Print Article

Wolfsberg Group Guidance on Digital Customer Lifecycle Risk Management


Customers today expect to engage their financial institution (FI) and manage their finances via their digital devices, and prospective customers also increasingly expect to become customers via their digital devices.

The challenge then to the FI is clear:

  • How to manage the financial crime risks associated with non-face-to-face digital engagement effectively?

Establishing a reasonable and risk-based set of controls is one of the three Wolfsberg Effectiveness Factors, and within that context, the need to prioritise resources and enhance controls

Technology can enable an FI to meet both customer expectations on digital engagement and prioritise resources in an effective, risk-based manner.

Digital approaches to customer lifecycle risk management, if defined and calibrated responsibly, provide the FI with an opportunity to

  1. Build a dynamic understanding of customer risk,
  2. Refresh relevant customer information on a targeted basis, and
  3. Pursue new customers – including the financially excluded - without face-to-face interaction while focusing resources to address genuine financial crime threats.

This Wolfsberg Group Guidance on Digital Customer Lifecycle Risk Management provides the below considerations for an FI seeking to achieve this ambition:

  1. Build a more holistic customer profile via a more comprehensive concept of identity attributes that complements the elements required under AML/CTF regulation, in line with customer consent and applicable data protection regulation.
  2. Map the variables behind the holistic customer profile to internal or external data sources capable of alerting the FI to a possible change or deviation from the expected value of any particular data point or attribute.
  3. Leverage the ability to better detect changes and deviations in the customer profile to evolve from traditional periodic refresh cycles to a more effective trigger-based approach.
  4. Recognise that reaching the requisite level of robustness in building the underlying customer profile and ensuring adequate assurance levels on underlying systems are both risk-based decisions, where, for example,
    • Certain local conditions, including support for financial inclusion initiatives from competent authorities, may warrant distinct identification, verification, and authentication approaches for certain types of relationships.
  5. Collaborate with governments on digital initiatives to increase access to high-quality identity data, promote interoperability, and facilitate access to financial services.



The Team

Meet the team of industry experts behind Comsure

Find out more

Latest News

Keep up to date with the very latest news from Comsure

Find out more


View our latest imagery from our news and work

Find out more


Think we can help you and your business? Chat to us today

Get In Touch

News Disclaimer

As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email