KNOW YOUR CLIENT POLICES - IRAIC SME Stock Exchange

To help battle against the multi-trillion-dollar financial crime industry, firms themselves take steps toward solving the problem. One way organizations have responded is by expanding their “Know Your Customer” (KYC) efforts.

KYC references a set of guidelines that financial institutions and businesses follow to verify the identity, suitability, and risks of a current or potential customer. The goal is to identify suspicious behavior such as money laundering and financial terrorism before it ever materializes.

KYC regulations originated from years of unchecked financial crimes. The initial guidelines were drafted in 1970 when the U.S. passed the Bank Secrecy Act (BSA) to prevent money laundering. Notable additions came years later, after the Sept. 11, 2001 terrorist attacks and 2008 global financial crisis.

The regulations put in place over the years have required firms to monitor client behavior regularly. And there is no exception for not complying. Any company—including banks, insurance companies, and creditors—with exposure to client risk must develop a KYC strategy for engaging with customers.

The “Know Your Customer” framework contains three steps: customer identification program (CIP), customer due diligence (CDD) and enhanced due diligence (EDD).

At the minimum, firms must pull four pieces of identifying information about a client, including name, date of birth, address, and identification number.

Most firms take additional steps in their screening process. Many will make sure that clients do not appear on government sanction lists, politically exposed person (PEP) lists, or known terrorism lists— those who do appear usually require enhanced due diligence.

Other items considered at this time include financial transactions, which firms use to separate potentially risky behavior from regular business activity.

Much of this information comes from various reporting agencies, public databases and third-party sources.

Customer due diligence is the process of classifying all the information collected during the Customer Identification Program.

Firms examine the nature and beneficiaries of existing relationships to ensure all activity is consistent with historical customer information.

The goal is to obtain enough information to verify a customer’s identity and assess their riskiness. Since financial crime happens quickly, firms frequently monitor this information for unusual spikes in activity or changes to sanction lists. Most clients pose little to no risk, but the few who do are subject to enhanced due diligence.

If a customer is believed to pose additional risks, firms take extra steps to gain a better understanding of their motivations. A high-risk person may include those with political exposure or relationships with designated persons. Even someone in a high-risk country can raise a red flag for compliance.

In practice, firms must demonstrate a deeper understanding of the high-risk clients identified by a standard customer due diligence program. Some of the information required to perform enhanced due diligence includes a source of wealth verification, detailed management reports and relevant third-party research.