Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance is a regulatory challenge. Financial institutions and banks must not only comply with stringent regulations but ensure the data they use for risk mitigation and prevention is both reliable and accurate.
Data is at the heart of compliance efforts. Lapses in data quality, incompleteness, and unavailability can hinder effective due diligence, resulting in criminals exploiting weaknesses to commit nefarious activities. Financial crime affects the entire value chain: businesses, financial institutions, governments, and societies. KYC data should be at the core of your strategy to stop bad actors from using your business to launder their ill-gotten gains.
In this article, we discuss corporate KYC data — by comparing primary-source data to stored data — and why data direct from the source is paramount in complying with KYC regulations and keeping your business safe against the evolving threat landscape.
What is Primary-Source Data?
Primary-source data is information obtained directly from the source. In the context of KYC, primary-source intelligence includes data from corporate registries and official government sources, such as land registries, embargo and sanctions programs, and regulatory and law enforcement watchlists, among others. In a recent survey, 81% of senior management believe poor quality data severely delays customer onboarding and negatively affects the customer experience. The knock-on effect is poor customer retention and loss of revenues.
Harvesting information directly from primary sources is a regulatory requirement and recommended to be used to verify the identity of natural persons and legal entities during client onboarding and ongoing customer due diligence. Static data lacks quality, and outdated data causes more problems than it solves. In fact, regulators demand the use of primary-source intelligence. In the EU, the 6 Anti-Money Laundering Directive (6AMLD) came into effect on December 3, 2020 and must be implemented by financial institutions by June 3, 2021. 6AMLD places greater responsibility on regulated entities in the fight against financial crime by expanding the legislative scope of KYC and AML compliance and introducing tougher punitive actions for breaching regulations.
Publicly-available data gives timely access to crucial KYC data points, including the nature of business, beneficial owners, legal representatives, and entity type — data that can help achieve compliance with the ever-changing regulatory landscape.
Primary-Source Data vs. Stored Data
Stored data is old data by definition, and old data is unreliable. When comparing primary-source data versus stored data, it is important to put into perspective the dynamism of data. Start by compiling a list of all the KYC data points analyzed during the KYC onboarding and customer due diligence process. Then, highlight all the data points that may be subject to change over time. What type of changes can occur? How important are those data points? What is the level of actual risk?
Once you have ranked the importance of dynamic data to your compliance investigative workflow, visualise carrying out a risk assessment using stored, unrefreshed, or outdated data. What kind of red flags could you miss? What are the implications of missing a shareholder? Or unwittingly doing business with an organisation that is subject to the Office of Foreign Assets Control (OFAC) 50% rule? What will the regulator say? What are the potential implications to your business? The cascade effect can be damaging, resulting in significant financial losses and reputation damage. Relying on stored static data is extremely high-risk, but you can simply avoid this pitfall by using primary-source intelligence.
Why Primary Source Data Will Play a Key Role in the Future of Corporate KYC
Primary-source intelligence is already playing a key role in the present, but how does it bode for the future? The EU anti-money laundering directives, if followed correctly, can be an effective tool in the fight against financial crime by putting data at the center of financial crime prevention. Picture reformed corporate registries clamping down on fraud, money laundering, and other criminal activities; ultimate beneficial ownership registries are due to becoming interconnected at the EU level; and public registers of Politically Exposed Persons and other Data sharing initiatives prevailing. The measures introduced by regulatory change can drastically improve compliance if implemented successfully by financial institutions. Primary-source intelligence has the potential to be a game changer, but depends on how, when, and where businesses adopt real-time data intelligence. Primary source information will play a critical role in corporate KYC risk mitigation and the fight against financial crime.
Conclusion
Making decisions based on primary-source data is an easy way to improve KYC compliance. Not only does it improve risk identification and mitigation, but it strengthens the risk-based approach by using the most up-to-date data readily available. KYC and AML investigations are only as good as the data you use, and the implications of non-compliance may result in a ceasing of operation orders, fines, and/or imprisonment. Make sure you do not compromise your business activities or reputation by using unreliable outdated data.
