Anti–Money Laundering (AML) and Counter Terrorist Funding (CTF) efforts involve the little-known world of Know Your Customer (KYC) and Customer Due Diligence (CDD) regulations. These involve an intensive review of account applications, resolute investigation to verify new customers’ information and ongoing monitoring of established customers’ transactions.
Working on KYC/CDD teams is not glamorous; many outside that world would consider it tedious. Yet the work of those teams provides financial institutions with their best defense against the possibility of money laundering or terrorist funding gaining a foothold among their assets and damaging their reputations or stability.
Reasons to fight money laundering and terrorist funding
Money laundering and terrorist funding have serious effects for financial institutions, including increased volatility of assets and loss of reputation. In extreme cases, they can even lead to bank failure.
Their damage reaches beyond just those institutions, too. They drain funds from the economy that could otherwise bolster it, pushing tax burdens on honest citizens higher. Worse yet, they make violent crime profitable, as money launderers escape consequences for their often-violent crimes, and make terroristic acts possible.
Money launderers seek to use financial networks to “legitimize” their criminally generated funds. They do this through a series of monetary transfers designed to make it difficult – if not impossible – for law enforcement agencies to connect the wealth that those criminals flaunt back to the crimes that produced them.
Terrorist supporters similarly use financial networks toward criminal ends, funneling financial support to terrorist operatives. They, too, use a series of transfers to conceal the funding source and protect the donor from criminal prosecution or asset seizure that might result from authorities tracing the money back to donor.
So, both groups’ are dependent on financial networks to move and disguise funds. This serves as a prime point from which to combat money laundering and terrorism funding.
KYC/CDD and investigation
AML and CTF is an ongoing and ever-changing battle. Money launderers and terrorism funders constantly test banks to find ones that they can more easily penetrate. They constantly experiment to find new ways to slip through detection processes. But although techniques frequently change, some things remain constant.
Combatting money laundering and terrorism funding starts with identification. When prospective customers apply for a new account, KYC/CDD teams check the applicants’ identification information, whether the applicant is an individual or an entity.
They check whether the identification information legitimate. They investigate whether the applicant is truly the person described in the identification information, and not someone using a stolen identify. Verifying that applicants’ identification is true and complete keeps money launderers and terrorism funders from using bank financial networks under false identities.
KYC/CDD teams investigate also whether the applicant is the beneficial owner (the one who actually owns and benefits from the account), or someone acting as a third-party representative of someone else. If the applicant is only a third-party representative, The KYC/CDD team must do a thorough investigation of both the applicant and the beneficial owner. All of this further protects the bank from money launderers or terrorist funders hiding their account involvement behind someone else.
Once all identification is verified, KYC/CDD teams move on to the next level of scrutiny. They check watch lists for money laundering or terrorist activity to make sure applicants do not appear on them. Beyond the applicants themselves, KYC/CDD teams investigate whether applicants have connections to any known money launderers or terrorists. They perform rigorous background checks, searching for any suspicious activities, suspicious relationships or contact with countries that are under sanction, all signs that could point to money laundering or terrorism involvement.
KYC/CDD and monitoring
The work of KYC/CDD teams don’t end when an application is approved, either. They monitor all customer transactions, as well.
For all approved application, KYC/CDD also assigns each customer a risk rating and profile, based on the information the applicant provided about their income sources and what the investigation uncovered. The risk rating determines how closely the team will monitor that customer’s transactions. The higher the rating, the more often they will review and update the account.
The profile predicts the type of activity the bank expects from the customer. Whenever the customer’s activity strays outside what is expected, or whenever a pattern appears that is not consistent with expectations, the account is also reviewed. These risk ratings and profiles enable the KYC/CDD team to detect any suspicious activity that occurs.
KYC/CDD teams also assess individual transactions, when needed. When applicants move money to or from another institution, the teams investigate the sending or receiving institution. They investigate its reputation for strict AML/CTF enforcement or, if it is in another country, even the country’s commitment to AML/CTF. Customer relationships with institutions that have questionable practices are a red flag of possible money laundering or terrorism funding involvement and will trigger more intensive investigations and higher risk ratings.
All these practices are only the bare basics of KYC and CDD. Even these guidelines from nearly 20 years ago (KYC/CDD practices are even more rigorous today) are far stricter. But only through such intensive investigation and monitoring can banks prevail in their AML/CTF efforts.
For over 30 years, Marin Ivezic has been protecting financial services and critical infrastructure against financial crime, cyber, and regulatory risks. He previously held multiple interim CRO, CISO and technology leadership roles in Global 2000 companies. Since 2013 he has been advising institutions and regulators around the world on safe, secure and compliant adoption of crypto assets and other decentralized technologies.