Skip to content

Our Privacy Statement & Cookie Policy

All Thomson Reuters websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.

Regulatory intelligence

The new need-to-know KYC regulations

Anna Mazzone  MD, UK & Global Head of Customer Development at Trunomi, Ltd.

Anna Mazzone  MD, UK & Global Head of Customer Development at Trunomi, Ltd.

Know Your Customer (KYC) regulations were created to protect companies from criminal elements, but keeping up with the rules is costly.

A UK-based NGO that investigates corruption around the world unmasked a massive money laundering scheme involving the small Central Asian nation of Kyrgyzstan and four UK-based ‘shell’ companies. The risk it exposed is the kind KYC regulations were created to prevent. By the time the scheme was discovered in 2010, over a billion dollars had passed through foreign bank accounts set up by entities that were obviously illegal. The owner of one was a Russian who died three years before the company was formed. None of their accounts were properly registered, and one was legally classified as dormant.

Know Your Customer (KYC) anti-money laundering regulations are becoming increasingly important globally to help businesses protect themselves from identity theft, money laundering and financing terrorism. Nevertheless, episodes like the one above are all too common and the costs of complying with KYC’s anti-corruption due diligence procedures are high. According to the International Monetary Fund, incidents involving money laundering, compliance violations of KYC regulations, and other breaches are estimated to cost between two and five percent of the world’s gross domestic product.

Managing the burden of proof

High-profile money laundering incidents involving major global banks are not new, although in recent years a number of firms have been fined record sums for laundering money and for violations of KYC regulations. As a result, firms are becoming more diligent, organized and proactive in managing the risks and compliance, and are now spending more time and more money trying to remedy and avoid repetition of damaging incidents and violations. The operating challenges, however, are considerable.

The primary obligations with which the industry must comply are known by a wide array of acronyms: anti-money laundering (AML) and anti-bribery regulations (ABC), tax transparency initiatives such as the US Foreign Account Tax Compliance Act (FATCA), The Dodd-Frank Act (DF), Markets in Financial Instruments Directive (MiFID), and European Market Infrastructure Regulation (EMIR) just to name a few.

Under these, and other regulations, institutions’ due diligence must ensure that they understand beneficial ownership, and therefore the source of funds. This process involves collecting and collating identity data and documents on all clients. We recently researched how financial institutions and their clients view their key challenges around KYC compliance. The challenges most often cited were differing processes for different businesses or jurisdictions, time-consuming documentation and the lack of harmonised document collection systems.

At a minimum, organisations are generally required to document clients’ business type, their source of funds and wealth, the purpose of specific transactions and the expected nature and level of transactions. Many of the sources of data, which include certificates of incorporation, lists of company directors, directors’ passports, and cross holdings, can be very difficult to track down. Collection and verification of the data and documentation can take several months.

Because there are no standards for documentation, there is little consistency and a lot of duplication of effort. This complicates the process for both financial institutions and their clients. For example, many financial institutions are collecting the same data on the same clients, a redundant effort for both parties. In addition, financial institutions often ask for documents from their clients that are not explicitly required under KYC rules. Different regulators in different jurisdictions also require different identity documents. Regulators also expect the financial institutions to review and refresh the data on typically one, three and five-year cycles depending on the type of client.

Global banks are spending in the hundreds of millions to manage and update information that has to be redone with every new regulation. Demand for professionals to manage KYC compliance is rising, but there are not enough individuals with the proper compliance training to support all the banks’ requirements.

Collaboration, consistency, compliance

Financial industry collaboration will be important in establishing standards to ensure more consistency in KYC documentation requirements. Solutions to manage the volume and complexity of compliance will go a long way in empowering organisations to manage their identity records more efficiently, and with greater assurance that they have their KYC ‘need to know’ covered.

Learn more

Get more from Exchange Magazine in the Know 360 App.

Know your customer with Org ID

  • Facebook
  • Twitter
  • Linkedin
  • Google+
  • Email

More answers