Fighting money laundering (ML) and terrorism financing (TF) requires funding, time and effort on the part of entire economies. Indeed, regulatory bodies around the world are working tirelessly to implement effective Anti-Money Laundering and Combatting the Financing of Terrorism (AML/CFT) regulations.
As Mauritius seeks to further strengthen its AML/CFT regime in the light of the recent budget announcements on the forthcoming National Risk Assessment with the assistance of the World Bank, it is clear that compliance is the key to a robust financial services sector in particular.
Most recently, it was announced during a workshop organised by the Financial Services Commission that the AML and CFT (Miscellaneous Provision Bill) will be presented to the National Assembly by October 2023 with the objective of reviewing minor shortcomings so that Mauritius can achieve a higher threshold of excellence and continue to be compliant with all 40 recommendations of the Financial Action Task Force (FATF).
Significantly, the central bank governor, Harvesh Seegolam, noted last October that ‘the Bank of Mauritius (BoM) has put in place best-in-class infrastructure in the form of the InfoHighway platform, which facilitates the sharing of documents relevant to Know Your Customer (KYC) processes amongst Government Agencies. BoM is leveraging InfoHighway to ease access to digital KYC documents against independent and reliable sources of data, in compliance with FATF requirements’, he emphasised.
Indeed, in the overarching fight against ML and TL, KYC is critical ammunition. The basic objective of KYC is to determine the appropriate risk profile of each customer – and ensure their information remain up to date and reliable on relevant systems to meet the legal and regulatory requirements.
Key regulations governing KYC, and the process itself
The tone for global KYC requirements is set by the FATF which recommends that all institutions, especially financial institutions, adopt a risk-based approach to avoid the main ML and TF risks while safeguarding their reputation. Moreover, other international authorities, like the Financial Crimes Enforcement Network (FinCEN), have made it mandatory for financial institutions to comply with KYC standards to prevent illegal activities.
Thus, following regulatory guidance, it is incumbent on every financial stakeholder to take action themselves, and support actions taken, to adhere to KYC requirements in order to play an effective role in the global economy.
The foundation of the KYC principle, controls and verifications in key jurisdictions, such as the US, UK and EU, is laid out by certain landmark acts and directives. These include the UK Bribery Act and the UK Modern Slavery Act; the Know Your Customer Program (CIP) as part of the US Patriot Act; and the 3rd EU Money Laundering Directive (Article 8) as well as the 4th, 5th and 6th EU ML Directives.
As a first step, organisations running KYC checks need to run client names through relevant customer identification programmes to ensure that what customers say about themselves and their firms is accurate. Next, they must conduct Customer Due Diligence or CDD – which involves the collection of relevant information to verify the customer’s identity and arrive at a realistic assessment of the customer’s risk profile. As an additional but essential precaution, under the risk-based approach, high-risk customers are subjected to enhanced due diligence or EDD. The final step in KYC is the ongoing monitoring, or the continuous scrutiny, of customers and their activities or transactions as a window to maintain regular checks of high-risk customers, in particular the risk of their potential listing on sanction lists and adverse media, to mitigate the threat of financial crime.
What is KYC remediation?
Once a firm’s KYC programme is securely in place, the next step is to ensure that this data is adequate, maintained in a reliable manner and updated in line with legal and regulatory requirements. KYC remediation refers to the process used to (1) analyse customer information against certain trigger events, (2) identify any inconsistencies in the data and (3) decide upon the appropriate follow-up action arising from such findings.
Institutions that don’t comply with AML/CFT regulations around KYC run the risk of being fined or even losing their licence to operate and senior officials may be subject to jail time. To illustrate, within consolidated fines of US$2 billion for bank AML breaches in 2022, one of the largest fines was imposed on a European bank that was found guilty of having insufficient transaction monitoring of high-risk customers and inadequate EDD measures. In the UK too, the Financial Conduct Authority fined several banks that had failed to adequately check clients for ML and TF risks, while processing deposits from customers based in countries flagged off as high-risk jurisdictions. In a case of KYC failure, the FCA made a note around a bank specifically having failed to identify politically exposed persons (PEPs), pinpointing that the bank in question had failed in its duties as it lacked sufficient compliance staff to perform the work required.
How Abler can help with KYC remediation and risk mitigation
Our dedicated team assists our customers to effectively carry out their AML/CFT KYC remediation work in a timely, well-structured and reliable manner to meet their expectations in line with their KYC remediation framework, policies and procedures.
The scope of our KYC remediation work includes, and is not limited to:
– Understanding the customer’s KYC and KYC remediation framework, policies and procedures;
– Helping customers review their existing KYC records and periodic review findings to identify KYC records for remediation;
– Liaising with stakeholders to clear their backlog of KYC documents on their customer files to meet current regulatory standards and mitigate customer associated risks;
– Completing data analysis and identification of controlling parties and beneficial owners;
– Identifying other areas of deficiencies that require remediation – including, where agreed with customers, ensuring the customer CRM solutions are up to date with the latest KYC records, as applicable; and
– Providing relevant insight into the impact of the remediated up to date KYC on the Re-assessment and re-classification of customer ratings in line with the evolving risk appetite of the organisation..
Why KYC remediation is critical ammunition in the fight against ML/TF
KYC remediation helps organisations to avoid committing ML and TF breaches by ensuring that customer data is updated and accurately reflected in the system; customer risk profiling are also correctly maintained on the institution’s records. Ultimately, it is only by implementing a comprehensive KYC remediation procedure that businesses will be empowered to efficiently evaluate the risks associated with their customer profiles; gain crucial insights into their customers’ behaviour; flag any suspicious patterns; and minimise potential business risks in the process – be it safeguarding against financial crime, complying with best-in-class laws and regulations, or preventing penalties from being imposed for KYC breaches.
Finally, by putting a robust KYC remediation framework in place, businesses can develop a more nuanced understanding of their customers, facilitating a better customer experience, improving customer loyalty, and identifying new revenue streams by gaining insights into customer behaviour and performance patterns. Investing into comprehensive KYC remediation processes can reap many benefits for businesses and ensure that they stay on the right side of regulators at all times, thereby benefitting the economy.