New Entity Review in AML is the initial, comprehensive risk assessment and verification conducted on prospective customers or business entities prior to account opening or relationship establishment. It involves collecting and validating identity information, screening against watchlists, and assigning a risk rating to mitigate illicit finance risks. This process distinguishes itself from ongoing monitoring by focusing exclusively on the onboarding phase, ensuring no high-risk entities slip through undetected.
Purpose and Regulatory Basis
New Entity Review prevents criminals from exploiting financial systems by identifying risks at entry, enabling institutions to apply appropriate controls like enhanced due diligence (EDD) for high-risk cases. It supports broader AML goals of detecting suspicious patterns early, reducing exposure to sanctions violations, and protecting institutional integrity. Key regulations include FATF Recommendations 10 and 12, mandating CDD for all customers; the USA PATRIOT Act Section 326, requiring verified customer identification programs (CIP); and EU AML Directives (AMLDs), particularly 6AMLD, which enforce risk-based onboarding with national risk assessments every four years.
When and How it Applies
Institutions trigger New Entity Review upon receiving onboarding applications, such as new account openings, partnerships, or high-value transactions. Real-world use cases include a corporate client from a high-risk jurisdiction applying for trade finance, prompting sanctions and PEP screening, or a dormant account reactivating with large cash deposits, flagging inconsistent activity. Application involves automated tools for initial screening followed by manual review if alerts arise, ensuring decisions align with the institution’s risk appetite.
Types or Variants
Standard New Entity Review applies basic CDD for low-risk entities, verifying name, address, and purpose via documents like passports or incorporation certificates. Enhanced variants target high-risk profiles, such as PEPs or those from FATF grey-listed countries, incorporating source-of-funds verification and adverse media checks. Simplified due diligence suits low-risk cases like established local retailers, minimizing documentation while maintaining basic screening.
Procedures and Implementation
Institutions implement New Entity Review through a multi-step process: initiate with customer data collection (e.g., ID, UBO details); conduct automated screening against OFAC, PEP, and sanctions lists; perform risk scoring based on geography, industry, and transaction intent; approve, reject, or escalate for EDD. Systems like AI-driven platforms integrate biometric verification and real-time monitoring, with policies requiring senior management approval for high-risk onboardings. Training ensures staff recognize red flags, while audits validate control effectiveness.
Impact on Customers/Clients
Customers experience delays during verification, such as document resubmissions or temporary account holds, but retain rights to transparent explanations under data protection laws like GDPR. High-risk clients face restrictions like transaction limits until EDD clears, potentially leading to onboarding drop-off if processes exceed reasonable timelines. Positive interactions arise from streamlined digital onboarding, balancing compliance with user-friendly experiences.
Duration, Review, and Resolution
Initial reviews typically complete within 24-72 hours for standard cases, extending to weeks for EDD due to investigations. Periodic re-reviews occur annually or upon triggers like address changes, with ongoing obligations including transaction monitoring. Resolution involves approval with mitigation plans, rejection with appeal rights, or SAR filing if suspicions persist.
Reporting and Compliance Duties
Institutions document all reviews, retaining records for five years minimum, and file SARs for unresolved suspicions via FIUs. Compliance duties encompass appointing a dedicated officer, annual policy updates, and audit trails for regulators. Penalties for lapses include fines up to 10% of turnover or €10M under EU rules, plus reputational damage.
Related AML Terms
New Entity Review integrates with Customer Due Diligence (CDD) as its onboarding subset, feeds into Enhanced Due Diligence (EDD) for escalations, and triggers Suspicious Activity Reporting (SAR) if risks materialize. It aligns with Know Your Customer (KYC) for identity focus and Ongoing Monitoring for post-onboarding continuity, forming a layered AML defense.
Challenges and Best Practices
Challenges include manual bottlenecks delaying onboarding, multilingual adverse media, and evolving ownership structures in complex entities. Best practices involve adopting AI for fuzzy matching and NLP in screening, conducting regular risk assessments, and fostering cross-departmental training to reduce false positives by 30-50%. Automating UBO verification via APIs addresses data gaps effectively.
Recent Developments
Technological advances like digital ID and agentic AI streamline reviews, enabling real-time onboarding per FATF’s 2025 tech report. EU AML Package introduces AMLA for cross-border coordination from 2027, mandating unified rules and FIU data-sharing. US enhancements post-PATRIOT Act emphasize beneficial ownership transparency via FinCEN rules.
New Entity Review remains vital for robust AML compliance, safeguarding institutions against financial crime at the relationship outset.