.svg)
AML risk scoring factors – behavioural change focus | Napier AI
Static risk scoring for anti-money laundering (AML) clients has an obvious limitation: it only provides a snapshot in time. In practice, clients evolve and their behaviour changes, which can substantially alter their risk level. That is why at Napier AI we advocate a dynamic, behaviour-based approach that detects material signs of change and continuously adjusts risk.
Below are ten key factors for assessing customer risk, understood not as permanent labels, but as indicators that should be monitored over time.
1. Customer type and profile
The initial customer category (individual, corporate, HNW, NPO) helps establish a baseline, but the actual risk is not defined by a static label but rather by the evolution of their behaviour. The danger arises when actions deviate from what is expected for their profile.
Example: A low-risk retail customer begins to make frequent, high-value transactions. With dynamic monitoring tools and risk-based scorecards, this change is detected and generates an alert that adjusts the rating and triggers an immediate review.
2. Geographic and jurisdictional risk
Country risk is not static and can change rapidly due to sanctions, political instability or regulatory changes. Therefore, continuous and real-time monitoring is essential to identify deviations in clients' geographical exposure.
Example: A UK-based company begins making transfers to a recently sanctioned jurisdiction. With dynamic assessment tools, this change is detected immediately, the risk score is adjusted, and an enhanced customer review is triggered.
3. Transaction amount and frequency
Changes in transaction volume and speed are one of the clearest signs of emerging risk. A sudden increase in frequency or amounts may indicate unusual activity that requires immediate attention.
Example: An account that has been inactive for months begins to execute multiple large-value transfers over the course of a week. With dynamic transaction monitoring tools, this pattern is quickly identified, the customer's risk rating is adjusted, and an alert is generated for investigation.
4. Product or service usage shifts
The risk increases when a customer moves from using simple products to more complex or higher exposure services, as this may reflect a change in their financial profile or intentions.
Example: A customer who only had a savings account begins to frequently use prepaid cards and digital wallets. In this case, a dynamic assessment system not only adjusts the risk score, but also recommends an enhanced due diligence review, helping compliance teams prioritise these types of alerts over other less relevant cases.
5. Adverse media, sanctions and PEP status
New adverse media, a new PEP designation, or inclusion on sanctions lists can immediately change a customer's risk level. These situations must be detected and managed quickly to avoid exposure to sanctions or regulatory non-compliance.
Example: A company classified as low risk appears in the media linked to a corruption case. With continuous monitoring and multi-configuration screening, the system adjusts the score in real time and applies specific rules to the affected customer segment. This allows the alert to be automatically prioritised and provides the compliance team with a traceable workflow to validate the news, update the file, and decide whether to escalate the case.
6. Onboarding vs. ongoing behaviour
A customer may start the relationship with a low-risk profile after onboarding, but that classification does not guarantee that their behaviour will remain stable over time. The real risk is revealed in how their activities evolve.
Example: A five-year-old customer suddenly begins making unusual, high-volume international transfers. With dynamic monitoring, this change is detected immediately and the risk score is updated, triggering an out-of-cycle review and preventing an initially secure customer from becoming misaligned with current controls.
7. Transaction behaviour patterns / velocity
It is not only how much a customer transacts that matters, but also how they do so. Changes in complexity, speed, or counterparties can be a clear sign of emerging risk that needs to be assessed.
Example: An account that has remained stable begins sending multiple cross-border transactions every day. With a dynamic monitoring system, this anomalous pattern is quickly identified, and the risk is recalibrated, generating a prioritised alert so that the compliance team can analyse whether this is suspicious activity or a legitimate change in the customer's business.
Why behaviour changes matter – Napier AI’s approach
AML risks are not defined by static labels but by how customer behaviour evolves over time. Factors such as customer type, geography, transaction volume, product usage or the emergence of adverse media are key signals, but they are only valuable if observed in their dynamics and not as a snapshot.
Napier AI enables organisations to detect these variations with continuous monitoring tools, configurable scorecards, and multi-configuration capabilities in screening, ensuring that every material change translates into an automatic and traceable adjustment of the risk profile. Our Perpetual Client Risk Assessment (pCRA) solution takes this approach one step further, integrating internal and external data to provide a comprehensive, explainable view that is always aligned with regulatory requirements.
The result is a living risk model that reduces false positives, prioritises truly relevant cases and empowers compliance teams to act quickly and confidently.
See Napier AI in action – book a demo today and discover how dynamic risk scoring can sharpen your AML compliance.
Contents./
- Get access to bi-monthly newsletters with insightful reads and curated regulatory news
- Be the first to receive our latest whitepapers, eBooks and podcasts
- Get invited to exclusive events, featuring AML compliance experts from across the industry
