1. Each Member State shall take appropriate steps to identify, assess, understand and mitigate the risks of money laundering and terrorist financing affecting it, as well as any data protection concerns in that regard. It shall keep that risk assessment up to date.
2. Each Member State shall designate an authority or establish a mechanism by which to coordinate the national response to the risks referred to in paragraph 1. The identity of that authority or the description of the mechanism shall be notified to the Commission, to EBA, and to the other Member States.
4. As regards the risk assessment referred to in paragraph 1, each Member State shall:
(a) use it to improve its AML/CFT regime, in particular by identifying any areas…