A risk-based approach (RBA) is a strategy used in financial crime compliance to allocate resources and implement controls based on the specific risks posed by customers, transactions, or business activities. Instead of applying the same level of scrutiny to all clients, an RBA tailors compliance efforts according to the level of risk each entity presents, ensuring a more effective and efficient response to financial crime threats. 

In the context of anti-money laundering (AML) and counter-terrorism financing (CTF), financial institutions assess various risk factors, such as customer profiles, geographical locations, transaction types, and business relationships. High-risk customers, such as politically exposed persons (PEPs) or clients from high-risk jurisdictions, receive enhanced due diligence, while lower-risk customers are subject to simpler checks. This approach enables organizations to focus their compliance efforts on areas of higher risk, ensuring robust financial crime prevention while optimising resources and complying with regulatory standards.