14. In accordance with the updated Core principles for effective banking supervision (2012), all banks should be required to "have adequate policies and processes, including strict customer due diligence (CDD) rules to promote high ethical and professional standards in the banking sector and prevent the bank from being used, intentionally or unintentionally, for criminal activities". [See BCP 29 inCore principles for effective banking supervision, September 2012.] This requirement is to be seen as a specific part of banks' general obligation to have sound risk management programmes in place to address all kinds of risks, including ML and FT risks. "Adequate policies and processes" in this context requires the implementation of other measures in addition to effective CDD rules. These measures should also be proportional and risk-based, informed by banks' own risk assessment of ML/FT risks. This document sets out guidance in respect of such measures. In addition, other guidelines (see paragraph 8 above) are applicable or supplementary where no specific AML/CFT guidance exists.