In accordance with the Act on Preventing Money Laundering, an obliged entity must produce a risk assessment regarding its activities to identify and assess money laundering and terrorist financing risks. The risk assessment must be regularly updated, and it must be submitted to a competent authority on its request. In the risk assessment, an obliged entity must be able to assess whether its customers, related individuals, business activities or transactions include features that form a more significant risk of money laundering or terrorist financing. The risk-based assessment of the obliged entity forms the basis for the measures which it must take to implement customer due diligence and to monitor customer transactions. The risk assessment, thus, helps the obliged entity to plan its operating principles, procedures and monitoring so that they correspond with the money laundering and terrorist financing risks related to the activities. Instructions for producing a risk assessment are available, for example, on the Regional State Administrative Agency’s website http://www.avi.fi/web/avi/riskiarvio.