Client Risk Profile Checklist

Capture passport or driver's license for each individual; for entity accounts, also collect formation documents, EIN, and ID for any 25%+ beneficial owner per the CDD rule. Store in NetDocuments or the firm document vault — not email attachments.

Non-documentary verification satisfies the CIP rule when ID copies alone aren't enough. Save the verification report ID with the client file — examiners ask for it.

Screen the client, joint owners, beneficial owners, trustees, and named beneficiaries through Refinitiv World-Check, LexisNexis Bridger, or the firm's AML platform. A common gap: beneficiaries added later who never get screened.

Politically Exposed Persons and clients with adverse media hits require enhanced due diligence under the CDD rule. Document the determination even when clear — the audit trail is what protects the firm.

Pull figures into eMoney or RightCapital so the data feeds the financial plan and the suitability file. Note any concentrated positions, employer stock, or restricted securities — these matter for both planning and Reg BI.

Source of funds explains the specific money funding the account; source of wealth explains the broader economic origin (inheritance, business sale, career earnings). Examiners flag accounts where these are conflated or left vague.

Capture employer, role, and any public-company affiliation that may trigger Rule 144 restrictions or 10b5-1 considerations. Note insider status for board members and executive officers.

For joint accounts, capture each spouse separately — divergent risk numbers are common and need an explicit reconciliation conversation before allocation.

This drives model selection and is the anchor for any future drift conversations. Reconfirm verbally with the client — questionnaire scores often overstate appetite versus how the client actually behaves in a drawdown.

Separate accumulation versus decumulation phases; document target retirement date, expected withdrawal rate, and any goal-funded buckets (education, second home, philanthropy).

Identify any near-term cash needs (within 12-24 months) that should not be exposed to market risk. Clients with private investments or non-traded REITs need explicit illiquidity discussion.

Reg BI requires Form CRS delivery to retail clients at the time of recommendation, account opening, or new service. Track delivery date and method — examiners want to see the timestamp, not just that the form exists.

Send the firm brochure (2A) and the supervised-person brochure (2B) for the assigned advisor. Skipped initial delivery and missed annual delivery are the two most common ADV citations.

Write the why: why this allocation, why this product, why not the lower-cost or simpler alternative. Reg BI exams pull this rationale; checkbox-only suitability forms fail. Particularly critical for IRA rollover recommendations under DOL PTE 2020-02.

For PEPs and high-risk relationships, collect detailed source-of-wealth narrative, recent tax returns or audited financials, and corroborating third-party documentation. Adverse media hits require a written disposition memo.

The CCO documents the risk-acceptance decision and any conditions (transaction caps, additional review cadence). Sanctions matches stop here pending OFAC license guidance — do not open the account.

Set the recurring CRM task in Wealthbox or Salesforce. Annual ADV Part 2 delivery and risk reconfirmation should anchor the same meeting so disclosures and suitability stay synced.

Compare actual deposits, wires, and trading activity to the profile captured at onboarding. Material deviation triggers a CDD refresh; suspicious activity triggers a SAR review within the 30-day filing window.

Marriage, divorce, inheritance, retirement, business sale, and beneficiary changes all warrant updating the profile. A common gap: beneficiaries added mid-year who never get OFAC-screened.