In applying a risk rating consider how you will deal with clients to mitigate money laundering and terrorism financing risks. 

In Step 2 Use your accounting program of AUSTRAC’s accounting program starter kit, is a table of common risks, how to rate them and controls to have in place. 

That table is replicated below:

Rating - Low

Criteria	Risk factors
Does not meet high or medium risk criteria	Client is not medium or high risk
Controls	Review
Simplified CDD	Every 3 years

Rating - Medium

Criteria	Risk factors
Two or more medium risk factors, or You identify other reasons for high risk	High value transactions Domestic of international organisation politically exposed persons (PEPs) A third party not enrolled with AUSTRAC represents the client that may effectively disguise who owns or controls property Customer is a charity or non-profit organisation
Controls	Review
Initial CDD	Every 3 years

Rating - High

Criteria	Risk factors
One or more high-risk factors, or You identify other reasons for high risk	Unusual physical currency or virtual asset transactions Requesting a service that has no apparent economic or legal purpose or involves unusually large or complex transactions Information suggests client has engaged in criminal activity Residents or other persons located in a high-risk country Foreign politically exposed persons (PEPs) Complex or unusual legal structure used that may effectively disguise who owns or controls property Delivery channels which make it difficult to establish the client is who they claim to be Unexplained wealth
Controls	Review
Enhanced CDD Source of funds and source of wealth check Adverse media check Verify practice relationship Senior manager approval	Annual

Ongoing monitoring is based on your initial risk rating though an earlier review may be triggered by other events. For example, requesting to set up a company which has no apparent commercial reason, enquiring about what you need to report to government authorities or avoiding face-to-face meetings.

AUSTRAC provides Risk insights and indicators of suspicious activity for accountants which outlines risks across kinds of clients, services, delivery channels and foreign jurisdictions.