What is risk management under the German Anti-Money Laundering Act (GwG)?

Risk-Based Approach

The risk-based approach is the guiding principle for all aspects of risk management under the German Anti-Money Laundering Act (GwG). Rather than imposing rigid rules, the law requires obliged entities to respond to specific risks within their company or law firm with appropriate and proportionate measures. The higher the risks of money laundering or terrorist financing, the more extensive the required measures must be.

Risk analysis

A key element of your individual AML compliance framework is the risk analysis. It is often referred to as the “core” of any effective money laundering prevention system. The purpose of the risk analysis is to identify and assess the specific risks of money laundering and terrorist financing within your company or law firm. You are required to document the risk analysis, update it regularly, and make it available to the supervisory authority upon request.

Internal Safeguarding Measures

Internal safeguarding measures include internal policies, procedures and controls that must be implemented. In addition, you must assess whether the appointment of a money laundering reporting officer (MLRO) is required within your firm or company. Employees must be assessed for reliability. Furthermore, they must receive initial and ongoing training on typologies, current methods of money laundering and terrorist financing, as well as relevant legal obligations and duties. Where applicable, appropriate safeguards must be put in place when using new technologies or offering new products. An internal whistleblower system must also be established. Depending on the circumstances, an independent audit of the policies and procedures may be necessary.