Model answer:

• Compare new activity with the customer's stated occupation, income, and expected profile.
• Check whether any event (promotion, inheritance, asset sale) can justify the increase.
• Reach out through the appropriate channel to obtain SOF and supporting documentation.
• If explanations remain weak or inconsistent, escalate to Compliance and consider suspicious activity reporting in line with policy.

Model answer:

• Apply EDD: deeper checks on UBOs, senior management, and key controllers.
• Obtain more detailed SOF/SOW and evidence of legitimate business activities.
• Review regulatory and enforcement history of the jurisdiction and the customer.
• Seek senior management approval and define tighter monitoring thresholds if the relationship proceeds.

Model answer:

• Gather all available identifiers: full name, aliases, DOB, nationality, position held, jurisdiction.
• Compare against the customer's KYC information, including historical addresses and employment.
• Check additional reputable sources (official government sites, reputable news) to confirm or dismiss the link.
• If doubt remains, treat as a possible PEP, apply EDD, and escalate for second-level review.

Model answer (high-level):

• Immediately verify the accuracy of the match using multiple identifiers.
• If confirmed, follow internal sanctions procedures (e.g., freeze transactions/assets where required).
• Trigger an immediate EDD review of the customer's KYC file and past activity.
• Support mandatory reporting to relevant authorities and document all steps thoroughly.

Model answer:

• Review multiple sources for updates: were charges dropped, settled, or is there a conviction?
• Consider the seriousness of the allegation (fraud, corruption, organized crime vs minor issues).
• Look at the customer's recent track record: regulatory actions, litigation, business behavior.
• Document the context clearly and, if risk remains ambiguous, escalate for a joint decision with Compliance.

Model answer:

• Highlight discrepancies and request updated, official corporate documentation from the customer.
• Cross-check with additional independent sources if available (filings, audited accounts).
• Ask for an updated ownership chart signed by an authorized officer.
• If the customer cannot reconcile the conflict satisfactorily, treat it as a red flag and escalate; onboarding or review should not be completed until resolved.

Model answer:

• Ask for breakdown of major contracts, counterparties, and invoices that explain revenue.
• Request financial statements and, where possible, tax filings or audited accounts.
• Check whether business model and sector norms support such volumes.
• If explanation remains weak or suggests front/shell activity, recommend EDD, closer monitoring, or declining the relationship.

Model answer:

• Trigger an event-driven KYC review to update customer profile and documentation.
• Obtain explanation and SOF for the new activity (e.g., new job, business contract).
• Check counterparties, jurisdictions, and purpose of payments for risk indicators.
• Based on findings, adjust risk rating, monitoring thresholds, or consider filing a suspicious activity report if concerns persist.

Model answer:

• Map the group structure to understand ownership and control relationships.
• Check whether all entities have genuine business purposes or some appear to be shells.
• Assess risk at both customer level and group level (concentration, geographic, sector risk).
• Coordinate with group-level or central KYC team (if exists) to ensure consistent approach and monitoring.

Model answer:

• Validate the customer's business model, suppliers, and buyers – are they consistent with declared NOB?
• Check goods type for dual-use or sanctions-related risks.
• Review invoices, transport documents, and counterparties for reasonableness.
• Consider additional EDD and closer transactional monitoring given the geographic risk.

Model answer:

• Diversion of funds to armed groups or sanctioned entities.
• Lack of transparency in ultimate beneficiaries and field partners.
• Weak oversight and governance due to operating environment.
• Need for EDD, including program-level information and independent verification where possible.

Model answer (KYC view, not technical):

• Licensing/registration status and regulatory oversight in their jurisdiction.
• Strength of their own KYC/AML framework for their end customers.
• Ownership and control structure, including UBOs and senior management.
• Jurisdictions and customer segments they serve (retail, institutional, high-risk regions).
• Decision whether risk appetite allows this relationship and what EDD/monitoring is needed.

Model answer:

• Explain that PEP status automatically requires EDD, regardless of revenue potential.
• Collect strong SOW evidence: career history, business holdings, asset disposals, etc.
• Design an enhanced monitoring plan and set the customer as high risk in systems.
• Ensure senior management acknowledges and approves the relationship after documented risk assessment.

Model answer:

• Summarize all relevant information: nature of allegations, timeline, jurisdiction, and sources.
• Check for official actions (indictments, convictions, settlements).
• Update the risk assessment and propose a risk rating change if needed.
• Escalate to Compliance or a higher KYC approval forum, recommending EDD and, where risk is extreme, declining or exiting the relationship.

Model answer (high level):

• Identify and verify the settlor (who contributed the assets).
• Identify and verify the trustee(s), as they control the assets.
• Assess the role of the protector and any person with powers to appoint/remove trustees.
• Identify beneficiaries (especially those with current or vested rights) and obtain details in line with policy.

Model answer:

• Increased opacity: the law firm might be acting as a nominee, making UBO identification harder.
• Risk that underlying beneficial owners are hidden behind professional intermediaries.
• Need for look-through to identify the real individuals benefiting from or controlling the company.
• Appropriate EDD on both the law firm and the underlying clients if they are within scope.

