KYC remediation is vital. Not only do you need to know who your customers are, but take proportionate measures to conduct a thorough risk assessment utilising a risk-based approach tailored to your business, customers, products, and jurisdictions.
It’s important to make sure you are following applicable laws, regulations, and guidance from industry recognised authorities such as the Financial Action Task Force (FATF), Wolfsberg Group, and Joint Money Laundering Steering Group (JMLSG), respectively. Understanding the risk posed by a customer is the first step in safeguarding your business against unwanted criminal activity.
2021 will see several changes in the regulatory landscape. The EU’s 6th Anti-Money Laundering Directive (6AMLD) must be implemented by member states by June 2021. The aim of the 6AMLD is to harmonise the legal and regulatory landscape across the European Union by removing loopholes and introducing stricter penalties. Competent authorities and financial institutions will be empowered by the expanding scope of regulatory and criminal penalties for predicate offences. For example, aiding and abetting money laundering will carry the same criminal penalty as committing offences. There will be an extension of criminal liability to companies and legal persons. Cooperation between EU member states will improve in 2021 placing a bigger emphasis on sharing intelligence and the reporting of suspicious activity. KYC remediation often highlights compliance risks and red flags. The most serious risks and criminal activity will be shared and dispersed much quicker compared to previous years.
Financial institutions should prepare in advance of the impending changes and update KYC & AML programs including revising policies, procedures, and controls. KYC remediation efforts must factor the amended changes and ensure proportionate risk-based measures are implemented.
By March 2021, all Ultimate Beneficial Ownership (UBO) registries in EU/EEA countries must be interconnected. The Business Registers Interconnection System (BRIS) connects the business registers of each member state to a 'European Central Platform'. Documents are currently available by PDF download only and there are no APIs to retrieve or extract documents. BRIS instructs users to visit national registers to retrieve filings in specific jurisdictions. It is unknown how BRIS will improve UBO retrieval due to disparities in accessing UBO information. There are also indifferences in what data is available and accessible by the public.
If BRIS can offer greater harmonisation and transparency in UBO data, this may remove some of the burden of KYC. However, that said, it is likely a combination of official and third-party data sources will be needed to plug the gaps, enrich, validate, and supplement publicly available data. While there is no single source of truth, KYC reviews will continue to leverage multiple datasets but 2021 will see gradual improvements in the centralisation and establishment of UBO registries. This space is one to follow closely as there are a growing number of tools being developed to streamline and automate this process.
Stricter Deadlines in KYC Reviews
Large banks face the onerous task of remediating a back-log of KYC reviews. Throw into the mix event driven reviews, transaction monitoring alerts, and high rates of false positives, financial institutions will need to do more with less. The recovery from the pandemic will continue in 2021, businesses will have smaller budgets at their disposal, but regulators will not take the foot off the gas. Failing to meet KYC annual reviews are unlikely to be excused by regulators as strict KYC review deadlines are here to stay.
Digitisation Will Gather Pace
Remote working and digitisation will continue in 2021. Banks embracing digital transformation will strengthen customer acquisition through digital channels. Regulated entities will continue to develop an integrated risk-based approach leveraging technology, processes, and data flows across all digital onboarding, AML and anti-fraud risk management activities. Digital customer relationships will come under greater scrutiny where there are high-risk indicators. This will increase KYC remediation efforts for non-face-to-face customers who fall in the high-risk category. Banks frequently monitor and adjust their risk appetite. Recent high-profile scandals and the FinCen files leaks will continue to put banks firmly in the spotlight – failing to comply will not be tolerated.
More Enhanced Due Diligence
Customer risk ratings based on entity risks, country risk, industry risk, PEPs, and other types of risks has resulted in more EDD reviews for banks not only during the onboarding stage but during the remediation and annual risk assessment cycle. As banks continue to reduce their levels of risk tolerance, expect to see greater numbers of EDD reviews in the future. Balancing risk vs profitability will be a key theme in 2021.
The geopolitical landscape in 2021 will be different. The escalating trade war and dispute between the US and China imposing tariffs on hundreds of billions of dollars’ worth of goods may soften or worsen with the newly elected US president. The sanctions landscape may change which is often a complex issue for financial institutions particularly around sanctions ownership and the fifty-percent rule. KYC and customer due diligence is directly correlated with changes in the geopolitical landscape. Imposing more sanctions means more alerts and more reviews.
Finally, regulators are unlikely to take the foot off the gas. Regulatory fines are unlikely to soften anytime soon but clearly, they do not work. Are we at a tipping point? Will we see a strong message sent out by regulators and law enforcement agencies? Will jail sentences become the compelling deterrent? 2021 is likely to be a ground-breaking year in KYC & AML compliance as the pressure builds on banks, and regulators to act in adopting a no-nonsense approach to tackling financial crime.