The latest directive to impact KYC processes – AMLD5 – is set to be implemented by all EU Member States by the end of 2020 and is merely the latest iteration of regulatory AML obligations for financial organizations. Understanding why and how KYC has become a core component of AML operations is therefore crucial for decisionmakers. With an increased compliance burden and ever-more complex KYC procedures, firms must not only comply with today’s AML regulations, but also futureproof themselves for tomorrow.
The Emergence of KYC
Businesses and society have become more digitally interconnected than ever. Starting a business can be done within a single day, providing services online, and transacting globally in seconds. Physical borders are no longer a constraint. Such limitless possibilities, while presenting hugely enhanced opportunities, have inevitably increased exposure to risk and financial crime. This digital transformation therefore bears a cost – AML and KYC regulation. Complex layers of financial regulations and constantly changing legislation (OFAC, MiFID ii, AMLD5) have been put in place to protect financial institutions and consumers alike.
Know Your Customer
Every reputable business strives to ascertain who they are dealing with and what risk is involved. Regulatory penalties such as fines are one such consideration, as are reputational damages, sanctions and providing a smooth onboarding journey for their customers. Representing the identification and verification of a potential customer and their Ultimate Beneficiary Owners (UBOs), KYC has therefore arisen as a crucial consideration in AML processes.
Money laundering and fraud are not new activities, with tax evasion and fraud stretching back centuries. Modern KYC regulation is first associated with The Federal Deposit Insurance Act, passed in 1950 in the United States. The Act consisted of a list of regulations that financial institutions had to comply with to remain insured by the Federal Deposit Insurance Corporation (FDIC). The regulations and requirements established in this Act to a great extent shaped the foundations of contemporary KYC laws.
The need for KYC legislation is based on three main drivers: money laundering, financing of terrorism and tax evasion. Over the years, the laws related to AML and KYC have always mirrored the contemporary threats to the financial systems. In the United States, the AML regime was created as a response to the emerging thread of organized crime groups and tax evasion practices in the 1960s. AML regulations were further expanded in the 1980s to target organized drug cartels and narco-traffickers. Post Sept 11th, the main concern became financing of terrorism and therefore the Patriot Act, among others, expanded AML regulations to address this new environment.
In Europe, in addition to national legislations, AMLD5 (the 5th AML Directive of the European Union) is set to be implemented in 2020. This legislation sets the AML and KYC requirements for all EU member states, with its mandate being transposed by national governments into their own legal systems. Part of these requirements pertain to virtual currencies, amendments for financial institutions, credit institutions, real estate, and the legal sector. The reporting entities, for example, will be required to put practices in place to conduct enhanced due diligence.
At an international level, the Financial Action Task Force (FATF) is the preeminent intergovernmental body promoting global standards in AML. FATF sets international standards to help prevent financial crime such as corruption, terrorism, and organized crime. For more than 30 years since its inception, this international AML watchdog has been monitoring countries’ progress in implementing its recommendations. Central to this is requiring financial organizations to conduct thorough KYC checks in the initial stages of any new business relationship, be it with individuals or corporate entities.
Who Practices KYC
Regulated entities include financial institutions, banks, insurance corporations, investment funds and credit institutions. Such entities are obliged to have AML and Counter-Financing of Terrorism (CFT) controls in place, including KYC.
When effectively implemented, rigid AML controls mitigate exposure to financial crime and protect organizations from sanctions, heavy fines, severe reputational damage and a potential loss of licenses. Ultimately, having robust KYC procedures in place promotes not only compliance, integrity and stability in the financial markets, but also ensures trust from the businesses which invest in such.
The number of non-AML regulated businesses that put in place KYC practices is also growing. Regulation aside, all business has an interest in preventing reputational damage and enhancing trust to realize more opportunities. Likewise, they still face the risk of liability for a substantive money laundering or terrorist financing offence, and the duty to report beliefs or suspicions thereof (Terrorism Act 2000 and Proceeds of Crime Act 2002 (POCA), United Kingdom). Underpinning these efforts is the essential endeavor of risk mitigation. If the business knows who its clients are through a robust KYC operation, the possibility of fraud is drastically reduced, and profitability increased.
Challenges of transparency are emerging between strict AML/KYC compliance jurisdictions and the existence of non-transparent jurisdictions.
The latter jurisdictions allow businesses to legally benefit from nondisclosure of essential KYC information (such as UBOs) and potentially cover financial crimes. Investigations such as the Panama Papers in 2016 and Paradise Papers in 2017 shed light upon such notorious practices associated with tax evasion, anonymity of UBOs and money laundering structures. Responding to these challenges at a European level, national governments are currently in the process of evolving AMLD5 to cover UBO registries. The full consequences of AMLD5 are yet to be evaluated, as businesses need to change their AML/KYC strategy and processes accordingly to comply.
For KYC, the era of digital businesses and artificial intelligence leads in the direction of increased automation and the reduction of manual processes. Minimizing manual intervention not only reduces time and costs but also increases consistency in the analysis of customer data, with up to 90% of customers being verified in an automated fashion.
Complete automation of the KYC process remains challenging. KYC checks involving multiple hits (sanctions lists, Politically Exposed Persons and adverse media) and extensive and complicated UBO structures are returned often require enhanced due diligence and outreach to the customer.
Specialized teams or KYC-as-a-service providers can vastly improve organizations’ response to such challenges. As top-tier experts in creating and implementing AML processes, Equiniti KYC Solutions helps its clients to dramatically improve KYC compliance with precision and consistency, without losing competitive edge. Firms are therefore free to focus on their core business, whilst adhering to the most recent financial regulations and futureproofing themselves against disruptive transformation.