Risk ratings categorise entities — individuals, companies, and trusts — into meaningful risk tiers that drive your compliance workflows. The admin portal gives you full control over how many levels exist, what they're called, and how scores map to each level.
How risk levels work
Each risk level is defined by a threshold, which acts as a ceiling for that level. When an entity receives a risk score, BNDRY finds the lowest threshold the score falls at or below, and assigns that level.
For example, with thresholds of Low = 30, Medium = 60, High = 100:
| Score | Level | Why |
|---|---|---|
| 25 | Low | At or below the Low threshold (≤ 30) |
| 45 | Medium | Above Low, at or below Medium (≤ 60) |
| 85 | High | Above Medium, at or below High (≤ 100) |
Because each threshold is a ceiling rather than a range, you only define one value per level. Adding or removing a level never requires you to recalculate adjacent boundaries.
Standard risk matrices
BNDRY supports any number of levels, but two configurations cover the vast majority of risk frameworks.
3-level matrix (Low / Medium / High)
The simplest and most widely used structure. Suitable for lower-complexity customer bases or when a binary pass/fail isn't granular enough but a five-point scale introduces unnecessary overhead.
| Level | Typical threshold |
|---|---|
| Low | 33 |
| Medium | 66 |
| High | 100 |
5-level matrix (Low / Medium / High / Critical / Extreme)
The standard for financial institutions with mature AML/CTF programmes or larger, more complex customer portfolios. This structure aligns with FATF guidance and most regulatory frameworks that require differentiated treatment of very high-risk customers.
| Level | Typical threshold |
|---|---|
| Low | 20 |
| Medium | 40 |
| High | 60 |
| Critical | 80 |
| Extreme | 100 |
Recommendation: Start with a 3-level matrix unless your compliance programme already mandates finer granularity. A 5-level matrix is straightforward to migrate to later — add levels and adjust thresholds without losing historical ratings.
For colour recommendations, including colour blind-friendly hex values, see the Colour blind-friendly colour schemes section below.
How many levels can you configure?
There is no fixed limit on the number of risk levels. In practice:
- Minimum: 1 level (not recommended — every entity would receive the same rating)
- Typical: 3 or 5 levels
- Maximum: As many as your programme requires, though more than 6–7 levels rarely adds analytical value and can make risk decisions harder to communicate internally
The highest configured level must always have a threshold of 100. This ensures all possible scores have a level to land in — any score above your second-highest threshold up to 100 is assigned to that top level.
Configuring levels in the admin portal
Each level has five configurable properties:
| Property | Purpose |
|---|---|
| Threshold | The upper score limit for this level (0–100) |
| Label | The display name shown throughout the platform |
| Description | Optional — useful for documenting what the level means internally |
| Colour | Hex colour used in badges, charts, and exports |
| Icon | Visual indicator shown alongside the label |
Levels are ordered from lowest threshold to highest. Use Move up / Move down to reorder, and Add Level to insert a new band. Removing a level is permanent and will affect any existing entities rated at that level — review downstream workflows before making changes in a live environment.
The unspecified level
Do not edit or remove the RISK_RATING_UNSPECIFIED level. This level is system-reserved. It is referenced directly in scoring logic, reporting, and downstream workflows. Changing its label, threshold, or removing it entirely will break risk rating behaviour across the platform in ways that may not be immediately obvious. If this level is missing or misconfigured, contact BNDRY support.
BNDRY includes RISK_RATING_UNSPECIFIED at threshold 0 to identify entities that have not yet been scored.
RISK_RATING_UNSPECIFIED is distinct from Low risk. An unspecified rating means no assessment has been run — not that the entity poses minimal risk. Entities in this state should be triaged and assessed before being onboarded or transacted with.
Colour blind-friendly colour schemes
Colour vision deficiency affects a statistically significant proportion of the population. The most common form is red-green colour blindness (deuteranopia/protanopia), which makes standard red/amber/green traffic-light palettes difficult or impossible to distinguish.
BNDRY displays icons alongside colours for every risk level — always configure both. Never rely on colour alone to convey risk level.
Recommended palettes
The Okabe-Ito palette is the most widely used colour blind-safe set for data visualisation. The following mappings work well for both standard and colour-deficient vision.
3-level matrix
| Level | Hex | Note |
|---|---|---|
| Low | #56B4E9 |
Sky blue — universally distinguishable |
| Medium | #E69F00 |
Amber/orange — distinct from blue and vermilion |
| High | #D55E00 |
Vermilion — differs from amber in both hue and brightness |
5-level matrix
| Level | Hex | Note |
|---|---|---|
| Low | #56B4E9 |
Sky blue |
| Medium | #F0E442 |
Yellow — high lightness distinguishes it from amber |
| High | #E69F00 |
Orange |
| Critical | #D55E00 |
Vermilion |
| Extreme | #CC79A7 |
Reddish purple — distinct from all others |
Avoid the red (#FF0000) / green (#00FF00) combination — it is the most common failure point for colour blind users and is indistinguishable for a significant proportion of the population.
Icon pairing
BNDRY's icon field reinforces colour with shape, which is critical for accessibility. Suggested pairings:
| Level | Suggested icon |
|---|---|
| Low | ✅ Check circle |
| Medium | ⚠️ Warning triangle |
| High | 🔔 Bell |
| Critical | ❌ Times circle |
| Extreme | 🚩 Flag |
For higher levels, consider varying the icon if your icon set supports it (for example, a filled versus outlined variant) to add a second non-colour dimension.
Tips
- Keep colours semantically consistent — blue/green for low risk, amber for medium, red/fuchsia for high. Users develop intuition based on colour; inconsistent palettes slow down review.
- Avoid overlapping thresholds — each threshold must be unique and ordered ascending.
- Document your rationale — use the Description field to record why a threshold sits where it does. This is useful during audits and when onboarding new compliance staff.
- Align with your risk appetite statement (RAS) — thresholds should reflect the scoring bands documented in your RAS, not arbitrary round numbers.
Comments
0 comments
Article is closed for comments.