Know Your Customer (KYC) and Anti-Money Laundering/Counter Terrorism Financing (AML/CTF) initiatives are part of the culture of compliance in businesses and financial services. They are core to the stability of the financial system and success of a business. Brand image and customer confidence stems from the knowledge that the company adheres to compliance procedures as required under the regulatory laws.

Recognising the importance of compliance, senior executives are adopting a top-down approach across the business process. Moving beyond the KYC onboarding, they are also enforcing policy driven compliance systems and mandatory checks, not just customer due diligence (CDD).

The process of compliance

The compliance framework begins with KYC identification and verification for customer onboarding. The process continues with AML compliant systems that use technology and analytics across the AML lifecycle. As part of ongoing diligence, companies also use third-party services for re-approvals and checks to assess the risk. Is an existing individual or entity featured on the Watch List?  Does a new customer have a criminal/fraudulent history? Does the organisation have a significant connect with a Politically Exposed Person (PEP), or a terror outfit? These are questions that every business must ask as part of the ongoing compliance process. With strict regulatory requirements governing compliance, no business can afford to take shortcuts and compromise with its credibility. They must address the challenge to acquire the “right customer” and stay ahead of compliance programs.

Why is it important to have a strong culture of ongoing compliance?

The senior executives of companies who are yet to realise the importance of AML compliance, are now revisiting their business policies with respect to potential risks and costs involved.  Besides financial loss from penalties; companies also face risks of reputation, statutory enforcement and limitations of business expansion. Companies doing international business may find themselves subject to different AML jurisdictions and compliant norms. Under the given scenario, non-compliance places limits on business growth and exposes companies to the risks of money laundering.

Across industries and service types, every business wants to associate with companies having a strong AML compliance culture. They want to avoid exposure to any “risk by association” with a non-compliant company. Neither do they want to damage their reputation from being associated with money laundering or terrorist financing activities.

However, companies that have invested in compliance are discovering many benefits.

• Better data-driven marketing opportunities with KYC and due diligence data at disposal.
• Better operational efficiencies with ongoing monitoring of AML compliance.
• Higher brand image and customer confidence.
• Identification and timely modification of risk exposure to avoid potential pitfalls of money laundering activities and provide suitable solutions.
• Reduction of risks of exposure to corruption, identity thefts, frauds, terrorist financing and other potentially illegal activities.
• Reduction of bad debts/loans due to enhanced customer due diligence.

Ultimately, the benefits of ongoing compliance out-do the burden of investments in compliance yielding a higher return on investment and shareholder confidence. Therefore, companies are now adopting a pro-active plan with an integrated culture of compliance.

The future role of compliance

Global regulations on AML/CTF require compliance measures for prevention and control of money laundering and terrorist financing. So customer data is gathered during KYC, and subsequent compliance checks and transaction-generated insights help identify potential frauds and suspicious business activities. Current business practices include using such data for re-assessment of risks, monitoring red flags for suspicious transactions, and maintaining a customer transaction history for five years.

However, with the GDPR Bill to rollout in May 2018, followed by the EU PSD2 (Revised Payment Service Directive, the focus is on KYC data governance and the customer rights to his data. Recent cases of data harvesting for dubious purposes have also highlighted the potential implications of data use. The way forward is for companies to align corporate strategy with AML/CTF complaint systems and procedures; for effectively regulating ongoing compliance in the time of GDPR/ PSD2.