Unlock Our Latest Cutting-Edge Source of Funds Solution --> Discover more
New: 2024 Money Laundering and Financial Crime Report --> Read the full report
We're a multiple award-winning firm and one of the fastest-growing tech companies in the UK - find out how we got to where we are today.
We are always looking for talented individuals to join our growing team - if you are highly motivated with a positive attitude we want to hear from you.
Discover the latest events we will be hosting, exhibiting, and attending, where you can learn more about our industry-leading digital compliance solutions.
In our report, we’ve uncovered and illustrated worldwide data to determine which ‘anti-money laundering (AML) events’ are most popular around the world and in each country.
Discover key industry news and insights with our latest resources, including whitepapers, press releases, and video content.
Read all our latest news and views plus all the latest on what's going on in the industry.
Including FAQs, a glossary of terms and information on how to use our award-winning system, our help centre should tell you everything you need to know.
Find out how we have helped some of the UK's leading law, accountancy, finance, insurance, property and investment firms transform their businesses with our award-winning products and services.
CDD is a key part of AML compliance, and KYC should be the first step in any strong risk-based approach. SmartSearch can perform KYC checks on both domestic and international clients – our resources can confirm identities in over 200 countries using our electronic verification software. You can even access this service on the go with our app, SmartAML. Perpetual Know Your Customer (pKYC) is a more dynamic all-encompassing KYC solution and said to be the future of risk management strategies.
KYC (or know your
customer) checks, are background checks that should be carried out as part of your risk-based approach. The
KYC process involves the verification of the customer’s identity, using
documents like photographic ID, proof of date of birth and proof of address.
This can be done manually, with physical documentation, but it’s faster and
more reliable to do it electronically, with data sourced online.
Customer due diligence,
or CDD is a longer process which continues after the customer has been
onboarded, and includes checks like sanctions and PEP screenings, to
continuously assess the risk-level that a customer poses to a business.
Both KYC and CDD are
crucial aspects of AML compliance. Regulated firms must identify and
verify anyone they work with, to ensure they don’t unknowingly become involved
with a business or individual with a history of financial crime, or sanctions.
Perpetual Know Your Customer (pKYC) - also known as continual KYC
- is the ongoing process by which businesses continuously update customer
information as a part of their risk management strategy and is a step on from a
standard Know Your Customer (KYC) process.
pKYC not only offers a much more
dynamic and secure risk management solution but will automatically evolve as
clients’ circumstances change, thereby reducing risk and the level of period
work required by regulated firms.
Our award-winning AML and digital compliance solution can perform efficient, electronic KYC checks in just 2 seconds for every type of client – from individuals to businesses, including professional services and large corporate enterprises. Regardless of the scale of your customer or client, our KYC verification process is thorough, quick and extremely accurate, delivering the highest match and pass rate on the market of 97%, so you know exactly who you’re going into business with.
We’re proud to offer an end-to-end onboarding process. Our comprehensive platform is the largest collection of AML tools in one place – with everything you need, right through from initial checks to ongoing monitoring. Plus, our software can be seamlessly integrated with your existing systems for minimal disruption.
With SmartSearch, you’re not limited to carrying out KYC checks on customers in the UK. Our unique platform uses international databases like the Dow Jones WatchList, which is updated daily, to carry out due diligence checks on individuals and businesses all over the globe, in over 200 different countries.
We’re AML compliance experts. That means our platform is built to make every aspect of your compliance as convenient as possible, with time-saving features like electronic verification and automated status change alerts. Choose one of our products and you’ll benefit from the ongoing support of a dedicated account manager.
The reason many firms are looking to transition to a pKYC model
is, not only is it far more reliable due to the fact it is constantly being
updated to provide ongoing compliance, but because it is automated, it requires
much less effort on the part of the regulated firm. Instead of doing an initial
check, and then having to revisit the client each year to assess if their risk
level has changed, pKYC enables the firm to sit back, rest assured that their customer
database is always up to date and fully compliant.
We can verify the identity of your clients electronically in seconds, and the system will automatically undertake Enhanced Due Diligence if any client is matched with a Sanctions or PEP list. Our daily monitoring services will alert you of any changes ensuring you always remain fully AML compliant.
SmartSearch offers a one-stop-shop for all your firm’s AML requirements. The user-friendly system enables staff at any level to successfully run AML checks, and we are constantly updating and improving the platform to ensure it remains the leading AML solution on the market.
