In today’s business and regulatory environment, is imperative that all business should be concerned and take all necessary steps to know who they have business dealings with. This means identifying and verifying customers identities by gathering information and data. They must follow “Know Your Customer” (KYC) guidelines and best practices, in order to make sure that prospective clients are not involved in money-laundering or another type of financial crime.
When regulated obliged entities are in the process to create a new business relationship with individuals or legal entities without fully knowing their past and present business dealings, they run the risk of exposing themselves to regulatory and/or criminal offences.
Enhanced Due Diligence measures should be carried out for clients who are categorised as high-risk Clients following the application of the Risk Based Approach (RBA) methodology. The RBA identifies and assesses the Money Laundering and Terrorist Financing risks as well as managing and mitigating the assessed risks. The risk factors used for the client risk assessment are the following:
- Country/ Geographical risk
- Service risk
- Client risk
- Delivery channels risk
There are many reasons which clients can be classified as high risk Clients. Below is a non-exhaustive list of factors and evidence that should elevate the risk assessment of a client:
- Non-Face-to-Face meeting with client.
- The Client is a Trust / Fund;
- Third person operating and controlling “Client Account(s)”;
- The Client’s ownership and control structure is complex;
- Client’s transactions that are complex, unusually or unexpectedly large or have an unusual or unexpected pattern without an apparent economic or lawful purpose or a sound commercial rationale;
- The business relationship is conducted in unusual circumstances;
- The client requests unnecessary or unreasonable levels of secrecy;
- Clients whose own shares or those of their parent companies (if any) have been issued in bearer form;
- Politically Exposed Persons, their family members and close associates;
- Clients who are involved in electronic gambling/gaming activities through the internet;
- Clients from countries which inadequately apply FATF’s recommendations;
- Bank relationships with non-EU financial institutions;
- Clients from high-risk third countries.
Based on the above, Enhanced Due Diligence (EDD) should be applicable for high risk clients in order to provide a greater level of scrutiny for potential business relationships and at the same time establishing a higher level of identity assurance to mitigate those risks appropriately. Hence, an obliged entity has to examine, as far as reasonably possible, the background and purpose of all complex and unusually large transactions which have no apparent economic or lawful purpose. In particular, obliged entities shall increase the degree and nature of monitoring of the business relationships, in order to determine whether those transactions or activities appear suspicious.
Enhanced Due Diligence measures for business relationships and/or transactions may include:
- Looking for additional independent, reliable sources to verify information, including identity information, the integrity and the permanent address of the client such as a bank reference letter;
- Detailed examination of the background and purpose of the business relationship through internet searches;
- Increasing and customising the level and nature of monitoring;
- Taking further steps to satisfy that transactions are consistent with the purpose and intended nature of the business relationship.
Application of Enhanced Due Diligence procedures are becoming more and more the norm. With stricter regulations surrounding KYC and AML, the scope and details of what necessary checks are required is always expanding.