Featured

8th May 2020 | Jaroslaw Lejko | Chief Compliance Officer

Multi-stage customer due diligence - Risk evaluation process

Taking into account regulatory and business requirements, customer’s expectations and technical limitations, our outlook is that the optimal solution could be a multi-stage customer risk evaluation process that will showcase the scope of questions, required documents and analytical efforts depending on the customer’s specific features. The process can be performed in the following steps:

 

Step 1 - standard Customer Due Diligence process, basic Source of Funds/Source of Wealth questions

During this step, the customer, in the electronic application form, provides a standard set of information including identity data as well as basic data on the source of funds and source of wealth. The scope of the required data is determined by the EU and local laws, regulatory requirements and market standards, thus should be similar for all financial institutions from a given location. To obtain data that is more precise and easier to process automatically, the electronic application form should consist of drop-down lists or multiple-choice lists rather than free text fields. To reduce the length of the onboarding process and the possibility of typo mistake, customer’s personal data (e.g. name, address, date of birth) could be automatically downloaded from the picture of ID or passport, attached as a standard to the electronic application form.

In this step a financial institution should obtain all basic required by law information to perform standard CDD process for low and medium-risk customers or to trigger separate enhanced CDD process for high-risk customers. This step should finish the onboarding process for majority of low and medium risk customers.

Step 2 - standard Customer Due Diligence process, dedicated Source of Funds/Source of Wealth questions

During this step, the customer, in the electronic application form, provides answers for additional, dedicated questions aligned to the particular customer to obtain more detailed information necessary to assess the customer’s risk level. These questions are triggered and presented according to the data and answers for standard questions provided by the customer in the Step 1. Thanks to this, they are asked questions exclusively tailored to the customer's specifics. To that end, financial institution can project multi-layer questions scheme to obtain as detailed information as it is necessary to automate the Customer Due Diligence process. What is more, it allows financial institution to optimise the whole process which will be seen more straightforward and understandable by customers.

In this step a financial institution should obtain extended Source of Funds/Source of Wealth information to supplement standard CDD process for low and medium-risk customers and obtain more detailed information which could trigger enhanced CDD process for high-risk customers. This step should finish the onboarding process for all low- and medium-risk customers.

Step 3 - enhanced Customer Due Diligence process, dedicated Source of Funds/Source of Wealth documents

This step is dedicated for customers who meet high-risk conditions verified both in steps 1 and 2. During this stage, AML/CFT specialists prepare the list of required documents which customer should provide to evidence truthfulness of data and Source of Funds/Source of Wealth information provided in steps 1 and 2. Documents should come from reliable and independence sources. In many EU jurisdictions, reliable and independent sources are limited to:

  • official company registers;
  • a credit institution or a financial institution, auditor, insolvency practitioner, external accountant, tax adviser or independent legal professional subject to mandatory professional registration recognised by law; and
  • EU embassy or consulate officer in the country the document was issued.

Financial institutions should not accept a copy of customers’ documentation which is certified by a third party that is established in high-risk third countries, especially in countries defined in the Regulations (EU) 2016/1675. In Gibraltar, law-reliance aspects are regulated by the Proceeds of Crime Act 2015, art. 23.

In this step, a financial institution should obtain a proof of Source of Funds/Source of Wealth information necessary in an enhanced CDD process for high-risk customers. This step should finish the onboarding process for high-risk customers in case when customer’s additional explanations are not required.

Step 4 - enhanced Customer Due Diligence process, dedicated Source of Funds/Source of Wealth questions

This step is dedicated for customers who meet high-risk conditions verified in steps 1 - 3. During this stage, AML/CFT specialists manually investigate customers’ data and Source of Funds/Source of Wealth information provided in the application form to collect as detailed information as it is necessary to determine whether the risk level of customer is acceptable for the financial institution or not. AML/CFT specialists prepare additional questions tailored to the particular customer only to detect inaccuracies and explain doubts about data and Source of Funds/Source of Wealth information provided in the previous steps. Usually, these questions are more complex and detailed than the predefined questions in the application form and could require several question-answer sessions as well as sending additional documents related to these questions by the customer. As this step requires interaction between a customer and a financial institution specialist, this could be performed e.g. during the customer’s video verification session as an additional process to verify the customer’s identity.

In this step, a financial institution should obtain all required Source of Funds/Source of Wealth information necessary in enhanced CDD process for high-risk customers. This step should finish the onboarding process for all high-risk customers.

The bottom line

The above-described multi-stage customer risk evaluation process is designed to follow a risk-based approach and can be easily adapted to any financial institution’s specifications and risk appetite. This process should result in the financial institution obtaining the necessary and sufficient knowledge to properly assess potential customer’s AML/CFT risk level. Given the complexity and the amount of customer’s data, the process described in steps 1-3 should be supported by an automated analytical module which, according to predefined algorithms, detects data relationships and inconsistencies which could suggest higher AML/CFT risk level and should trigger additional checks as a part of enhanced CDD process.

Similar topics

Security

8th May 2020 | Jaroslaw Lejko

Multi-stage customer due diligence - Automatization

Security

8th May 2020 | Jaroslaw Lejko

Multi-stage customer due diligence - Purpose and intended nature of the business relationship