Let one of our highly-trained sales team demonstrate the multi-award winning SmartSearch AML product
As an AML registered company, you’ll understand the complex and time consuming process of Know Your Customer checks. If you’re looking for a streamlined process, faster onboarding, improved customer experience and lower operational costs, we’ve got the solution for you.
Harness the power of our innovative software and breeze through difficult compliance checks in minutes, not weeks.
We offer a multifaceted AML and KYC solution in the form of TripleCheck — a comprehensive electronic service incorporating three thorough approaches to hi-tech verification.
The first of these methods cover identification, verification, and screening, while the second and third methods are the customer checks of facial recognition and digital fraud checks.
Minimal input — maximum output: To complete a full AML check on a customer, just enter their name and address into TripleCheck and leave the system to do the heavy lifting for you, as an individual AML check will be conducted in fewer than two seconds. In assessing the customer, the software will check their records against those on over 1,100 databases, including PEP lists and sanctions lists.
Advanced document verification: TripleCheck’s second level uses Optical Character Recognition (OCR) and biometric facial recognition technology to rapidly analyse photo identity documents provided by the customer. The system can alert you if it detects any suspicious discrepancies between this document and the ‘real person’.
User-friendly interface: Though many cogs are turning beneath the surface when TripleCheck is in full flow, the front-facing part of the system remains delightfully intuitive to use. Staff members at all levels of your business will easily be able to use TripleCheck to perform customer checks as and when necessary, making for a user-friendly solution.
Confirm identities in over 200 countries: If your business targets a range of international markets, rest assured that SmartSearch enables you to carry out efficient KYC and AML checks on customers based across various territories around the world rather than just the UK. Our platform uses the Dow Jones Watchlist, which is updated daily.
Once you have completed a customer assessment with TripleCheck, you will have access to an automatically generated AML certificate confirming the findings. This will be useful for your record keeping, as the certificate will also be saved to the central SmartSearch platform.
The AML regulations applicable in the UK are derived from a patchwork of domestic and international laws, of which the main ones are outlined below:
This legislation has been amended multiple times since it was originally passed, and specifies various AML requirements for UK businesses to meet.
This established the Financial Conduct Authority (FCA) as the UK’s main AML regulator, which is responsible for ensuring UK financial services institutions’ AML regulatory compliance.
This law defines money laundering offences which would constitute criminal conduct. POCA also outlines penalties for these offences and obliges companies to report suspicious activity.
Though the FCA remains the UK’s primary AML regulator, several other law enforcement agencies also enforce AML regulations as well as share the FCA’s responsibility of investigating criminal activity in the UK financial sphere. These bodies include:
Additionally, there are some industry-specific regulators — such as the Gambling Commission and Solicitors Regulation Authority, which focuses on AML compliance processes in gambling businesses.
The KYC process steps can be separated into two broad categories: one of identifying customers and another of verifying customers. The former would entail you collecting personal data from a customer, while the latter would see you checking this data’s accuracy.
For the verification stage of KYC, a business will usually need the customers:
Traditionally, a customer would provide paper documents — for example, an energy bill and a water bill — as evidence of the personal details they have provided. The business would verify those details by scrutinising the documents and confirming their authenticity.
By verifying that a customer is who they say they are, a business can make sure the customer is neither a fraudster nor subject to sanctions. The company can therefore decrease its risk of inadvertently and unknowingly becoming an accessory to money laundering.
However, there are now automated KYC solutions that extract data from documents and compare them against templates. This can help not only streamline the overall KYC process — in terms of both the time and cost expended — but also reduces the impact of human error.
That said, it can pay for you to be selective about exactly which automated KYC — or, as it is otherwise known, eKYC — solution you choose to utilise. There would be the risk of you opting for a KYC provider that does not quite offer all the KYC services you need.
There might theoretically be nothing preventing you from simply sourcing different services from different providers in order to cover all your company’s KYC needs. However, it would doubtless be more efficient for you to obtain all the required services from just one provider.
While some KYC providers might — for example — offer AML screening but omit the use of facial biometrics, SmartSearch’s innovative platform for AML compliance covers all aspects of KYC.
The exact KYC process steps you take can depend on what KYC tools you have at your disposal. However, here is a basic breakdown of what we would consider the proper KYC steps to follow, enabling you to comprehensively confirm customer identity while adhering to AML law.
Though this is traditionally the order in which the steps ought to be taken, technological advances have allowed for a less cumbersome alternative. With SmartSearch’s AML platform, you can run the customer’s name, DOB and address through a full AML check in just a few seconds.