Model answer:

• No clear physical presence, staff, or operations relative to claimed turnover.
• Complex multi-layer ownership, often passing through secrecy jurisdictions.
• Business description very generic ("consultancy", "trading") with no specifics.
• Reluctance to provide detailed SOF/SOW or documentation on counterparties.

Model answer (examples):

• Repeated refusal or failure to provide essential KYC information and documents.
• Credible evidence of involvement in serious crime, sanctions breaches, or corruption.
• Structures that remain opaque despite repeated efforts to identify UBOs.
• Customer behavior that undermines trust (misrepresentations, inconsistent explanations).

Model answer (risk-based):

• Prioritize high-risk customers (PEPs, high-risk sectors, high-risk jurisdictions).
• Then address medium-risk customers with higher transaction volumes.
• Use triggers (recent alerts, adverse media) to move specific cases up the queue.
• Document prioritization criteria clearly in case of regulatory questions.

Model answer:

• Contact the customer to obtain updated documents and confirm whether they still require the account.
• Update risk assessment based on any new information (occupation, residence, etc.).
• If the customer is unresponsive over a defined period, follow exit procedures as per policy.

Model answer (depending on policy):

• Request alternative address evidence: utility bills, tenancy agreements, official letters.
• Consider digital verification solutions, where allowed.
• If still unresolved, apply a higher risk rating or restrict services until valid proof is obtained.

Model answer:

• Assess the legitimate business purpose of the tax-haven entity (e.g., treasury, holding, IP).
• Look for transparency around ownership and financial reporting of that entity.
• Increase risk rating if there is opacity, no clear rationale, or links to high-risk individuals.
• Consider additional EDD and enhanced monitoring for structures using such jurisdictions.

Model answer (principles):

• Check whether bearer shares are still allowed or have been converted to registered shares.
• Obtain evidence of immobilization or conversion (registrar/legal confirmation).
• Treat historical use of bearer shares as a red flag, requiring robust proof of current UBOs.
• Apply higher risk rating and EDD if transparency remains weak.

Model answer:

• Write a clear note summarizing the two versions and exactly where they differ.
• Request updated documentation or legal explanation from the customer.
• If unresolved, highlight potential misrepresentation/opacity and escalate to Compliance.
• Do not finalize KYC approval until you have a documented decision on how to treat the discrepancy.

Balanced answer:

• Explain that requirements are defined by regulation and policy, not personal preference.
• Offer to walk through which items are absolutely mandatory and where there is flexibility.
• Propose practical solutions: checklists for clients, early KYC involvement in the sales process.
• Remain firm on non-negotiable elements (UBO identification, sanctions checks, core SOF/SOW).

Model answer (risk view):

• Compare activity with stated occupation – does this pattern make sense?
• Assess whether the behavior resembles unregistered money service business / payment aggregation.
• Seek explanation and documentation from the customer (e.g., marketplace, platform income) where legitimate.
• Escalate and consider suspicious reporting if activity remains unusual or unexplained.

Model answer:

• Treat each material ownership change as an event-driven KYC trigger.
• Update UBO identification, verify new owners, and reassess risk rating.
• Look for patterns suggesting flipping or layering through multiple entities.
• Apply stronger monitoring if frequent changes have no clear commercial rationale.

Model answer:

• Trigger an event-driven KYC review to update address, documents, and tax residency information.
• Recalculate risk rating based on the new jurisdiction's risk score.
• Adjust monitoring thresholds if necessary and document rationale for any changes.

Balanced answer:

• Clearly explain minimum quality requirements and why they are needed (legibility, fraud prevention).
• Suggest practical options: scanning at a branch, certified copies, or digital verification if policy allows.
• Document attempts made; if acceptable documents cannot be obtained, escalate and consider declining or exiting.

Model answer:

• Verify the reported public role (e.g., if they hold or held a prominent function).
• Check alternative PEP sources or updated databases if available.
• If the role clearly fits PEP criteria, treat them as PEP in practice even if the tool is not yet updated.
• Document rationale and inform relevant teams to update internal records or vendor lists where appropriate.

Model answer (KYC controls):

• Identify all customers in the impacted sector and related supply chains.
• Refresh KYC files, focusing on specific activities, contracts, and counterparties.
• Screen for direct or indirect links to sanctioned entities and activities.
• Work with Compliance to decide whether to exit, restrict, or continue with strict controls and approvals.

Model answer (principles):

• Identify and verify the fund as a legal entity (licensing, jurisdiction, governance).
• Follow policy on whether look-through to fund investors is required (often for high-risk scenarios).
• Identify individuals with ultimate control over investment decisions (e.g., fund managers, GP partners) if defined as controllers.
• Document rationale clearly because treatment of funds can be policy-specific.

Model answer:

• Identify the founder/donor and assess their SOW and reputation.
• Understand governance: board structure, decision-making, and control.
• Obtain clarity on grant-making process and main beneficiaries/regions.
• Apply EDD if donor or activities are high risk (e.g., high-risk jurisdictions, sensitive sectors).

