Definition
Anti-Money Laundering (AML) is the framework of laws, regulations, and controls designed to prevent the movement of illicit funds through the financial system. It obliges banks to detect, deter, and report suspicious activity by applying rigorous identification, monitoring, and escalation procedures throughout the client lifecycle.

Context
AML provides the regulatory foundation that defines why KYC and CDD exist.

• KYC ensures the bank knows who the client is and the purpose of the relationship.

• CDD determines how much risk the client presents and how closely they must be monitored.
  Together, they operationalise AML obligations within the Client Lifecycle Management (CLM) framework.

Within E-CLM, AML compliance is embedded through rules, workflows, and data controls that govern onboarding, screening, periodic reviews, and exit. AML risk ratings and alerts feed into CNRM analytics to reveal exposure patterns across client networks and geographies.

An effective AML capability depends on high-quality entity data, continuous due diligence, and coordinated responses across compliance, operations, and technology teams—ensuring financial-crime risk is managed as part of integrated client risk governance.

Definition
Client Network Risk Management (CNRM) is the framework that enables a bank to identify, assess, and manage risk across connected client entities, relationships, and roles. It integrates entity-level CLM with network-level risk intelligence to strengthen global control and resilience.

Context
CNRM extends traditional Know-Your-Client (KYC) and onboarding functions by connecting data across clients, counterparties, and jurisdictions. It supports risk oversight, structural awareness, and regulatory alignment in complex client networks.

ChatGPT said:

CDD – Customer Due Diligence

Definition
Customer Due Diligence (CDD) is the structured assessment of a client’s risk profile based on verified identity, ownership, activities, and behaviour. It determines the depth of checks and monitoring a bank must apply to manage financial crime, sanctions, and reputational risk in accordance with regulatory standards.

Context
CDD extends beyond KYC. While KYC establishes who the client is and why the relationship exists, CDD determines how much risk that relationship represents and how it should be managed over time. CDD classifies clients into risk tiers (typically Low, Medium, or High), drives the required level of due diligence (Standard or Enhanced), and sets periodic review cycles.

Within E-CLM, CDD is an embedded service that consumes verified client data from Entity Management and applies rule-based assessments to maintain an accurate risk profile throughout the client lifecycle. It provides a direct control linkage between onboarding, review, and offboarding processes.

In CNRM, aggregated CDD outputs inform network-level risk analytics—showing where concentrations or contagion may occur across related clients, geographies, or sectors.

Definition
Entity Client Lifecycle Management (E-CLM) is the capability that governs how a bank creates, maintains, and retires client entities across their lifecycle. It ensures a single, high-quality source of entity data that underpins onboarding, KYC, tax, regulatory classification, and offboarding processes.

Context
E-CLM integrates client data, workflow, and control services so that all client-related activities operate from a common, validated entity record. It establishes the foundation for efficiency, consistency, and risk control across business lines and jurisdictions.

Definition
Entity Management is the capability through which a bank creates, maintains, and governs information about all legal entities, individuals, and related parties with which it interacts. It ensures that every entity has a single, authoritative record that can be referenced consistently across business lines, systems, and jurisdictions.

Context
Effective Entity Management provides the foundation for E-CLM, enabling onboarding, due diligence, and lifecycle processes to operate from a shared entity record. It supports regulatory compliance, data quality, and operational efficiency by preventing duplication, fragmentation, and ambiguity in client data. Within CNRM, it ensures that relationships and networks are accurately mapped to reveal connected risks and exposures.

Definition
The Entity-Relationship-Role (ERR) model defines how a bank structures and connects information about entities (clients, counterparties, or related parties), their relationships, and the specific roles they play. It provides the logical foundation for linking people, legal entities, accounts, and transactions in a single coherent framework.

Context
ERR enables transparency of complex client networks by showing who an entity is, how it connects to others, and in what capacity. This structure supports risk analysis, compliance, and operational control by ensuring that client data can be navigated through consistent relationships and clearly defined roles. It underpins both E-CLM and CNRM capabilities.

Definition
Know Your Customer (KYC) is the process through which a bank verifies the identity of a client, understands the nature of their activities, and assesses potential risks before and throughout the client relationship. It is a regulatory requirement designed to prevent money laundering, terrorism financing, and other forms of financial crime.

Context
KYC sits within the broader Client Lifecycle Management (CLM) capability as the control layer that ensures each client is properly identified and risk-assessed. It differs from Customer Due Diligence (CDD) in scope and purpose—KYC establishes who the client is and why the relationship exists, while CDD extends to ongoing, risk-based monitoring and deeper checks (Enhanced Due Diligence) when required.

In an E-CLM operating model, KYC activities are executed through data collection, validation, and risk scoring workflows, linked directly to the entity record managed under Entity Management. Within CNRM, KYC data contributes to network-level insight, revealing how risks propagate across connected clients and relationships.

Definition
Integrated Risk refers to the coordinated management of multiple risk types—financial, non-financial, operational, and strategic—through a single, connected framework. It focuses on how risks interact and compound across domains rather than being handled in isolation by separate control functions.

Context
In banking, Integrated Risk unites regulatory, credit, market, operational, and geopolitical perspectives into one risk view. This enables management to evaluate exposures, dependencies, and potential contagion across clients, business lines, and geographies. Within CNRM, it links client-level and network-level data so that structural, behavioural, and contextual risks can be analysed as part of one ecosystem.

Definition
Network and Structural Risk (NSR) refers to the exposure a bank faces through the interconnected structure of its clients, counterparties, and ownership networks. It captures how changes or stresses in one entity or sector can propagate across the network, impacting others.

Context
NSR analysis helps banks understand not just individual client risk but how those clients connect within broader corporate, geographic, and financial structures. It supports the identification of concentration, contagion, and systemic vulnerabilities—forming a core analytical layer within Client Network Risk Management (CNRM).

Definition
A Unique Identifier is a persistent, system-wide reference assigned to each entity, ensuring that the entity can be uniquely recognised and retrieved across all platforms, products, and jurisdictions. It unifies disparate records and enables consistent linkage of client, counterparty, and related-party data.

Context
In banking, the Unique Identifier is essential to both Entity Management and CNRM. It allows a single client or entity record to be referenced across onboarding, KYC, due diligence, and risk systems—even when legacy platforms or regional variations exist. It also supports traceability in audit, risk analytics, and regulatory reporting by eliminating ambiguity in client identification.

A robust Unique Identifier model can reconcile internal IDs with external identifiers (e.g., LEI, Companies House, or tax IDs) and maintain the cross-reference logic required for network-level visibility.