You would start by asking the customer to provide you with their personal data — which, typically, would comprise their name, date of birth (DOB), and address. You should also ask the customer to provide documents that can act as proof of identity.
The objective here is to verify the customer’s ‘liveness’; in other words, the customer is an actual, living person. SmartSearch’s TripleCheck AML solution uses biometric facial recognition and a Selfie Liveness Video (SLV) for this purpose.
As it would be risky for you to simply take the customer’s documents at face value, you could first determine their authenticity by looking for the customer’s absence in sanctions lists and PEP lists — a step often casually referred to as AML screening.
The customer can provide such proof-of-address documents as bank statements and utility bills, enabling you to ascertain higher-risk customers based on their address alone — such as if it is in a jurisdiction struggling to counter money laundering.
Once you have undertaken the above checks, you will be able to determine the customer’s risk category. For example, if you establish that the individual is a PEP (Politically Exposed Person), Enhanced Due Diligence requirements will come into play.
You shouldn’t just settle for the bare minimum with your KYC measures — not least because, in doing so, you could too easily risk falling short of compliance with AML regulation. To assist you in optimising your KYC process, here is a checklist of crucial things it should look for.
For many customers, this information would include names, addresses, dates of birth, and social security numbers as well as — in the case of corporate customers — company incorporation documents. The information you collect here needs to inform your approach to AML compliance, including risk assessment.
Once you have the above-mentioned identifying information, there will be certain official lists you must compare to assess each customer’s risk profile. The lists will include those of sanctioned people, PEPs, and high-risk jurisdictions.
This will account for not only the extent of the customer’s risk to your business but also what factors are influencing this risk. For example, a PEP will be more vulnerable to — and so run a higher risk of — corruption and bribery.
As you cannot be certain that this risk will not change at any point during the customer relationship, you should continue to undertake Customer Due Diligence (CDD) as a matter of course.
Given the administrative challenge of adhering to AML regulatory requirements, you must automate your KYC compliance process. When KYC duties are carried out manually, you can be left with perilously inaccurate customer details.
As you can probably imagine, it can be time-consuming to meet all of these criteria with KYC if it is conducted through manual means.
However, automated software such as SmartSearch’s AML solution can time-efficiently accumulate all the information you need for KYC purposes. For a commercial client, SmartSearch can present you with a report covering company structure, persons of significance, and beneficial owners.
If you are an AML-regulated UK business, you have a legal requirement to use proper due diligence processes in the course of Know Your Customer procedures. This means identifying and verifying the client before screening them against PEP lists and sanctions lists.
If the client’s name matches one of these lists, you must subsequently undertake Enhanced Due Diligence so that you can assess how much risk the client potentially poses.
These are all only initial AML checks — as, after completing them and onboarding the client, you are required to also engage in an AML monitoring process on an ongoing basis. The KYC process is therefore only the first involved in long-term due diligence.
However, it is essential that you meet your Know Your Customer obligations properly. Otherwise, you could risk incurring a fine or even a prison sentence, while your business could become lumbered with reputational damage resulting from negative publicity.
In theory, many AML-regulated businesses could verify the authenticity of customer-provided documents by reviewing them in person. In practice, however, this can be an inefficient and unreliable method of document verification — especially as digital alternatives now exist.
Digital document verification is so-called as it takes place online. It would be an option for members of your organisation to take up even on mobile devices. The process involves checking formal documents like driver’s licences and bank statements for:
The essential appeal of digital document verification can be summed up: it enables users to both accurately and speedily identify forgeries in documents. This is no small boon for time-strapped businesses that nonetheless need to closely heed their AML compliance obligations.
Digital document verification is technology that does most of the heavy lifting. Hence, whether an agent is experienced or inexperienced with AML screening, they can expect the same reliable results when they use the automated Know Your Customer solution from SmartSearch.
Authenticating a customer’s documents in this way would also be convenient for the customer, as they would not strictly need to present any physical paperwork at the onboarding stage. Instead, they could choose to simply upload digital images of these documents.
Offering such a smooth, efficient onboarding system can pay dividends for your organisation and its reputation. As revealed in the research, 63% of customers take the onboarding process into account when deciding to buy a product or subscribe to a service.
Furthermore, 90% of customers have expressed the view that companies could enhance their user onboarding process. However, in the modern age, customer expectations have made frictionless onboarding more of a necessity than a luxury for many businesses.
We would therefore urge you to contact us for a free personalised demo of our acclaimed SmartSearch AML product. This solution uses facial recognition technology to speedily match and approve documentation against official records.
By implementing the sophisticated SmartSearch AML platform for staffers at your company to access as and when needed, you can unlock the following practical benefits:
Not only is the SmartSearch AML system intuitively designed, it comes with product sheets and clear guidelines further indicating how it can be used for performing AML checks quickly. However, this only begins to explain why we can help to prevent errors with your KYC checks.
When the Know Your Customer process is undertaken manually, there are various stages of it where human error can easily be made — to the detriment of your AML compliance record. For example, you could overlook when your Customer Due Diligence efforts should extend to Enhanced Due Diligence.
Fortunately, as many functions of our KYC platform kick in automatically once it is put into motion, you can trust it to flag up issues that could otherwise be prone to eluding attention. This means that, if the system detects the need for Enhanced Due Diligence, EDD will automatically be triggered.
The SmartSearch platform will work quietly in the background to investigate and remove any false positives that come about due to the EDD detection feature — which, as a result, would only prompt you to manually intervene in limited circumstances.
We appreciate that your AML knowledge might not be exhaustive — and that, in this area, you could lack the specialist AML expertise of a KYC services provider like SmartSearch. That’s why our KYC solution has been built to automatically undertake a wide range of AML processes.
For example, while you might know how important it is to check whether a customer is a PEP, there remains no single central database of PEPs. Though there are multiple publicly available PEPs lists, you could make the mistake of overlooking one where the customer is mentioned.
Another issue with manual KYC checks is that they could allow RCAs to slip through the net. The acronym ‘RCA’ means ‘Relatives and Close Associates’, and refers to individuals or businesses that, being related to or closely linked with a PEP, are potentially vulnerable to:
This is why our automated platform also offers you the ability to time-efficiently screen for RCAs and so factor in the added risk that would be involved in your business forging ties with them.
Often, the challenge of achieving AML compliance is not discerning what needs to be done, but instead freeing up enough time to do it. Indeed, when you partner with SmartSearch for your AML needs, we can provide you with in-depth advice on how to meet this particular legal requirement.
When you become a client of SmartSearch, we will assign you a dedicated Account Manager offering you ongoing support utilising our KYC automation software solution. This Account Manager will be able to swiftly answer any questions you have about how to use TripleCheck.
When you need additional support in the course of using TripleCheck, you will also be able to tap into the expertise of our full client services team. You can get in touch with the Yorkshire-based KYC provider SmartSearch by phone, email, or online contact form.
However, TripleCheck has been built from the ground up to be user-friendly for workers across all operational levels of your organisation. Our client support team is intended to very much act as a safety net: you might rarely need it, but you can take comfort from simply knowing that it is there.
Once you have entered an individual’s name, address, and DOB into TripleCheck, the platform will complete an exhaustive series of KYC checks in less than two seconds. At that time, the software can scan multiple global databases, including Equifax, Experian, and Dow Jones.
SmartSearch’s access to vast troves of data from around the world makes the system likelier than many others to return a pass for clients. Our KYC platform delivers a match-and-pass rate of 97% — and clears up 75% of failed cases automatically.
After going through these checks, TripleCheck will also automatically generate and store a detailed report on the individual whose details you have submitted. That way, you won’t have to manually compile the report yourself — and you will easily be able to find it as and when necessary.
There are bound to be occasions when you might be eager to strike deals with large numbers of clients all at once — in which case, you could feel particularly daunted by the prospect of keeping up your AML compliance duties by having every single one of those clients' AML screened.
However, our automated KYC solution works quickly and effectively when used not only on an occasional, one-off basis but also for onboarding clients in high volumes and rapid succession. SmartSearch’s latency-free TripleCheck platform makes for a time-efficient solution.
It helps that, when your company initially implements the SmartSearch platform, we will provide you with offline ‘how to’ guides for you and any of your co-workers to consult in order to get to grips with using TripleCheck. We can even give your team access to tailor-made training.
Accuracy is paramount with KYC checks — as, otherwise, you could unknowingly enter into a contract with a client who would be disadvantageous for your organisation’s standing or financial health. Fortunately, automated KYC can help you to achieve accurate results.
As a general rule, the larger the amount of relevant data the customer’s records are checked against, the more reliably you can be informed that the customer is indeed a safe bet. The idea is that it should be possible for the data provided by the customer to be corroborated by other, external sources.
Here at SmartSearch, we offer the only KYC solution offering full sanction and PEP screening as standard. What this means is that, when you use automated software to assess a customer, their details will be checked against both sanctions lists and PEP lists.
The government can impose financial sanctions to prevent or hamper trading activities of people, companies, or even entire countries. Governments and financial authorities use sanctions lists to specify all the financial sanctions currently applicable to a specific country, state, or continent.
It would — except in specific, limited circumstances — be illegal for your UK business to enter dealings with any individual or business included on a sanctions list. It is therefore important that sanctions lists are used for screening individuals or businesses you are considering working with.
PEP lists, meanwhile, are lists of PEPs (Politically Exposed Persons). A PEP is referred to as such because they hold a high-profile position — such as in law enforcement or senior government — and are, as a result, more likely to be successfully bribed or succumb to other forms of corruption.
While it is perfectly legal to work with PEPs, doing so would still constitute a greater risk to your organisation. Hence, it would be in your interest for you to know if the client is on a PEP list — as, with this information at hand, you will be able to complete a more accurate risk assessment.
Digital identity verification draws upon artificial intelligence and machine learning to assess whether official documents are genuine. While all this might sound highly technical, the procedure is easy, quick, and convenient for both the agent and the customer.
The process can be broken down into the following stages:
Here are just a few selected examples of validation checks utilised as part of digital identity verification:
The machine learning aspect of digital identity verification sees it harness large datasets to ensure highly accurate results. Our TripleCheck service uses triple bureau Credit Reference Agency (CRA) data as well as the more than 1,100 databases on the Dow Jones Watchlist.
The huge number of variables that SmartSearch’s AML screening platform assesses in the course of digital identity verification has enabled us to deliver highly accurate results. Our AML product has been credited with market-leading match-and-pass rates.
We offer you the option of verifying a client’s identity remotely, without any need for you to collect any physical documents from the client. However, rest assured that, when using SmartSearch, you will remain compliant with AML legislation.
Indeed, when you turn to SmartSearch, you can benefit from having just one, easy-to-use platform for AML compliance. Multiple features covering all aspects of Customer Due Diligence and Know Your Customer are baked into this all-in-one electronic compliance solution.
We encourage you to get in touch with our AML specialists. You can phone us on 0113 537 4042 or email firstname.lastname@example.org so that you can discuss your business needs with us. We can then prepare your organisation with a bespoke subscription to our suite of advanced KYC tools.
In a casual, colloquial context, you might often see the acronyms ‘KYC’ and ‘AML’ used interchangeably. However, though the two terms do overlap in definition, it could doubtless be helpful for you to unravel these examples of potentially confusing terminology.
AML (Anti-Money Laundering): This umbrella term covers measures AML-regulated firms are legally required to take for preventing criminals from illegally concealing the source of funds obtained from illicit activities like corruption, gambling, and human trafficking.
KYC (Know Your Customer or Know Your Client): This can be seen as an aspect of AML, as KYC refers to a series of checks a company performs to establish that customers or clients seeking to work with the business are genuinely who they claim to be.
Another crucial part of KYC is measuring the risk that customers or clients would pose to the business. Depending on the level of risk, you might have to carry out Enhanced Due Diligence (EDD) before working with the customer or client or rule out striking any deal with them at all.
Hence, while KYC refers to preliminary steps made before a customer is onboarded, AML covers a much broader range of procedures — including ones made over the longer term. At the same time, the business continues to hold a contract with the customer.
AML therefore also includes monitoring the customer on an ongoing basis for any changes that would heighten the risk to the company. The risk would increase if the customer:
When any of these developments arise, the software can automatically put the customer through further EDD checks to assist you in more accurately assessing their changed risk profile.
The Law Society explains that you would also be obligated to apply EDD if the client makes a “transaction [that] is complex or unusually large and has no apparent economic or legal purpose.”
If AML regulations apply to your business, you need to make sure you not only undertake initial KYC checks on each customer but also, after onboarding this customer, continue monitoring them so that you will be able to pick up on changes to the customer’s risk profile.
To comply with this particular legal requirement, you could — after running the initial KYC checks and forming a risk assessment based on the information unearthed by these checks — repeat this verification process periodically, such as every year or every 18 months.
Under this system, how often you carry out fresh KYC checks on the customer will depend on the risk assessment. However, by switching to pKYC, your business can stay compliant with AML legislation while avoiding the need to periodically re-initiate KYC checks on the same customer.
Perpetual KYC differs from a traditional KYC programme primarily in the sense that customer information is checked — and, as and when necessary, updated — continuously. This means that, if the customer’s status does change, you can be notified especially quickly.
As pKYC is fully automated, you can leave it to run on your behalf while you busy yourself with non-KYC-related work responsibilities. Furthermore, pKYC can tap into all the following data sources:
As a pKYC system will seamlessly factor in massive amounts of data from sources like these, any changes with potential implications for the customer’s risk to your business will be immediately identified, recorded, and risk-assessed.
The continual nature of pKYC requires it to be electronic. If you are still carrying out KYC processes manually, you can future-proof them by transitioning to electronic verification (EV). You should keep in mind the following facts about how manual and electronic KYC checks differ:
94% of companies using manual checks lack confidence in detecting fake documentation
Basically, the more electronic and automated your KYC procedures are, the more easily they can help you to address weaknesses in your organisation’s AML compliance. Perpetual KYC also further strengthens the cost-effective pricing structure of SmartSearch’s AML service offering.
It is crucial not to underestimate the importance of KYC to banking and other financial firms. For these companies, one especially important component of KYC is what has been referred to as Customer Due Diligence (CDD).
When an individual or business approaches your company intending to become a customer of it, you should background-check and screen the customer so that you can properly risk-assess them before onboarding them.
If you are at the helm of a financial company, you should be careful not to rush this vetting process, as it is intended to help organisations like yours prevent an array of financial crimes. These include:
Customer Due Diligence should not be treated as just a preliminary step. On the contrary, undertaking effective CDD would entail you amassing a range of information from the customer while they continue to have a professional relationship with your business.
Typically, CDD comprises the following stages:
This can include the customer’s full name, photo ID, phone number, email address, and postal address. With all these details at hand, you can authenticate the customer’s claimed identity.
If you are dealing with a commercial customer, it can be helpful for you to learn about the customer’s firm as well as the nature of its ownership and business model — including how and where the institution makes its money.
Taking into account such factors as the customer’s identity and location, you can assign the customer to a specific risk category. The idea is that, the higher the risk category, the shorter the odds of money laundering arising.
The package of CDD measures you prepare should include some reserved for after the customer is onboarded. We offer a white paper on one exhaustive form of monitoring: Perpetual Know Your Customer (pKYC), also called continual KYC.
As exact CDD needs can differ from business to business, you can benefit from arranging a bespoke subscription to our AML screening service. In this way, you can pick and choose aspects of it which would be the most useful to your organisation.
The Financial Action Task Force (FATF) considers a risk-based approach to Customer Due Diligence (CDD) essential for companies to use in implementing official FATF standards.
These standards have been set by a leading global regulator and watchdog aimed at helping organisations to prevent money laundering and financial terrorism.
The FATF has explained the practical benefits of a risk-based approach to CDD — including that it “allows countries, within the framework of the FATF requirements, to adopt a more flexible set of measures in order to target their resources more effectively”.
Here are several steps financial firms can take to optimise their AML measures:
While it is vital that these companies act to mitigate AML risks, they also need to allocate financial resources shrewdly. Sorting customers into risk categories can help these firms to rein in their expenditure on low-risk customers
Doing so can ease companies’ efforts to establish a risk-sensitive AML framework without unduly burdening low-risk customers. For example, firms can send additional KYC requests strictly to high-risk customers.
This is a reliable strategy for ensuring that AML compliance can be reported more accurately — and in a way, that better reflects how AML efforts are faring on a holistic level.
As customer numbers — as well as adoption rates for digital payments and online banking — have grown, it has been increasingly important for AML strategies to be underpinned by technology utilising third-party data.
It is good practice to give each customer their own risk rating. A customer’s risk is usually graded on a simple scale of ‘high’, ‘medium’, and ‘low’, and should factor in what products or services the customer purchases and the customer’s relationship with other individuals or businesses.
Regulation 27 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017) indicates that you must undertake CDD (Customer Due Diligence) when:
If you do need to pursue CDD, the method applicable in your particular instance will be influenced by numerous variables — including whether it will be an individual or a company you aim to verify.
The CDD process for an individual can involve:
Meanwhile, if a corporate body looks to forge a professional connection with your organisation, you will need to obtain the following details as part of your CDD efforts:
The corporate body’s name
Registration details about the corporate body, such as its company name
The address of the corporate body’s registered office
If different to the above, the corporate body’s principal place of business
The Law Society has further CDD advice for you to follow in the event that the prospective client is a corporate body.
However, the bigger question for you could be whether, for a given client, you should opt for Simplified Due Diligence or instead Enhanced Due Diligence. The answer will ultimately depend on the level of the money laundering risk the client appears to present to your business.
In certain circumstances, financial regulators will allow businesses like yours to settle for a relatively basic form of customer due diligence known as simplified due diligence (SDD).
Though SDD does not omit any essential CDD steps, it enables customer verification to be completed in an appreciably easier and more time-efficient manner.
However, to safeguard your organisation’s AML compliance, you should save SDD for checking customers where the money laundering risk can initially be discerned as low. You could therefore seriously consider applying SDD if the customer is:
However, this is not an exhaustive list of the criteria that could reduce the customer’s AML risk sufficiently for you to justify using SDD in their particular case.
Regulation 37(3) of the MLR 2017 lists further factors for you to heed when determining whether SDD measures would suffice. However, even if at least one of these factors is indeed present, this does not necessarily indicate that the risk is low.
This is where the importance of your pre-CDD risk assessment comes into play. The results of your initial KYC checks should help you to reliably judge when SDD measures can be enacted while keeping your organisation compliant with AML legislation.
It bears emphasis that Simplified Due Diligence may not be suitable for particular industries or products. Hence, you should tread carefully during your initial KYC checks so that you can accurately ascertain whether the situation would actually call for Enhanced Due Diligence (EDD).
As you put certain customers through preliminary KYC checks, you could pick up on a few warning signs possibly evidencing a high risk of money laundering or terrorism financing.
In situations like these, you could seriously consider implementing Enhanced Due Diligence (EDD). This is very much as the term implies, as EDD adds extra steps to the Customer Due Diligence process to ease your efforts in precisely ascertaining the extent and nature of the risk in this case.
Here, too, the MLR 2017 specifies what you should watch out for. According to the MLR 2017’s regulation 33(1), you must proceed to EDD if the transaction or business relationship will involve:
However, there can be much complexity in reaching the decision of whether a customer should be classed as ‘higher-risk’ in a way that would warrant EDD. You are advised to judge each situation on its own terms, and consider whether the customer is, for example:
Of course, scrutinising customers manually can be a time-draining process, which helps to explain why you can benefit from automating it when and where possible. When you perform AML checks with SmartSearch’s platform, the following will be included as standard:
PEP checks and sanction screenings
In many instances, it would be illegal for your business to onboard a customer who is subject to financial sanctions. It can also be problematic — if not illegal — to accept a PEP (Politically Exposed Person) as a customer, as they could be a target for people attempting bribery or corruption.
Hence, it is crucial that your AML checks include looking up whether the customer appears on sanctions lists and PEPs lists. Unfortunately, though, there is no official source listing all sanctions and PEPs in a single place — meaning that manually checking for sanctions or PEPs can be arduous.
This unfortunate situation can leave you feeling caught between a rock and a hard place. However, this is also why we have integrated PEP checking and sanction screening functions into our comprehensive AML compliance platform.
When you run any AML check on this platform, it will refer to the Dow Jones Watchlist — itself comprising over 1,100 databases — to see if the customer is matched to any PEPs or sanctioned individuals included on the Watchlist.
If there is a match, the SmartSearch system will automatically trigger Enhanced Due Diligence on it — as well as screen the customer again every night and let you know if there is any change to the customer’s status as a PEP or sanctioned person.
Regulation 28(11) of the MLR 2017 explains that Customer Due Diligence measures required under the legislation must include ongoing monitoring of a business relationship.
This includes scrutinising transactions initiated by the client as part of the relationship. Where necessary, you should know not only the source of funds but also that these transactions are consistent with the information you have about the customer and their risk profile.
We offer an electronic AML monitoring tool where you can leave the SmartSearch system to automatically track the customer’s transactions with your business. This technology can detect signs of suspicious activity and alert you of potentially fraudulent behaviour on the client’s part.
In the course of AML transaction monitoring, our platform can continually watch:
As a result of leaving SmartSearch’s electronic AML monitoring platform running, you can reduce your company’s fraud risk by guarding against identity theft, which arises when someone steals another person’s personal details with the intention of using them to commit identity fraud.
However, as you would still be prompted to take manual action in the event that the platform indeed flags up certain customer behaviour as suspicious, the onus would be on you to establish a thorough understanding of the customer’s usual and reasonable activity.
You would consequently be able to more easily identify transactions that ought to be classed as unusual. However you do define situations or thresholds for this purpose, so you should make sure your methods for Ongoing Due Diligence are transparent as well as regularly reviewed.
