC monitoring under FINRA Rule 2090, CIP, and FinCEN CDD Rule.
Share bugs, ideas, or general feedback.
The FATF Risk-Based Approach requires that AML/CFT measures be proportionate to the risks identified. Higher-risk customers receive Enhanced Due Diligence (EDD); lower-risk customers may receive Simplified Due Diligence (SDD) in some cases. Every customer must be assigned a risk rating and the rating must be reviewed periodically.
| Customer Category | Risk Score |
|---|---|
| Listed company (major exchange) | 1 — Low |
| Regulated financial institution (home jurisdiction) | 2 — Low |
| Domestic corporate (private, no PEP links) | 3 — Medium |
| High net worth individual | 3 — Medium |
| Non-profit organisation / charity | 4 — Medium-High |
| Foreign private company | 4 — Medium-High |
| Offshore structure (Cayman, BVI, Panama) | 5 — High |
| Trust or foundation (complex beneficiary structure) | 5 — High |
| PEP individual (Tier 1 — foreign) | 5 — High (mandatory EDD) |
| Cash-intensive business (jeweller, currency exchange, casino) | 5 — High |
| Geography | Risk Score |
|---|---|
| FATF member, low TI-CPI risk | 1 — Low |
| FATF member, moderate TI-CPI risk | 2 — Low-Medium |
| FATF under enhanced follow-up (grey list) | 4 — High |
| FATF blacklisted jurisdiction | 5 — Very High |
| Non-FATF jurisdiction with strong AML regime | 3 — Medium |
| Non-FATF jurisdiction with weak AML regime | 4 — High |
Check current FATF grey/black list at fatf-gafi.org — updated three times per year. TI Corruption Perceptions Index (CPI): scores below 40/100 indicate high corruption risk.
| Product / Service | Risk Score |
|---|---|
| Basic current account (domestic customer) | 1 — Low |
| Fixed-term savings/deposit | 1 — Low |
| Retail mortgage | 2 — Low-Medium |
| Business current account | 3 — Medium |
| International wire transfers | 4 — Medium-High |
| Private banking / wealth management | 4 — Medium-High |
| Correspondent banking | 5 — High |
| Trade finance | 5 — High |
| Cryptocurrency-related services | 5 — High |
| Cash-heavy transactions | 5 — High |
| Indicator | Risk Score |
|---|---|
| Long-standing customer, consistent behaviour | 1 — Low |
| New customer, no prior relationship | 3 — Medium |
| Complex or inconsistent business explanation | 4 — Medium-High |
| Reluctance to provide CDD documentation | 5 — High |
| Third-party introduction with no independent verification | 4 — Medium-High |
| Adverse media (unverified) | 4 — Medium-High |
| Adverse media (verified / criminal conviction) | 5 — High |
| Prior SAR on this customer (bank or other FI) | 5 — High |
Composite score = Weighted average of four dimension scores: Customer type: 35% Geographic: 30% Product/service: 20% Relationship/behavioural: 15%
| Composite Score | Overall Risk Rating | CDD Level | Monitoring Frequency |
|---|---|---|---|
| 1.0 - 2.0 | Low | Standard CDD | Every 5 years |
| 2.1 - 3.0 | Medium | Standard CDD | Every 3 years |
| 3.1 - 4.0 | High | Enhanced CDD | Annually |
| 4.1 - 5.0 | Very High | Enhanced CDD + Senior Management Approval | 6-monthly or more |
The weighted average approach is the most common, but banks must consider:
Example calculation: Customer type: Foreign private company = 4 Geographic: FATF grey list jurisdiction = 4 Product: Correspondent banking = 5 Behavioural: New customer = 3 Composite = (4 x 0.35) + (4 x 0.30) + (5 x 0.20) + (3 x 0.15) = 4.05 = Very High
In this case the composite score of 4.05 falls in the Very High band. Additionally, the mandatory override for correspondent banking (score 5) would independently trigger a High rating regardless of the composite calculation.
The following automatically classify a customer as High or Very High risk:
Trigger an unscheduled KYC refresh when:
KYC RISK RATING ASSESSMENT
Customer ID: [ID]
Customer Name: [Name]
Assessment Date: [YYYY-MM-DD]
Assessor: [Name / Role]
DIMENSION SCORES:
Customer Type: [Score] — [Category]
Geographic: [Score] — [Category]
Product/Service: [Score] — [Category]
Behavioural: [Score] — [Category]
COMPOSITE SCORE: [X.XX]
OVERALL RATING: [Low / Medium / High / Very High]
MANDATORY OVERRIDES APPLIED:
[List any override triggers, or "None"]
CDD LEVEL: [Standard / Enhanced / Enhanced + Senior Mgmt]
MONITORING FREQUENCY: [5yr / 3yr / Annual / 6-monthly]
NEXT REVIEW DATE: [YYYY-MM-DD]
RATIONALE:
[Brief narrative justifying the rating]
ALL OUTPUTS REQUIRE REVIEW BY A QUALIFIED PROFESSIONAL BEFORE USE IN REGULATORY FILINGS OR BUSINESS DECISIONS.