With advancements in technology and constant regulatory updates, it is hard to know if your business has taken all the precautionary measures to ensure you ‘Know Your Customer’. You may have conducted due diligence at the time of customer onboarding as part of your Know Your Customer (KYC) procedure.  

However, does a standalone vetting process or a one-off KYC solution suffice? Let us examine. 

Many businesses are exposed to high risks because of the nature of their activities and customers. For instance, Financial Institutions and dealers in precious metals conduct high-value financial transactions with individuals and entities across the world, who could be politically exposed or sanctioned. The risk exposure is high as fund transfers and invoices are often used to conduct illegal activities, conceal sources of funds and launder illicit money. As customer profiles and business activities may change over time, businesses not only need to perform a one-off check, they also need to use an ongoing monitoring system as part of the due diligence programme. This is to ensure that risk profiles have not changed in such a way that exposes the firm to non-compliance and reputational damage. 

Ongoing monitoring ensures that business activities are current and consistent with the risk assessment at the time of onboarding. Many firms automate this process to periodically examine changes in the PEP status, sanctions and adverse media. They screen against dynamic up-to-date global databases for monitoring any changes in client risks and exposure. 

Ongoing monitoring is an important process for financial institutions and regulated entities that are required to maintain Anti Money Laundering/Terrorist Financing (AML/CTF) programmes by the regulators governing their jurisdiction. 

What does ongoing monitoring involve?  

Ongoing monitoring includes the following processes: 

  1. Identification of the purpose and nature of changing business relationships and recordkeeping
  2. Reassessment of client risk based on business activities, transactions and geographies, and updates to the PEP and Sanctions databases
  3. Establishing whether the client profile or activities are consistent with the KYC and risk assessment of the client.

Why do you need ongoing monitoring?  

Whether you are a small gaming establishment, a real estate agent, or an international money service business, you deal with clients who may be based overseas. So how do you keep track of the changing risks? How do you keep on top of compliance requirements and avoid exposure to financial crime and penalties? By having an ongoing monitoring programme in place that works like a sentinel looking out for your business’s health. 

Here are some instances where ongoing monitoring helps your business revisit your risk management plans. 

Change in Client Profiles:  

Client profiles change over time. A reputed client, with whom you do regular business, may become a PEP by way of an appointment in a global banking outfit or by winning an election for a political position. An overseas client may be featured in the updated FINTRAC watchlist or come up in adverse media searches because of high profile embezzlement. Another long-established client may relocate to a country in the EU which is regulated by 5AMLD/6AMLD and GDPR. All of these are changes in client risk profile and call for a review in risk assessments and compliance approach. 

Exposure to High Risk or Sanctioned Countries  

Most countries have lists of sanctioned entities or individuals with whom you are advised not to conduct business or maintain certain reporting norms. For instance, the OFAC list bars American citizens from conducting any business activity with entities sanctioned in the SDN list.  However, some countries may not feature on any sanctioned/watchlist and yet are high risk for exposure to money laundering and terrorism financing. These are usually less developed countries prone to internal conflicts and frequently changing governments. A dishonest approach to financial crime influenced by political patronage has resulted in high levels of corruption and lack of regulation.  Such countries require a customised ongoing compliance programme to prevent your business from being used for ML/TF. 

Risk Assessments of Business Relationships  

Business relationships with PEP or close associates, clients on a watchlist or those belonging to a high-risk industry or sanctioned countries, are deemed high risk. It is important to have up-to-date data when checking your customers for risk exposure. 

Benefits of Automated Ongoing Monitoring  

Ongoing monitoring is an automated compliance process that ensures your business is up-to-date with any changes related to your clients. It also works as a feedback mechanism used by the management. 

How can your business benefit? 

  • Identify potential risks that could affect the financial health and reputation of your business.
  • Be informed of any adverse media or additions to a watchlist on a daily, weekly, or quarterly basis to take a timely call on your risk  
  • Check against thousands of national and global databases for updates on information involving your client, and countries of operation. 
  • Prevent any business risks from escalating and avert consequential financial loss, especially in high-risk markets. 
  • Prioritise high risk customers and change the risk levels based on issues identified by automated monitoring. 
  • Have a granular insight into the risk areas for your data-driven decision 
  • Introduce flexibility to your compliance programme, by adding names of clients to be monitored with periodical updates. 
  • Have a speedy and cost-effective approach to compliance by eliminating manual and outdated processes. 

COVID-19 has spiked the demand for ongoing monitoring  

The COVID-19 pandemic has brought about a dramatic shift in the economic and financial scenario across the world. On one hand, rising unemployment has driven bad actors to use charity foundations and other business activities for financial fraud. Market volatility has doubled the price of cryptocurrencies, driving individuals to park dirty money in virtual wallets.  

On the other hand, money transfer businesses have witnessed a jump in transactions, with high-risk African countries, as stranded migrants send money home. Digital wallets and eCommerce business have grown phenomenally with the recent spike in demand for contactless home deliveries and digital payments.  

These are regulated sectors with high exposure to money laundering/terrorist financing (ML/TF). The demand for a robust KYC tool and an ongoing monitoring mechanism that operates seamlessly is stronger than ever before.  


Compliance laws for high-risk industries and high-risk countries keep evolving several times during the year. You need to adopt an ongoing monitoring approach that goes beyond a one-time risk reporting solution. There are no static checks against siloed databases but automated monitoring that gives you results in minutes.