Laws are complicated and know-your-customer regulations are no exception. So it is unsurprising some RegTech providers’ clients may struggle with getting KYC right.
KYC is part of regulations to prevent fraud, money laundering, anti-bribery and a slew of other compliancy statures. But understanding the full scope of KYC is far from easy as Kristoff Zammit Ciantar, CEO of Aqubix, the KYC compliancy portal, has found out.
“One of the biggest mistakes businesses make when it comes to KYC is the perception of what KYC actually stands for,” he tells RegTech Analyst. “It is often perceived with the step of checking subjects and their statuses of PEPs, sanctions and adverse media. This, however, is only a fraction of the entire KYC process that businesses have to conduct on their subjects.”
Zammit Ciantar explains, “From onboarding, liaising and communicating with subjects to collating all the requirements, manually checking responses to questionnaires, assessing risk on all subjects based on current risk matrices, setting review process and much more. A never ending process that starts when we onboard a subject and continues all throughout the relationship that we have with that subject.
“Businesses need to realize that there are tools on the market to streamline the entire process and not just the tiny step that relates to checking data sources. When companies start focusing on the bigger picture, they will start maximizing efficiencies whilst reducing cost and the risk they are being exposed to.”
Nevertheless, understanding the scope of KYC is not always the only problem clients face. Anthony Quinn, founder and CEO at Arctic Intelligence, the RegTech company specializing in anti-money-laundering compliance, tells RegTech Analyst that many business also fail “to properly risk assess individual and non-individual customers correctly during initial onboarding and ongoing to ensure the information that is collected and verified is appropriate and proportionate to the risk.”
Another mistake businesses make is to not “have processes in place to refresh KYC either on a time-based basis or based on other triggers changing.” Quinn adds that clients’ “risk profiles could change dramatically from the point at which they first opened the account so this needs to be properly managed.”
Copyright © 2018 RegTech Analyst