31 C.F.R. § 1027.210
(a) Anti-money laundering program requirement.
(b) Minimum requirements. At a minimum, the anti-money laundering program shall:
(1) Incorporate policies, procedures, and internal controls based upon the dealer's assessment of the money laundering and terrorist financing risks associated with its line(s) of business. Policies, procedures, and internal controls developed and implemented by a dealer under this section shall include provisions for complying with the applicable requirements of the Bank Secrecy Act (31 U.S.C. 5311 et seq.), and this chapter.
(i) For purposes of making the risk assessment required by paragraph (b)(1) of this section, a dealer shall take into account all relevant factors including, but not limited to:
(ii) A dealer's program shall incorporate policies, procedures, and internal controls to assist the dealer in identifying transactions that may involve use of the dealer to facilitate money laundering or terrorist financing, including provisions for making reasonable inquiries to determine whether a transaction involves money laundering or terrorist financing, and for refusing to consummate, withdrawing from, or terminating such transactions. Factors that may indicate a transaction is designed to involve use of the dealer to facilitate money laundering or terrorist financing include, but are not limited to:
(2) Designate a compliance officer who will be responsible for ensuring that: