Ongoing customer due diligence

For compliance and fraud teams, Customer Due Diligence (CDD) is never complete. Customer activities can change and risk profiles need to be reconsidered as new threats emerge and regulations are updated. Keeping aware of all accounts and the risks they pose through thorough ongoing CDD procedures helps control fraudulent activities and maintain compliance.

Taking a proactive perpetual KYC approach and systematically reviewing accounts, transactions and risks is an opportunity to protect the organization further and re-engage customers. It’s not a tick-box or a one-and-done exercise, but rather is an ongoing approach that embraces holistic data and deep analysis.

Understanding the state of accounts, even in real-time, is now technologically possible and a powerful organizational tool.

Ongoing monitoring of the customer relationship

Depending on the jurisdiction, often there are prescribed requirements for regulated entities to perform ongoing monitoring. According to the Federal Financial Institutions Examination Council:

Performing an appropriate level of ongoing due diligence that is commensurate with the customer’s risk profile is especially critical in understanding the customer’s transactions in order to assist the bank in determining when transactions are potentially suspicious.

There are various activities and data sources to keep track of, including risk thresholds, suspicious activities, status changes, changes to account information, watchlists, market trends, trade data and various other market and transaction monitoring needs.

The first step is a system that will identify any substantial spike or deviation in activity or significant change. The solution should trigger alerts for specific events, which are sent to staff for further investigation.

However, it’s one thing to note a set threshold has been hit, but it’s quite another to detect a pattern that sophisticated fraudsters are using to stay off the radar. More sophisticated dynamic risk-scoring provides abilities to monitor numerous variables, both on an account level and overall risk factors. Deploying machine learning technologies and fraud analytics to watch large transaction volumes makes it possible to fine-tune monitoring and uncover patterns that point to questionable activities.

Evaluating risks and taking preventive actions

Detecting patterns isn’t the same as taking action. Taking or not taking appropriate counter-measures is often the deciding factor in compliance failures.

Consider the FinCEN Files, where many global banks had evidence of money laundering yet continued to transact with the concerning accounts. While they did file suspicious activity reports, they didn’t take any further action. Note the FATF, in their Risk-Based Approach Guidance for the Banking Sector, states senior management should:

Promote compliance as a core value of the bank by sending a clear message that the bank will not enter into, or maintain, business relationships that are associated with excessive money laundering/terrorist financing risks which cannot be mitigated effectively.

The resulting publicity didn’t reflect well on the offending banks or on regulators. Since the release of the FinCEN Files in September 2020, there have already been billions of dollars in fines. The U.S. now has new AML laws. And, the impetus for further regulations and more demanding requirements have gathered speed.

Creating and following systematic procedures to follow through on any red flags is crucial for ongoing CDD.

Perhaps a fraud alert inquiry is sent to the customer to ensure a transaction is legitimate. Or, an account needs some extra checks and a KYC remediation might be in order. If the risk profile has fundamentally changed, complete Enhanced Due Diligence might be required. Outright termination of the account is also an option.

The key is to have set policies and processes for various contingencies. Anticipating scenarios will help to clarify which approaches to take and will speed up responses.

It’s vital to consider the customer experience during these CDD actions. There are numerous valid reasons for account changes and often, monitoring tools can create false positives. Fortunately, many checks don’t need client interaction at all.

Connecting any information requests with customer support offerings presents an opportunity to extend the account instead of causing unnecessary friction. Due diligence offers a way to understand the customer and their needs that much better.

Core values, tools and insights

For forward-looking entities, compliance is a competitive advantage. Effective ongoing compliance lessens risk, increases knowledge of customers and enables adaptable systems. Establishing values and procedures that promote constant vigilance and respect for regulatory obligations helps create a transparent organization with good governance.

Companies that embrace the tenets of ongoing CDD demonstrate the values that entice customers and investors and earn the respect of regulators. The tools, frameworks and strategies that drive ongoing CDD are the same that create a scalable, adaptable and robust organization.