In the fight against money laundering and the financing of terrorism, the Know-Your-Customer (KYC) requirements and processes generate significant risks and costs for any institution, entity or individual that has to comply with them. Manual data entry and human control have their limits, they are time-consuming and error-prone. Digital solutions and tools can help. Here we look at which ones they are, and what the benefits are.

1. What is the Know-Your-Customer (KYC) requirement?
As per international anti-money laundering (AML) legislation, certain businesses are required by law to know who they are doing business with. This includes financial institutions — such as banks, insurers, lenders, cryptocurrency exchanges, and fintech companies — which are subject to AML rules and related laws. But it also includes businesses that operate in other regulated industries, such as gambling amongst others.

The processes that these businesses implement to meet these requirements are usually called Know Your Customer (KYC). Customer due diligence (CDD) is an important part of complying with Know Your Customer (KYC) and anti-money laundering (AML) requirements. But there are times and situations when standard CDD processes are not enough and where a well-designed enhanced due diligence (EDD) protocol must be in place. Simply put, customer due diligence is just one part of KYC (along with customer identity verification and continuous monitoring), and enhanced due diligence is likewise just one part of CDD.

CDD refers to a set of KYC processes designed to assess customer risk. Usually, financial institutions are required to meet four key requirements:

• Identify and verify all customers or clients
• Identify and verify all beneficial owners of companies you want to do business with. (This includes any individual who controls the company and/or owns 25% or more of the company.)
• Understand the nature and purpose of customer relationships to develop customer risk profiles
• Conduct continuous monitoring of customer activity and transactions to identify and report suspicious activity

In practice, CDD usually involves collecting personal information about customers, such as their name, date of birth, Social Security Number, physical address, and other information as necessary. The collected information is often then verified against one or multiple external documents (e.g. state ID, passport, utility bills, driver’s licence) in a process known as documentary verification.

A number of screenings are also required at this stage. Adverse media screenings are a common example. These screenings specifically look for negative news or media coverage of an individual or business entity and typically include print, online, radio, and television sources. Additionally, sanctions and watchlist screenings ensure that the individual is not a sanctioned entity (or associated with a sanctioned entity), while politically exposed persons (PEP) screenings specifically check for political associations, which may indicate increased risk.

In cases where an individual or transaction is deemed to be lower or higher risk than the “standard,” businesses may leverage alternative levels of due diligence such as Enhanced due diligence, which is applied to high-risk individuals and transactions.

Enhanced due diligence (EDD) refers to protocols that are followed when an individual or transaction is deemed to carry a higher risk (e.g. PEP, sanctions listing, location in a high-risk country) of money laundering or other financial crime. In these cases, businesses are required to conduct an additional layer of verification (e.g. more stringent identity verification, source of funds verification, continuous monitoring, additional screenings).

2. Is there a standardised approach to risk factors and screening parameters
It is important to note that there is currently no standardised approach to risk factors and screening parameters. Therefore, it would be beneficial if legislators would need to be actively involved in both onboarding and customer review or maintenance, and be familiar with the latest trends in automation capabilities. A standardised approach to risk factors and screening parameters (including structured and harmonised counterparty profiling) across the various industries would be even more beneficial.

 3. What is the issue with manual data entry and human control?
Every year, more advanced regulations and compliance are put in place, making it more expensive for financial institutions to meet requirements. Increasingly complex regulations put Compliance teams under pressure. Manual data entry is time-consuming and error-prone. That is why companies are increasingly relying on the dual control principle. But that means more staff and therefore higher costs. Analysts are often unable to identify the right source of information because companies obtain data from various different external sources. Moreover, this data is often outdated, incomplete, of poor quality or not compliant with regulations.

4. Are there digital remedies?
As a result, financial services players and other industries have turned to “digital KYC” or “eKYC” in order to reduce costs, enhance customer experience and implement new technologies that distinguish them from competition. With technologies such as AI and APIs, the entire KYC process can be automated and all the data stored on the cloud, drastically lowering the cost of onboarding customers. This noticeably simplifies the repetitive tasks reduces the manual KYC steps, while still incorporating human expertise, and automatically creates documentation that is suitable for auditing.

Automating the transaction monitoring process allows financial institutions to handle billions of transactions efficiently. AML Transaction Monitoring controls often produce an excessive amount of false-positive alerts and place a heavy workload on operations. The investigation process also suffers from inefficiencies, resulting in a considerable discrepancy between the efforts invested and the effectiveness of the monitoring controls. By incorporating machine learning techniques at various stages of the transaction monitoring process, AI provides meaningful opportunities to significantly reduce operational costs without compromising effectiveness.

When the entire onboarding process is automated, the customer acts completely independently, up to the point where further clarifications or information are needed. Then the manual work begins.

The advanced capabilities of AI to identify patterns in large volumes of text allow it to gain insight into the constantly evolving regulatory landscape. Moreover, through the use of Natural Language Processing (NLP), documents can be analysed and categorized, yielding valuable details such as client names, products, and procedures that may be affected by regulatory adjustments. This process ensures that both the bank and the client remain informed of any regulatory updates, including know your client requirements, to enhance compliance.

Supervisory authorities recognize the value of these services as useful tools for combating money laundering and terrorist financing, thereby enhancing AML/KYC compliance. However, it is important to note that regulatory requirements must be respected when using these software packages, such as protecting personal privacy data and ensuring the proper execution of AML procedures (including communication procedures, reporting, and maintaining confidentiality).

It should also be noted that the use of AML software is not always mandatory by law. Even if a company or individual does not have access to one of these software packages, they are still responsible for ensuring AML/KYC compliance. When you google the terms “digital KYC”, a plethora of different service providers appear, and it’s hard not to get lost in this jungle. The decision to use AML software and which service provider to pick will depend on the type of obligated party, the AML/CFT risks associated with the client portfolio, the type of clientele, and economic relationships.

For more information, please feel free to contact us and we will be happy to help you.