Customer due diligence: checklist or an ongoing approach?
By Eric Malherbe, Business Solutions Manager, Pre-Sales Fraud NEMEA
Regulatory cost or a cornerstone of good business?
Nowadays, financial institutions and banks must contend and comply with a growing number of complex global regulations: the Fifth EU Money Laundering Directive, the Dodd-Frank Act, the Markets in Financial Instruments Directive, the Bank Secrecy Act, the USA Patriot Act, Basel, and local implementations of legislation around anti-corruption, fraud and bribery.
Customer due diligence – checklist or ongoing approach?
Historically, the process of KYC and CDD was straightforward and a key part of good banking practice; banks knew their customers and had a simple framework to operate in. In many respects, KYC and CDD was a checklist process. However, customers now engage with financial institutions via a number of touchpoints, both online and offline, and as regulatory standards continue to escalate, KYC and CDD have become ever more complex, time-consuming and costly.
The penalties for non-compliance are well documented: in January 2017, the Financial Conduct Authority (FCA) fined Deutsche Bank AG £163 million for an inadequate AML framework for the period between 01 January 2012 and 31 December 2015. Then in March 2017, financial intelligence regulator Austrac handed gaming giant Tabcorp a $45 million civil penalty for non-compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.
The goal is to take a more comprehensive and continuous approach to CDD ...
Regulatory demands putting strain on financial institutions
Subsequently, as financial institutions try to meet regulatory demands to avoid large fines, the onboarding process is significantly longer – and is “putting more strain” on relationships with customers. The time to bring a new client on board has increased by 22% according to a study by Thomson Reuters and regulators expect financial institutions to have a single view for each customer – a profile that is automatically updated and can be used for ‘comparison with their transactions in order to detect any anomalous or suspicious activity’.
But for many banks, their internal infrastructure and processes have been built over the years; systems are disconnected, data is siloed, and many processes are manual. The result of disconnected data and processes is that the KYC and customer due diligence checklist approach is inconsistent, time-consuming and costly at scale. The AML risk scoring process takes time as each individual aspect of data needs to be acquired and considered, and even then most CDD solutions will give you the ‘same level of customer risk analysis’ and fail to factor in event-based data, such as instances of suspicious activity, deviations from expected activity and other high-risk events.
With this considered, financial firms now must look at KYC and CDD as more than a checklist of items that need to be verified and validated in the onboarding process and instead take a holistic, end-to-end approach driven by technology. The goal is for financial institutions to be in a position where a customer’s risk rating is always up-to-date and reflects the latest changes and transactional activity.
More than just a customer due diligence checklist
At SAS, we recognise and understand the challenges financial institutions and banks face when trying to meet the regulatory pressures of KYC, CDD and AML as well as improve overall risk management, which is why we offer the SAS Customer Due Diligence solution.
More than just a customer due diligence checklist, the SAS Customer Due Diligence solution is an always-on, real-time solution that allows you to monitor every customers’ transactional activity, establish expectations around a customer’s behaviour through data and analytics, and perform a risk rating on each customer – all in the same environment. With it, you can rate new customers and update existing ones based on key events that could affect the overall risk of the relationship. High-risk customers can then be monitored rigorously by your audit team, whereas low-risk customers are managed by out-of-the-box algorithms as part of the software.
The platform also allows for the streamlining of due diligence investigation through efficient and easy-to-use case management tools (allowing you to drill down into a customer’s profile and queue up subsequent high-risk customers for review), automated and continuous event tracking to notify you of any changes, sophisticated risk management features, and global searches to help you find what you are looking for. It also provides workflow environments that can be modified to meet internal processes and compliance standards, streamlining review and approval of cases.
Lastly, the SAS Customer Due Diligence solution uses a number of data elements – including data across your department and database(s) – to accurately score customer relationships and allow you to build a better picture of customer interactions with you.
With this kind of data granularity, financial institutions will not only benefit from better data quality – but also be able to accurately assess customer circumstances, risk and transactional behaviour against previous behaviour – and as more information enters the system, these kinds of assessments can be readily done at scale. A customer due diligence checklist approach will fail to provide you or regulators with the value or information required to support effective AML and KYC – but with SAS’ Customer Due Diligence solution, you have a real-time, robust and end-to-end solution that will improve compliance, reduce its cost and give you a clear view of all customer activity.
Want to find out more about the SAS Customer Due Diligence solution? Click here.
What to read next
- Article: Rethink Customer Due Diligence
To comply with Bank Secrecy Act and Patriot Act regulations, your institution must give every customer an anti-money laundering (AML) risk rating.
Learn how to evaluate your organization's CDD processes and technology relative to current risks and needs.
Find out how SAS can help
- Web: Risk Management