Section 7D: Provisions for the Risk Assessment and Management

1) The reporting entity shall identify and assess risks of Money Laundering  and Terrorist Finance  in accordance with its business or profession, scope, customer, products or services, transactions or delivery channel, etc

2) The reporting entity, while conducting risk assessment pursuant to sub-section (1), shall also take into account the findings of the national and regulatory risk assessment.

3) The reporting entity shall, while conducting risk assessment pursuant to sub-section (1), determine the level of risks by analysing all relevant risk factors

4) The reporting entity shall maintain records of the conclusion of risk assessment and all related details and information.

5) The reporting entity shall conduct and update the risk assessment pursuant to subsection (1) periodically or as per necessity.

6) The reporting entity shall make available to the Regulator any risk assessment undertaken pursuant to subsection (4) and also make it available to other concerned agencies upon demand.

7) The Reporting entity shall undertake customer due diligence measures in accordance with the level of risks as identified pursuant to this section, establish appropriate policy, procedural, and risk management measures to manage and mitigate such risks and update such measures.

8) The reporting entity shall regularly monitor the execution of policy, procedural, and risk management measures pursuant to sub-section (7) to ascertain whether they are in implementation or not.