
Calculating an AML risk score - what changes under AMLR 2027
An AML risk score tells you how much risk each customer carries, and when that risk changes. Most compliance teams calculate one at onboarding, and update it manually.
However, from July 2027, for businesses operating in the EU, that won't be enough.
The EU AML Regulation introduces hard maximum intervals for ongoing due diligence: one year for high-risk customers, five years for all others. It also makes event-driven reviews mandatory: when a customer's circumstances change, a review needs to open automatically.
A risk score that responds to new data in real time becomes the baseline under AMLR.
How to build your risk scoring model and calculate a risk score
Introduction
Identifying and responding to the most critical risks in your company is essential for maintaining your AML risks. One effective way to achieve this is by calculating a risk score for your customers.
This blog post will walk you through the essentials of creating an AML risk score: what they are, how to calculate them, and how to use them effectively.
Keeping Customer Information Up to Date
Maintaining up-to-date information on your customers is a critical procedure for your company. As new information is retrieved from various sources, it is essential to remember that the risk associated with your customers can change. Calculating a risk score continuously and in real-time enables you to act on different risks promptly.
Understanding and Identifying Risk Factors
Risk factors are elements that your company considers to be potential risks. Examples include Politically Exposed Persons (PEPs), high-risk geographical areas, and cash-intensive businesses. Identifying these risk factors accurately requires a thorough understanding of your business and the types of risks it faces from different perspectives. Common areas for evaluating risks include product, service, transaction, delivery channel, geographical, and customer risks.
To properly identify your risks, your company should have a robust procedure in place. This procedure should ensure the inclusion of all necessary stakeholders to guarantee a comprehensive risk identification process.
Assessing your Risk Factors
Once you have identified your risk factors, the next step is to assess the inherent risk associated with each one. This involves evaluating the likelihood of each risk occurring and the potential impact on your business if it does.
Likelihood Rating
The likelihood rating estimates the frequency with which a risk event might occur over a 12-month period. This rating is subjective and relies on the expertise and experience of the assessor. A typical likelihood scale ranges from 1 to 5:
1 (Rare <5%): Very unlikely to occur/hasn’t occurred before
2 (Unlikely 5-10%): Unlikely to occur under normal circumstances
3 (Possible 10-50%): Possible to occur
4 (Likely 50-90%): Likely to occur
5 (Almost certain >90%): Almost certain to occur
Impact Rating
The impact rating estimates the potential aggregate impact of a risk event, considering the effectiveness of current controls. Factors to consider include additional costs, reputational damage, penalties, fines, and fees. The impact scale also ranges from 1 to 5:
1 (Insignificant)
2 (Minor)
3 (Moderate)
4 (Major)
5 (Significant)
Combining Likelihood and Impact
After assessing the likelihood and impact of each risk factor, you can use a matrix to determine the inherent risk of each factor. The matrix cross-references the likelihood and impact scores to categorize the risk as Low, Medium, High, or Extreme.
Implementing Risk Scores for Your Customers
Once you have calculated the risk scores for each risk factor, the next step is to apply this model to your customer base. This involves assigning a percentage weight to each risk factor based on its relative importance. Ensure that no single factor unduly influences the overall score and that it is possible for a customer to be classified as the highest risk.
The total weight of all risk factors must sum to 100%. By completing this process, you will have successfully implemented a risk score model for your customers, allowing for better risk management and compliance.
Conclusion
By calculating and continuously updating risk scores, your company can proactively manage AML risks. This systematic approach helps in identifying high-risk customers and taking appropriate actions to mitigate potential threats, ensuring your company's security and compliance.
For more detailed insights and tools on AML risk scoring, contact us at Bits Technology and we will guide you through to set up a risk score model in our tool.
Read more

Live in a week: Always Summer launches compliance infrastructure with Bits.

Bits raises €12M Series A to unify AML for European fintechs

0TO9 chose Bits’ compliance infrastructure to power Europe’s next generation of fintechs

How to Calculate an AML Risk Score — Variables, Weights & AMLR 2027

Walley selects Bits as strategic compliance partner to fuel merchant growth

Alisa Bank selects Bits Technology to power compliant onboarding and drive strategic expansion

Bringing Clarity to Complexity: How We're Transforming Entity Relationship Mapping

Fondo partners with Bits Technology to power compliant onboarding for investment customers

Growth through compliance: How leading fintechs turn regulation into acceleration

Lesslie Turns Compliance into a Growth Engine with Bits

Lawster partner with Bits Technology to simplify compliant legal client onboarding in the Nordics

Brite Payments Selects Bits Technology to Transform Onboarding and Drive Trust at Scale

Coinmotion Selects Bits Technology in 5-Year Deal to Drive Growth Through Compliance

Welcoming Philip Ternhem - Our New Head of Sales at Bits Technology

Eliminating Multi‑Week Onboarding Lead Times

Outsmarting AI fraudsters: a new approach for compliance teams

Bits AI: The Future of Compliance is Here

Qliro Expands Merchant Growth with Streamlined Onboarding and Compliance Powered by Bits Technology

Limitless growth in a regulated world

Bits Technology partners with Cardlay to deliver enhanced KYC and compliance capabilities

Mimo Partners with Bits Technology to Simplify Onboarding and Compliance for SMBs

Tioex Partners with Bits Technology to Enhance Customer Onboarding and Compliance

CleverCards enhances its customer onboarding with integration of Bits Technology

Cardboard Partners with Bits Technology to Streamline Onboarding and Expand SaaS Expense Management Across Europe

Bits Technology launches automated KYB in Italy

How Bits' Customizable AML Screening and Monitoring Safeguards Your Business with a Risk-Based Approach

Holistic Identity Profiles - the Future of KYC and KYB

Why You Shouldn’t Build This Yourself

Bits Technology and Coface Announce Strategic Partnership to Enhance Credit Reporting Capabilities

Bits Technology expands into the UK market by launching automated business verification

Bits Technology unveils AI-powered tools to revolutionize compliance efficiency

Product feature: User journey

Our Partnership with Cool Company

Product feature: No-code theming

Our Partnership with Ledyer

Our Partnership with booksalon

Our Partnership with Vaulter

Our Partnership with Veriff

The Complexity of Juggling Multiple Data Sources