Failing to perform proper due diligence checks can have significant adverse implications for your business. If HM Revenue & Customs (HMRC) finds that you have violated the MLR 2017, you could potentially be hit with a financial penalty.
In a particularly serious case, you could even be faced with criminal prosecution. Naturally, any punishment levelled by HMRC against your business as a result of it failing to carry out reasonable due diligence can bring about the negative publicity that inflicts reputational damage to your business.
This damage, in turn, could deter many individuals and companies from working with your business. The consequences of inadequate due diligence can therefore snowball over time, and result in losses far greater than those initially incurred from actions taken by HMRC.
Though the impact of money laundering is difficult to measure, the United Nations Office on Drugs and Crime (UNODC) estimates that each year, 2% to 5% of worldwide GDP is laundered. Here are several steps your business must take to meet AML compliance requirements:
This must be done before you enter into any corporate relationship with a new customer — and include collecting at least the data necessary for evidencing the customer’s name, address, and visual identity.
The idea here is to tap into information from a trustworthy independent provider so that you can reliably verify customers. One example of such a provider is SmartSearch, which has ties with multiple data companies.
You can ascertain suitable times to implement EDD if you pursue a thorough Customer Due Diligence (CDD) process. Our automated KYC platform can be used to smoothly conduct regular CDD and EDD checks.
This is another process that SmartSearch can help you to ease. You can establish specific ‘rules’ for running KYC remediation projects, while our automated platform would allow you to time-effectively deliver KYC remediation campaigns in bulk.
When you have at close hand a secure audit trail of all changes and modifications that have been made to the customer record, you can demonstrate to regulators that your business is meeting all the latest AML regulations.
We at SmartSearch offer the only AML platform built to verify individuals and corporate clients based anywhere in the UK — and we throw in full sanction and PEP screening along with ongoing monitoring to make for an extensive overall package.
We can provide your business with a bespoke subscription to our automated AML platform if you get in touch with us to discuss your particular business needs. You can reach us by phone on 0113 537 4042 or email via email@example.com.
Including KYC in your AML compliance process is hugely beneficial. By verifying your customer’s identity, you reduce the chance of doing business with anyone who is known to be involved in financial crime. You’ll be protecting your business from fraud, and helping to combat money laundering and terrorism financing on a wider level. The KYC process can also help you to better understand your customer’s financial background, and serve them better as a result.
In banking and financial services, KYC stands for Know Your Customer, and refers to the process during which financial organisations obtain information which enables them to verify the identity of their customers. This information may consist of data like names, addresses, photographic IDs and details of nationalities, depending on whether you’re verifying the identity of an individual or a business.
While these could vary slightly according to the financial institution in question, most banks will require the following for KYC checks: a photographical ID, proof of date of birth and proof of address using a document like a credit card bill or similar.
There are two main categories of KYC checks: electronic and paper-based. While paper KYC checks rely on customers physically bringing in their identification documents, electronic KYC checks don’t require the presence of the customer at all.
KYC can be carried out in two different ways. With paper KYC checks, you’ll need to verify your customer’s identity using physical documentation provided by them, and carry out sanctions checks and PEP screening manually, using the information gleaned from these documents. Electronic verification is both faster and more accurate than manual; checks are carried out in seconds using regularly updated international databases, like the Dow Jones WatchList.
In the UK, KYC is compulsory for all registered financial institutions and banks. These checks are mandatory because they help you as a business to comply with AML regulations enforced by the FATF, as well as the recommendations of the FCA.
Every registered bank and financial institution should have a process in place for performing KYC checks and customer due diligence, and not a single customer or client should be exempt from this screening process.
In addition to technology and data sources needed for the identification, verification and screening required for standard KYC, businesses that want to transition to pKYC will need to aggregate and enrich their data using other free and paid-for public sources, as well as any internal data they own.
Overlaying their own data is a key part of pKYC as it can offer a much more valuable level of information that is unique to the business and its risk level. By utilising the information they hold on their clients, regulated firms will be able to recognise connections and potential issues that would otherwise be impossible to identify.
Not only is it more cost effective for businesses to manage their risk perpetually rather than transactionally, as it uses fewer resources and requires less intervention, but by gathering and managing up-to-date information, firms can also create better and more meaningful long-term relationships with their clients. A personal update on a client - new name, new address, different job - can create business opportunities for professionals as life events often lead to the need for products, services, and advice. Furthermore, a system that is able to detect out-of-date clients means businesses are able to focus their attention on existing relationships to maximise profitability.