CDD On Demand


Risk Assessment

With the SCOPE CDD On Demand Risk Assessment you can easily automate your risk policy. After configuration, you will always have an unambiguous risk assessment and a lot of time is saved. 


According to section 2b of the AMLD, an institution must have a risk policy and record and update all the results of each risk assessment.

Following the Annex III to the revised Fourth Anti-Money Laundering Directive, when making a risk assessment, an institution must in any case take into account the risk factors, this concerns:

The risk policy states which customers (or types of customers) are assigned a risk "stamp" and which considerations and measures are involved. The data required for a client risk assessment is obtained by combining known client data with data obtained from external sources. The resulting risk assessment may also lead an institution to conclude that insufficient control measures are possible and that therefore certain risks should be avoided altogether.

Important factors for a good risk assessment

Important factors for a good risk assessment

An important factor for a thorough risk assessment is good data. Incorrect or incomplete (know-your-customer) data plays a major role in the creation of incorrect risk assessments and also causes unnecessary manual work.

A risk assessment model should be clear, whether the input is (largely) automatic in an integrated system or the information is entered by the consultant. Moreover, questions should be clear and not multi-interpretable. Consistent risk assessments are only possible if the assessment is based on facts and clear questions. To ensure this, an (automated) risk assessment based on configurable business rules is required. The risk assessment is free of form, which means that the institution determines the policy itself and the risk assessment is a reflection of this policy. This policy obviously differs per institution and per sector and is subject to innovative insights and regulations.

In order to demonstrate which criteria were used at the time of the risk assessment, for example during a check or audit, it is necessary that the criteria used can be requested at all times.

How does it work?

First you set up your own 'risk set' compliant with your own policy (or you can use a standard set provided by the software). Then, after entering the personal data, you can choose which risk assessment set you want to use, for example, natural persons. Then you fill in the additional data for the risk assessment and the person or organization is checked on all entered data and a risk conclusion is given (low, medium, high, no go).

Example of possible risk components

In the risk assessment of CDD On Demand you can enter the risk components yourself. This ensures that your own risk policy can be automated in the risk assessment. By this way you can link your own components to certain risk classifications. After you have entered all the parameters for all risk components, you are ready to perform the risk assessment. Basic sets are available for various industries.

Screenshot CDD On Demand

Example of risk components. In the risk assessment of CDD On Demand you can enter the risk components yourself.


Several risk country lists are checked. The FATF list and the high-risk country list of the European Union can be included in this check, among others.

Client (e.g. PEP)

The compliance check within the CDD On Demand solution automatically requests data from various sources about the person and/or organization you entered. The person and/or organization is checked on various points, ranging from PEP and sanction lists to insolvency registers.


You can determine the industry risk in two ways. 1) Use the list of the SBI codes of the Chamber of Commerce to assign different risk classifications to certain sectors 2) Enter a list of high-risk sectors yourself.

Purpose and nature of the relationship

Het doel en de aard van de relatie wordt bepaald door de doelstelling van de cliënt om klant te worden bij u. In het geval van een vermogensbeheerder kunt u hierbij bijvoorbeeld denken aan het vergroten van het vermogen, pensioensopbouw of sparen voor kinderen.


Beoordeelt of de cliënt een functie heeft met een hoger risico op witwassen of terrorismefinanciering. De input voor dit risicocomponent kunt u zelf aanleveren.

Distribution channel

Het distributiekanaal risico bevat de risico’s die vastkleven aan het kanaal waarop de cliënt in contact met u is gekomen. Sommige kanalen hebben een hoger risico dan andere kanalen. De manier waarop de diensten en producten aan de cliënt worden geleverd kunnen via directe- of indirecte distributie gaan. Directe distributie betekent dat de producten rechtstreeks aan de cliënt worden geleverd en niet door bijvoorbeeld een intermediair. Een webshop of verkoop via een intermediair is daarom indirecte distributie. Input voor dit risicocomponent kunt u zelf invoeren.

Source of wealth

De herkomst van het Vermogen van uw cliënt. Dit kan variëren van salaris tot overwaarde van een huis. In de risicobeoordeling set kunt u bepalen welke soorten herkomst van vermogen u wilt meenemen in de risicobeoordeling en welke risico’s aan de verschillende herkomsten zitten.

Why clients choose us?

Our valuable client Institute for Wealth Management provides the answer!

More information

SCOPE CDD On Demand Risk Assessment Solution