Risk-based approach
The risk-based approach is also the guiding principle of the Anti-Money Laundering Act for risk management as a whole. According to this, there are no rigid requirements; instead, you should be able to react to the specific risks in your company or law firm with appropriate precautions. The higher the risks of money laundering and terrorist financing, the more extensive the necessary measures must be.
Risk analysis
An essential basis for your individualised money laundering prevention is the risk analysis. The risk analysis can also be described as the "centrepiece" of individual money laundering prevention. The aim is to identify and assess the existing risks of money laundering and terrorist financing in the company or law firm. You must document the risk analysis, update it regularly and make it available to the supervisory authority on request.
Internal security measures
The internal security measures initially include internal principles, procedures and controls that you must set up. You must also check whether a money laundering officer needs to be appointed in your law firm or company. Employees must be checked for their reliability. You must also provide your employees with initial and ongoing training on typologies, current methods of money laundering and terrorist financing and the relevant regulations and obligations. If necessary, you must take precautions when using new technologies or products. An internal whistleblowing system must be set up. An independent review of policies and procedures may also be necessary.
Deutsch 
English (UK)