Every case in Workflow requires a risk assessment. This is a legal requirement under the AML/CTF Act. You must assess the risk level of each client as part of your Customer Due Diligence obligations and, depending on the situation a Case assessment is also required.
Two assessments per case
Workflow includes two separate risk assessments per case:
Type | What it assesses |
Case risk assessment (Listing or Matter) | The risk associated with the legal matter or property itself |
Client risk assessment | The risk associated with the individual client |
It is typically recommended to complete both before marking a case as complete. Speak to your compliance officer internally regarding the use of Case risk assessments and if they are required.
How to open the risk assessment
Open the relevant case
Click the Listing or Matter Risk Assessment tab in the case workspace
The appropriate template will load with a series of risk assessment questions
Completing the assessment
The risk assessment is a questionnaire. Work through each question and answer Yes or No based on what you know about the client or transaction.
You don't need to research beyond what you already know from your normal business dealings. Answer based on the information you have.
How risk is scored
Workflow uses a weighted scoring system. This means not every "Yes" answer carries the same weight, and a single "Yes" doesn't automatically mean high risk. Risk is calculated cumulatively across all your answers.
Low risk — few or no risk factors identified
Medium risk — a moderate number of risk factors present
High risk — multiple significant risk factors identified
What happens after the assessment
Workflow displays the risk result once the assessment is submitted.
Result | What to do next |
Low risk | No further action required. The case can proceed to completion. |
Medium risk | You may need to collect source of funds document from the client. |
High risk | Source of funds and potentially source of wealth documentation is required before completing the case. |
Saving the result
The completed risk assessment is automatically saved to the case record. It forms part of the audit trail and can be reviewed by your compliance auditor.
Tips
Complete the assessment as early as possible — don't leave it until the transaction is closing; do it at the point of engagement
Document your reasoning — if you've made a judgement call on any question, use the Notes tab to record your reasoning. This is especially important for medium and high-risk outcomes, and for any overrides
Both assessments count — make sure you've completed the listing risk assessment and the client risk assessment before marking the case complete
Related articles