When to Update ML/TF Risk Assessment

DE

The correct answers are A and D.

A financial institution (FI) must update its ML/TF (money laundering/terrorist financing) risk assessment when there are significant changes in the nature and complexity of its products, services or customer types. This could include the introduction of new products or services, such as digital wallets or cryptocurrencies, or changes in the customer base, such as targeting high-risk customers. This is because these changes may increase the risk of ML/TF and the FI must reassess its controls and measures to mitigate those risks.

Additionally, when an FI faces a merger or acquisition, it must update its ML/TF risk assessment to ensure that it accounts for any new risks associated with the new entity, such as the potential for cross-border transactions or dealing with customers in higher-risk jurisdictions. The FI must also consider any changes in ownership and management that may affect its AML compliance program.

The other options, B, C, and E, do not typically require an FI to update its ML/TF risk assessment. The election of new board members or the hiring of new AML compliance employees may affect the FI's AML program, but it does not necessarily require a full risk assessment update. Opening a sales point in a new location in the same city may also not require a full risk assessment update, unless the location presents new ML/TF risks that were not previously considered.