Customer due diligence (DD) is a fundamental component in compliance, ensuring that banks comply with anti-money laundering (AML) laws and protect themselves from fraud. Even though banks have spent billions of dollars on AML procedures, and the modern market offers a variety of IT programs for compliance, banks continue to commit AML violations, and regulatory audits often end with complaints about the quality of customer data. That’s why compliance professionals know that in 2024, the term KYC doesn’t mean “know your customer” but rather “kill your career.”
This article will take a closer look at this year’s most significant KYC trends and the modern secrets of DD methodology in banking.
The regulatory landscape is changing
Global geopolitical transformations always create new risks for the financial system. Due to Russia’s actions in Ukraine, global markets are experiencing a “perfect storm” of sanctions, the practical implementation of which is often tough because of the difficulty of identifying Russian beneficiaries. As a result, 2023 significantly changed KYC and the methodology for identifying beneficiaries. The Financial Action Task Force (FATF) has released new guidance to improve transparency and beneficial ownership of legal persons and has updated its Recommendation 25 on legal arrangements. In the U.S., the Commodity Futures Trading Commission issued its latest advisory on penalties, monitors, and admissions, while the Financial Crimes Enforcement Network finalized new rules around beneficial ownership information reporting.
Additionally, banks are aiming to benefit from the increasing completeness of digital KYC profiles, capitalizing on enhanced opportunities resulting from new legislation, such as the U.S. Corporate Transparency Act, New York’s LLC Transparency Act, the EU’s Sixth Anti-Money Laundering Directive, the U.K. Economic Crime Act, and the Markets in Crypto-Assets Regulation. Changes in regulations in the financial sector naturally entail a development in the KYC methodology and new costs for the DD process for banks. At the same time, compliance professionals know that strict adherence to these standards is mandatory but insufficient and doesn’t remove the bank’s AML risks.
New technologies are available for KYC
The landscape of customer identity verification is constantly evolving. Biometrics, artificial intelligence (AI), neural networks, blockchain, machine learning, optical character recognition, and near-field communication technologies are among the tools that have significantly improved the accuracy and efficiency of identity compliance checks. Despite these exciting developments, challenges for banks remain. Balancing methodological accuracy, IT solutions, user experience, and security is the key to an effective KYC system. IT companies that develop compliance solutions don’t like this example; however, no IT compliance system can analytically detect that a client made a payment under the control of another person. At the same time, an employee who works with the client and has AML knowledge can easily identify such a suspicious transaction.
On the other hand, traditional KYC methods are time-consuming and subject to criminal manipulation. If criminals manage to combine all three AML elements (client manager, compliance officer, and security officer), the bank becomes critically vulnerable to financial crime risks. We must remember that complex and expensive financial crime schemes are used only if cheaper and simpler options aren’t available. Since only about 30% of U.S. banks use AI in KYC processes, any bank’s KYC system in 2024 should first be protected from internal fraud.[1]
Automated workflows and decision-making will help streamline KYC checks by reducing the need for manual review, but the right analysis methodology needs to be in place. A good example is drug trafficking schemes, which are still very relevant for banks. The bank’s KYC system should separate drug risks at the micro or macro levels, as this affects the features of KYC risks. At the micro level, we are talking about the retail sale of drugs, which is quite easy to detect due to the cash trail. Businesses with a large cash flow (e.g., groceries, cafés, markets) and entertainment companies (e.g., clubs, bars, casinos) are traditionally the high-risk zones of such operations. In a bank’s KYC system, it is critical to analyze the company’s payment balance with established market practices. In particular, an analysis of statistics since 1980 shows that the return on capital in the U.S. service sector doesn’t exceed an average of 15% (in the EU, it’s 10%), which means that more than 85% of a company’s revenue in the U.S. (more than 90% in the EU) must be spent on business development.[2] So, the company’s expenses should be directed to business development, and any large transfers abroad or investments in related areas should be examined in detail. In the bank’s KYC system, the structure of collected cash must correspond to the volume and specifics of the client’s activities, including the frequency of deposits and the denomination composition of the cash.