Over the past 10 years, regulators across the United States, Europe, APAC, and the Middle East have levied nearly $26 billion in financial penalties against financial institutions for anti-money laundering (AML), know your customer (KYC), and other sanctions-related violations. In today’s heightened regulatory climate, organizations need to be concerned with more than making profits. They need to be able to correctly identify whom they’re doing business with, which means verifying customers’ identities and meeting KYC and AML guidelines.
When a financial institution creates a new business partnership with individuals or organizations without fully knowing their past and present business dealings, it can expose the institution to hefty lawsuits, regulatory fines, and reputational damage.
The problem with KYC and AML requirements is that they have the potential to make something as simple as opening a new account a long and complex journey for regulated organizations. While estimates vary, banks take an average of 24 days to complete the customer-onboarding process. Many argue it’ll only get worse as regulations continue to increase.
It’s important to be thorough, especially in high-risk industries like finance. But KYC and AML regulatory hurdles often create a less-than-ideal customer experience, which translates to abandoned customers and lost revenue.
Costly KYC and AML fines are often the result of some of the challenging nuances associated with Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD). CDD processes are critical for KYC. They involve identifying your customers and understanding their activities, which allows you to assess their risk profile.
EDD is additional information that is needed for high-risk customers. It provides a more detailed understanding of your customer to further avoid unnecessary risk. From there, your customer risk assessments can be used to determine how much due diligence is needed.
Below are some of the specific challenges associated with both CDD and EDD and why they need to be taken seriously to avoid costly fines:
Rigorous and Robust: EDD policies must be “rigorous and robust” which requires significantly more evidence and detailed information.
Detailed Documentation: The entire EDD process must be documented in detail. Regulators should be able to have immediate access to EDD reports. This demands more scrutiny when it comes to how data is captured. It also requires validating the reliability of those information sources.
Reasonable Assurance: EDD requirements call for “reasonable assurance” when calculating a KYC risk rating. This means that the professionals responsible for making a “go” or “no-go” decision must have completed all the necessary research steps and exercised professional skill and care in reaching their judgment about whether a new user is who they claim to be.
Special Attention for PEPs: Special attention must be paid to politically exposed persons (PEPs). They’re viewed as a higher-risk because they are in positions that can be potentially abused for money laundering
Thankfully, EDD and CDD processes can be streamlined and automated through better use of technology. The quickest way to do so is by implementing an online identity-verification process, which involves using a government-issued ID (for example, a driver’s license) and a corroborating selfie. Emerging identity-verification technologies also include a certified liveness check. This ensures the applicant is physically present and not spoofing the system with a picture of someone else or a doctored video. The result is increased compliance, as well as faster customer onboarding.
Although today’s regulatory landscape may seem like a lot of hoops to jump through, KYC and AML mandates are an effective means of protecting your company and customers alike. These hurdles may prove tedious, but there are modern technologies that can be deployed to improve ease of use and streamline the necessary KYC and AML checks. By doing so, companies can avoid the steep fines associated with mismanaged KYC and AML, while also delivering a frictionless user experience.
Adopting CDD and EDD processes communicates to customers, and prospective customers, that your focus is on lawful business. Thanks to emerging identity verification and AML screening technologies, banking customers can now identify themselves from anywhere in the world.
Robert Prigge is chief executive of Jumio Inc., Palo Alto, Calif.