When I am talking to an assembly of colleagues about the range of measures to be taken in the context of a Anti-Money Laundering / Combating the Financing of Terrorism (AML / CFT) policy, I am often confronted with suspicious bewilderment just until I am elaborating my reasoning and talking about simplified customer due diligence, which gets (some) smiles back in my audience.
The AML/CFT procedures demand additional rigor
The correct application of the AML / CTF procedures requires to assess the risk associated with a relationship with a client. This procedure must necessarily be made prior to establishing any relationship.
This assessment leads to a result which will determine whether the relationship has a low, medium or high risk.
With the aim to help its users, our IBAKUS®KYC application provides a risk assessment grid. Provided that it is used with the necessary rigor, it helps to establish an evaluation.
If the result resulting from the grid is a low risk, the user has the right to apply a simplified customer due diligence with his client, be it a legal or a natural person.
Simplified customer due diligence does not mean “no vigilance” …
In the eyes of my intermediaries, I often unveil the comfortable idea that “low risk means no risk, so I can continue just like before”. A major mistake!
The simplified customer due diligence is mainly laid down in article 15 of the 4th Directive, and it clearly mentions “…sufficient monitoring of the transactions and business relationships…”.
When the simplified due diligence is applied, some measures are completely unavoidable at the beginning:
- The identification of the client: You can request a copy of the ID of the physical people involved in the organisation (Art. 13, 1, a);
- To understand the company structure and identify the beneficial owner (Art 13.1b). This will often be the case, but it still needs to be duly established, for instance by acquiring the declaration of the beneficial owner as established by IBAKUS®KYC, or any other comparable document.
- Research of any possible negative information in trustworthy external sources of information (Art 13.1.a). The Dow Jones Risk and Compliance List is obviously a source of great quality; since a couple of months, IBAKUS®KYC also conducts its own research in online information.
Moreover, regular customer due diligence, even in a simplified manner, implies:
- To update relevant information of the client (Art 13.1.d). An annual review of the user’s information is thus unavoidable. IBAKUS®KYC customers automatically receive a notification of the procedure and a review form to be signed by the client;
- Research of negative information, based on external data (at least twice a year, in my own opinion).
From an economic point of view, only dealing with clients that represent a low risk minimises constraints of AML / CFT and thus minimises personnel costs.
To round up my thoughts, don’t forget that never mind the risk level of the client, there is always the obligation to keep track of the risk evaluations and the measures taken to ensure a proper follow-up. (Art. 13.3) IBAKUS®KYC obviously includes all these tools.
Founder and CEO @ Ibakus Europe SA.
Founder of FMV & Partners SA in 2000s.