In a recent address to FinCEN’s Bank Secrecy Act Advisory Group, Deputy Secretary of the Treasury Michael Faulkender outlined the guiding principles behind the modernisation of the Bank Secrecy Act. Top of the list: making sure regulation strikes the right balance between cost, effectiveness, and meets the core goals of financial system stability and consumer protection.
At the heart of this reform is the application of a risk-based approach—recognising that no two organisations face the same threats. Rather than applying the same level of scrutiny to every customer or transaction, financial institutions are expected to direct more attention and resources to higher-risk individuals and activities, supported by a formal risk assessment. This smarter, more targeted approach enables firms to operate more efficiently while focusing on where the real risks lie.
What does a risk-based approach look like?
A risk-based approach—first adopted by the FATF Recommendations in 2014—reflects the reality that each financial institution has a unique risk profile, shaped by its client base, sector focus, and geographic exposure.
Rather than imposing uniform controls, this model allows firms to tailor their AML/CFT frameworks to their size, business model, and complexity—provided policies are well-documented, consistently applied, and regularly reviewed.
The risk-based approach expects that businesses will focus their resources on customers posing high risks to ensure that these are properly mitigated and monitored.
Why it matters to fund managers
For private markets fund managers raising capital from an increasingly diverse investor base, a risk-based approach is essential—not only to meet compliance obligations but to do so efficiently and at scale.
It avoids the cost and friction of applying one-size-fits-all due diligence, allowing compliance teams to focus attention on areas that genuinely present elevated risk—for example, investors with complex structures, ties to high-risk jurisdictions, or exposure to sensitive sectors.
Importantly, it also improves the investor experience. Low-risk investors are subject only to proportionate due diligence, while risk profiles are reviewed and updated throughout the lifetime of the relationship.
How Sonata One can help
Sonata One has established a comprehensive framework to assess the risk profiles of our clients’ customers, leveraging the data held in our platform. Key elements covered by this framework include:
- Country risk – Enhanced due diligence for investors or transactions linked to high-risk jurisdictions
- Activity/sector risk – Screening for exposure to higher-risk sectors such as crypto-assets, gambling, or real estate development
- PEP status – Identification and escalation of politically exposed persons
- Sanctions and adverse media – Real-time screening for listed individuals or entities and negative news coverage
- Ownership structures – Deeper scrutiny of opaque nominee or trust arrangements
Clients benefit from:
- Approved investor profiles with indicative risk ratings and documented rationale
- Requirements which adapt to the customer risk, including enhanced customer due diligence applied for high-risk investors.
- Visibility of ultimate beneficial ownership in relation to investors, co-investors, and other connected parties, reducing blind spots in ownership and control
- Daily screening of all profiles on our platform against sanctions, PEPs, and law enforcement or regulatory activity
.
- Ongoing MLRO support tailored to the specific risk profile of your fund(s), including regular board and regulatory reporting
Want to understand your investor risk exposure?
Explore our KYC solutions or contact our team to find out how many of your investors already hold profiles on our platform
