According to the CAMS Study Guide, the most commonly used risk criteria for assessing the money laundering and terrorist financing risks are country risk, customer risk, and product and service risk. These criteria are based on the FATF Recommendations and the Basel Committee's guidance on sound management of risks related to money laundering and financing of terrorism.
Country risk refers to the level of exposure to potential money laundering and terrorist financing activities in a specific jurisdiction, based on factors such as the quality of its AML/CFT regime, its level of corruption, its political and economic stability, its involvement in illicit activities, and its cooperation with international bodies.
Customer risk refers to the level of exposure to potential money laundering and terrorist financing activities associated with a specific customer or customer segment, based on factors such as the nature and purpose of the business relationship, the source and destination of funds, the type and volume of transactions, the customer's profile and behavior, and the customer's geographic location.
Product and service risk refers to the level of exposure to potential money laundering and terrorist financing activities associated with a specific product or service offered by a financial institution, based on factors such as the complexity, transparency, anonymity, and accessibility of the product or service, the delivery channels and payment methods used, and the degree of oversight and monitoring applied.
Reputation risk is not a risk criterion for assessing the money laundering and terrorist financing risks, but rather a potential consequence of failing to manage those risks effectively. Reputation risk refers to the potential damage to the public trust and confidence in a financial institution due to its involvement or association with money laundering and terrorist financing activities, whether directly or indirectly.
CAMS Study Guide, 6th Edition, Chapter 2: Risk Assessments, pp. 41-461
FATF Recommendations, Recommendation 1: Assessing Risks and Applying a Risk-Based Approach2 Basel Committee on Banking Supervision, Sound management of risks related to money laundering and financing of terrorism, June 2017, pp. 9-143

According to the Anti-Money Laundering Specialist (the 6th edition) study guide, one of the main challenges of providing on-line services to customers is the verification of theiridentity and the authentication of their transactions1. The lack of face-to-face contact and the use of electronic documents increase the risk of identity fraud, impersonation, and account takeover2. Therefore, financial institutions offering on-line services need to implement robust customer due diligence (CDD) measures, such as using multiple sources of information, verifying biometric data, and applying risk-based monitoring3.
1: CAMS Study Guide, 6th Edition, Chapter 4, Section 4.1, page 103
2: CAMS Study Guide, 6th Edition, Chapter 4, Section 4.2, page 104
3: CAMS Study Guide, 6th Edition, Chapter 4, Section 4.3, page 105

Law enforcement should obtain documentation from an institution when suspicious activity was identified by either requesting copies of the relevant documents from the accountable institution or acquiring a search warrant to obtain the documents. These are the legal and proper ways to access the supporting documentation that the institution is required to maintain for five years after filing a suspicious activity report (SAR). The institution must provide the documentation upon request by FinCEN or an appropriate law enforcement or supervisory agency, and should verify the identity and authority of the requestor. Law enforcement can also obtain a search warrant from a court if they have probable cause to believe that the documents contain evidence of a crime.
Suspicious Activity Report Supporting Documentation
Answers to Frequently Asked Questions Regarding Suspicious Activity Reporting and Other Anti-Money Laundering Considerations, Question 1.
Obtaining Documentation from an Institution: Law Enforcement Procedures Reference: https://www.federalregister.gov/documents/2010/12/03/2010-29869/financial-crimes-enforcement- network-confidentiality-of-suspicious-activity-reports

Reference data screening is a core element of AML/CFT programs and typically covers:
* Customers (B):"All customers must be screened against sanctions, PEP, and adverse media lists as part of onboarding and ongoing due diligence."(CAMS 6th Edition, Due Diligence and Screening)
* Third-party service providers (C):"Screening should extend to relevant third parties, such as agents and service providers, to prevent indirect exposure to sanctioned entities."(CAMS 6th Edition, Third- Party Screening; FATF Recommendations) Incorrect Options:
* A: Types of payment messages are not screened; the entities/individuals are.
* D: Customer spouses may be screened in some KYC processes but are not a standard dataset for reference screening.
References:
CAMS 6th Edition, Due Diligence and Screening
FATF Recommendations 10, 13, and 16

Funds transfers are electronic payments that move money from one account to another, either within the same financial institution or across different institutions, countries, or currencies1. Funds transfers are commonly used for legitimate purposes, such as remittances, trade, or investment, but they can also be abused by money launderers, terrorists, or fraudsters to move illicit funds or conceal their origin or destination2. Therefore, financial institutions and other entities that offer funds transfer services are required to apply anti-money laundering and counter-terrorism financing (AML/CFT) measures, such as customer due diligence, transaction monitoring, record-keeping, and reporting of suspicious activities2.
One of the red flags for funds transfers that may indicate money laundering or other criminal activity is when funds transfers are repeatedly sent to the same beneficiary out of line with the business purpose3. This could suggest that the originator and the beneficiary are colluding to layer or integrate illicit funds, or to evade reporting or sanctions requirements. For example, a business may send multiple funds transfers to the same supplier, but the amounts or frequencies do not match the invoices or contracts, or the supplier is located in a high-risk jurisdiction or is subject to sanctions. Alternatively, an individual may send frequent funds transfers to the same person, but the relationship or the reason for the transfers is unclear or inconsistent, or the person is associated with a criminal or terrorist organization. In such cases, the financial institution or the funds transfer service provider should conduct enhanced due diligence, verify the source and purpose of the funds, and report any suspicious activity to the relevant authorities.
1: Wire Transfer Definition - Investopedia
2: International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation - The FATF Recommendations | FATF
3: Wire Transfer Red Flags: Money Laundering & Fraud Risks - Alessa1
Reference: https://www.fmu.gov.pk/docs/Red-flags-for-banks.pdf