A financial institution's customer risk-rating model is foundational to its risk-based Anti-Money Laundering (AML) program. A customer's country of origin is a critical data point in this model. Iran is designated as a high-risk jurisdiction by the Financial Action Task Force (FATF) and is subject to significant international sanctions. Conversely, Ireland is a low-risk, FATF-member country. By incorrectly recording the customer as being from Ireland, the risk-rating system will apply the low-risk weighting associated with Ireland instead of the high-risk weighting for Iran. This directly and immediately results in the customer being assigned a significantly lower risk score (fewer risk points) than is appropriate.

B. prohibited from funding a new account.

This is incorrect. The erroneously low-risk rating would likely lead to reduced scrutiny, making it easier, not more difficult, for the customer to fund an account.

C. disallowed from opening new accounts.

This is incorrect. A low-risk classification would facilitate, rather than prevent, account opening, likely subjecting the customer to simplified due diligence measures.

D. not screened against applicable sanctions lists.

This is unlikely to be completely true. Most institutions screen all customers against core sanctions lists (e.g., OFAC SDN) at onboarding, regardless of nationality. While the error might prevent screening against Iran-specific lists, the most direct and certain outcome is the incorrect risk scoring.

1. Financial Action Task Force (FATF). (2023). International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation – The FATF Recommendations. FATF

Paris

France.

Reference: Interpretive Note to Recommendation 10 (Customer Due Diligence)

Paragraph 5(d)(i). This section explicitly lists "the customer’s country of origin" as a key variable for determining the level of customer risk. This confirms that an error in this data field directly impacts the risk assessment.

2. The Wolfsberg Group. (2015). Frequently Asked Questions (FAQs) on Risk Assessments for Money Laundering

Sanctions and Bribery & Corruption.

Reference: Page 6

Section "Country/Geographic Risk." The document states

"A FI’s risk assessment should include an assessment of the risks associated with the countries in which it operates and the countries its customers are from/in." This establishes the country of origin as a fundamental pillar of the risk assessment process

which is quantified through risk points.

3. Basel Committee on Banking Supervision. (2014). Sound Management of risks related to money laundering and financing of terrorism. BCBS Paper No. 275.

Reference: Annex 2

Paragraph 11(a). This guidance lists "country of origin and residence" as primary risk factors for assessing customer risk profiles. An incorrect country input would therefore lead to a flawed risk profile calculation.