(1) A designated person shall carry out an assessment (in this Act referred to as a 'business risk assessment') to identify and assess the risks of money laundering and terrorist financing involved in carrying on the designated person's business activities taking into account at least the following risk factors:
(a) the type of customer that the designated person has;
(b) the products and services that the designated person provides;
(c) the countries or geographical areas in which the designated person operates;
(d) the type of transactions that the designated person carries out;
(e) the delivery channels that the designated person uses;
(f) other prescribed additional risk factors.
(2) A designated person carrying out a business risk assessment shall have regard to the following:
(a) any information in the national risk assessment which is of relevance to all designated persons or a particular class of designated persons of which the designated person is a member;
(b) any guidance on
…