Risk Methodology

Name: AML PROOF – Complete AML Compliance Platform
Author: AML PROOF

A transparent, auditable, and regulator-aligned approach to AML/CFT risk assessment

Overview

This page describes the risk methodology applied within the AML PROOF platform.

The methodology reflects a Weighted Average Risk (WAR) model designed in accordance with:

EU Anti-Money Laundering Regulation (AMLR 2024/1624)
FATF Risk-Based Approach
EBA Guidelines on ML/TF risk factors

The methodology supports — but does not replace — professional judgment exercised by the obliged entity's AML Responsible Officer.

All assessments generated by AML PROOF are:

transparent,
reproducible,
auditable,
and suitable for supervisory review.

Risk-Based Approach

AML PROOF applies a Risk-Based Approach (RBA) as required by EU law and international standards.

Each client relationship is assessed using verified information and contextual risk indicators, resulting in a clear classification of LOW, MEDIUM, or HIGH ML/TF risk, accompanied by a documented rationale.

The objective is proportionate compliance, not mechanical scoring.

Risk Assessment Framework

The risk assessment framework evaluates four core risk pillars, each reflecting a distinct dimension of ML/TF exposure.

1. Customer Risk (40%)

40%

Assessment focuses on: identity and legal form, ownership and control structure, beneficial ownership transparency, exposure to politically exposed persons (PEPs), adverse media signals, credibility of declared source of funds and source of wealth, nature of business or activity.

2. Product & Service Risk (25%)

25%

Assessment focuses on: nature of the product or service provided, cash intensity and value transfer characteristics, anonymity or traceability features, transaction value and velocity, cross-border complexity, involvement of third-party funds or intermediaries.

3. Geographic Risk (25%)

25%

Assessment considers: countries of residence, establishment, and operation, transaction corridors and counterparties, exposure to jurisdictions identified by FATF, the European Union, sanctions regimes and other authoritative sources. Geographic risk is evaluated using a look-through approach, considering all relevant jurisdictions connected to the relationship.

4. Delivery Channel Risk (10%)

10%

Assessment focuses on: onboarding method (face-to-face vs remote), use of intermediaries or agents, robustness of identity verification and authentication controls, reliance on digital or automated processes.

Risk Classification

Risk outcomes are classified into three categories to enable proportionate AML/CFT measures.

LOW RISK

Relationships with limited ML/TF exposure, transparent ownership, predictable behavior, and low-risk contextual factors. Simplified due diligence may be applied where permitted by law.

MEDIUM RISK

Relationships with moderate or mixed risk indicators requiring standard due diligence and ongoing monitoring.

HIGH RISK

Relationships presenting elevated ML/TF exposure requiring enhanced due diligence, increased scrutiny, and senior oversight.

Deterministic Overrides

Certain conditions override the weighted assessment logic and automatically determine the final risk outcome.

Deterministic overrides operate outside the WAR calculation and take precedence where legally or prudentially required.

Examples include:

confirmed matches to applicable financial sanctions,

unresolved sanctions screening alerts,

high-risk PEP exposure,

current and credible adverse media indicating financial crime,

inability to identify or verify beneficial ownership,

legally defined high-risk jurisdictions combined with insufficient mitigating controls.

Overrides ensure that critical risks are never diluted by averaging.

Risk Scoring Logic

Risk scoring within AML PROOF serves to:

structure analysis,
support consistency,
enable auditability.

It does not replace expert judgment and does not function as a standalone decision engine.

Numeric values are used internally to support classification, while final decisions remain categorical and reasoned.

Weighted Average Risk (WAR)

AML PROOF applies a Weighted Average Risk (WAR) model to aggregate risk indicators across the four pillars.

The WAR model:

operates on an internal normalized scale,
prioritizes consistency and explainability over numeric precision,
supports proportional classification into LOW, MEDIUM, or HIGH risk.

The WAR score is not an absolute metric and is not intended for comparison across clients or institutions.

Outputs & Reporting

For every assessment, AML PROOF generates a regulator-ready risk record, including:

documented input data,
pillar-level risk reasoning,
applied overrides (if any),
final risk classification,
narrative justification,
list and methodology versions used.

All outputs are designed to withstand supervisory and audit scrutiny.

Ongoing Risk Management

Risk assessments are not static.

AML PROOF supports continuous risk management through:

Ongoing Monitoring

Detection of changes in behavior, exposure, or external risk signals.

Periodic Reviews

Scheduled reassessment based on the assigned risk level.

Trigger Events

Immediate reassessment upon material changes such as: ownership updates, new adverse findings, regulatory or sanctions updates.

Governance & Controls

The risk methodology is governed through:

Version Control

All changes are versioned, documented, and traceable.

Periodic Review

Methodology is reviewed regularly to reflect regulatory developments and emerging risks.

Regulatory Responsiveness

Updates are applied following changes to EU law, FATF guidance, or sanctions regimes.

Auditability

Every assessment can be reproduced using stored inputs and the applicable methodology version.

Documentation & Record Retention

AML PROOF ensures:

full audit trails for all assessments,
evidence of compliance with AML/CFT obligations,
historical tracking of risk profile changes,
record retention in line with regulatory requirements.

Why It Matters

This methodology provides obliged entities with:

Clarity

Simple LOW / MEDIUM / HIGH outputs with plain-language reasoning

Compliance

Aligned with FATF/EU standards and accepted by regulators

Credibility

Auditable, transparent, and defensible in supervisory reviews

Efficiency

Minimal operational burden while maintaining 100% compliance

AML PROOF ensures that every risk assessment is simple for users, robust for compliance, and credible for regulators.

Methodology Status: Active

Methodology Version: v1.4

Last Updated: 2025-01-09

Governing Document: AML PROOF Weighted Average Risk (WAR) Methodology – Compliance Annex

The proprietary Weighted Average Risk (WAR) risk model has an informative character and is intended for the responsible AML Manager of the obliged entity. However, the final responsibility for approving or rejecting clients/transactions always fully lies with the responsible AML Manager of the obliged entity.