Which additional fields should the auditor recommend to document the CRA process?

The company has automated the completion of the customer risk assessment (CRA) into its main customer relationship management (CRM) system The CRM has needs recording the overall risk level assessed (Standard. Enhanced), the ID number of the staff member who completed the assessment, and me date of the last assessment

Which additional fields should the auditor recommend to document the CRA process? (Select Three.)
A . Age (Years)
B . Risk factors (Y/N. if Y please specify)
C . Type of customer (Trust. Company Individual)
D . Annual premium (S)
E . Residence (Country)
F . Photo ID taken (Passport Driver’s License. Other)

View Answer

Answer: B, C, E

Explanation:

Enhancements to the CRA Process:

Risk Factors: Identify and document specific risk indicators for transparency and consistent assessment. This ensures alignment with the risk-based approach advocated by FATF.

Type of Customer: Differentiating customer types (trust, company, individual) is critical for tailoring due diligence measures to the unique risks associated with each type.

Residence (Country): Tracking customer jurisdiction ensures risk assessments reflect geopolitical and regulatory changes, fulfilling FATF compliance expectations.

Role of Additional Fields in Compliance:

These fields enhance traceability, accountability, and risk profiling, ensuring the CRA process is comprehensive and meets regulatory standards.

Advanced CAMS-Audit Guidance:

Documentation must be detailed and periodically reviewed to address evolving AML risks effectively, as recommended by CAMS-Audit guidelines.