Focus areas:

• Licensing/registration and supervisory authority for the fintech.
• Ownership and control, including any foreign shareholders.
• Customer base profile and their own KYC/AML controls on underlying users.
• Cross-border flows and exposure to high-risk sectors or jurisdictions.

Implications:

• MSBs carry inherently higher ML/TF risk, so EDD is standard.
• Review the MSB's AML program, licensing, and regulatory inspection history.
• Understand MSB customer segments and corridors served.
• Monitor account activity more intensively and review regularly at higher frequency.

Model answer (governance):

• Implement group-wide KYC policies with minimum standards.
• Use central templates and systems where possible.
• Allow local add-ons for stricter local laws but not lower standards.
• Conduct group-level QA and audits to identify and close gaps.

Practical answer:

• Immediate remediation of high-risk files and those cited in findings.
• Reinforcement of policies, checklists, and mandatory training for analysts and front office.
• Stronger QA with feedback loops and clear metrics (error rates, turnaround times).
• System improvements (mandatory fields, better screening tools) where deficiencies are tool-related.

Self-improvement answer:

• Adopt a standard structure in notes: customer type, key risk factors, mitigating controls, final rating rationale.
• Allocate time at the end of each case to write a short, clear summary instead of only filling fields.
• Use examples from QA feedback to model strong rationales until it becomes habit.

Good interview positioning:

• Review KYC policies, risk rating methodology, and procedures to align with expectations.
• Look at sample KYC files (good and bad) to understand quality benchmarks.
• Understand systems used (KYC tools, screening, document management) so I can be productive quickly.

Ethical answer:

• First, confirm objectively by reviewing a few examples to avoid misunderstanding.
• Raise the concern with a team lead or manager rather than confronting aggressively.
• Explain risk: inaccurate KYC, regulatory exposure, and impact on the whole team.
• Support training or coaching solutions, but accept that repeated behavior may need formal escalation.

Customer-facing answer:

• Acknowledge their frustration and show empathy.
• Explain simply that these checks are mandatory for all customers and protect both the bank and genuine clients.
• Offer clear, concise lists of exactly what is needed to minimize back-and-forth.
• If appropriate, propose a call to walk them through requirements once, instead of many emails.

Principles-based answer:

• Determine whether the law firm is the customer or if the underlying clients are also customers in economic terms.
• Apply look-through based on policy and regulation to identify underlying beneficial owners.
• Obtain sufficient information on the nature of the law firm's client base and services offered (e.g., escrow vs permanent holding).
• Apply EDD where the intermediary structure raises opacity risks.

Model answer:

• Send a clear, concise request with deadlines and highlight regulatory impact of delay.
• If no response, escalate to the RM's manager or follow the agreed escalation path.
• Document all attempts in the KYC file and system.
• If deadlines are passed and KYC remains incomplete, initiate restriction or exit as policy requires.

Practical answer:

• Use approved translation services or internal language resources instead of informal tools.
• Ensure key fields (names, dates, registration numbers, addresses) are correctly understood.
• Attach translated copies or summaries to the KYC file for future reference.

High-level answer:

• Note significant environmental incidents, fines, or controversies in adverse media.
• Consider whether operations involve high-risk locations or sensitive ecosystems.
• Assess governance and transparency: reporting, certifications, and remediation efforts.
• Reflect ESG findings in risk assessment and, if severe, in relationship appetite.

KYC focus:

• Licensing status, regulator oversight, and compliance history.
• Customer due diligence controls on players, especially high rollers or VIPs.
• Jurisdictions where services are offered and any regulatory restrictions.
• Enhanced monitoring of large cash flows and cross-border activity.

Approach:

• Break down income streams: sponsorships, advertising, platforms, business ventures.
• Request contracts, platform statements, or financials supporting declared income.
• Check public information on brand deals and approximate income ranges.
• If revenues and assets are plausible and evidenced, document clearly; otherwise, treat as high risk and consider declining.

Key points:

• Strength of their onboarding and monitoring of sellers (their own KYC).
• Exposure to high-risk goods or services, and high-risk jurisdictions.
• Ownership and control of the platform itself (UBOs, management).
• Transaction flows (volume, cross-border patterns) and how they are monitored.

Adaptation areas:

• Use secure digital ID verification, liveness checks, and document authenticity checks.
• Implement stronger device/IP controls and geolocation checks.
• Consider lower initial limits or stricter monitoring until more comfort is gained.
• Ensure consent and privacy notices are clear in the digital journey.

Suggested structure for candidates:

• Context: Type of customer, sector, and main complicating factor (e.g., complex ownership, high-risk country).
• Actions: What you did specifically – documents obtained, analysis performed, people you engaged, and how you challenged information.
• Outcome: Final decision (onboard, decline, exit, EDD) and how it was documented.
• Learning: One or two lessons that improved your future KYC work (e.g., better structuring of notes, early escalation, improved SOF questioning).