Know Your Customer (KYC) is a cornerstone of any Anti-Money Laundering (AML) compliance system. For SMEs that lack resources, this tends to be their primary focus because they struggle to understand and implement other aspects. But the sad fact is many SMEs that I have come across, despite the relatively simple concept of KYC, are still not able to grasp the concept properly and implement the required procedures in general. This is why I have decided to write about how to conduct KYC, in an effort to provide some basic tips, and give some idea of what is required to create a reliable, efficient, and robust KYC system.
1. Data Capture
This is the first step of the KYC process. How are you going to capture your data? Here are some options.
- Website Form – This is what we usually recommend bigger companies that have the resources. Online forms are easily accessible world-wide, can be made with rules to prevent errors and guide the user, and can support uploads for documents. The end result could be a document that can accept the user’s digital signature(s) or a print out for the user to add the necessary signature(s) to.
- Electronic Form – This is what we usually recommend SMEs as electronic forms can be made as smart forms, guiding the user and preventing mistakes. This is also more professional and has become the industry norm.
- Physical Form – Although this method is the easiest to implement, it is somewhat outdated. Bad handwriting is a problem and when storing the form digitality, scanning a document with bad handwriting will only make reading the digital document more problematic. Furthermore, hand filing as a pose to electronic filing is not as efficient and advantageous.
2. Data Fields
This part is probably the most important. As the saying goes “content is king” and it is crucial to capture the required data for your AML system by having the necessary fields.
- Have clear instructions on how to fill the form, documents to provide, and how to submit when finished, as well as any additional rules and submission details
- Try to keep things simple and organized. By using smart forms you should be able to combine forms and therefore make the process easier for your company and customers. For example, multiple company types could be on one single form, and depending on what company type is selected on the form, a smart form can open up the relevant fields and close the non-relevant ones for each user. Such practices are becoming the industry standard.
- Don’t copy other company forms. Each company is unique and so is each industry. When creating the fields, you need to have a good idea of your business, and a decent understanding of the compliance topic and the bigger picture.
3. Data Collection and Checking
When it comes to SMEs, the sheer scare of mismanagement at this level is surprising despite the relatively simple task. We would assume that collecting and checking that everything is in order should be a piece of cake, but the level of mis-coordination between the counter/front line and the compliance department, and negligence, has lead companies to miss the mark completely.
- The counter/front line who deal with customers day-to-day need to have a basic understanding of the process, the forms, and documents that need to be collected. They also need to understand why each question on the form is being asked so they are able to ascertain whether the question is answered properly.
- The compliance department acts as a “double check” and can also be responsible for processing the data. They need to have a good relationship with the counter/front line to be able to co-ordinate customers that have fulfilled their KYC duties, as a pose to those who are still pending and need to be followed-up on.
- It is the management’s duty to oversee the above and support the system if and when necessary.
4. Data Input and Organisation
This stage can be centralised and the use of information technology is key. With a computer system that is synchronized with your AML system, inputting data, as well as organising for efficient sorting and application is of prime importance. At the end of the day, what is the data for? It is for use in day to day business activities, and for AML compliance functions such as the monitoring and reporting.
5. Data maintenance and Updating
Maintaining and updating is a gigantic task for bigger companies. For relatively smaller ones, as long as they are able to apply a computer system that is synchronized with their AML system, it can make a big difference to the workload, organisation, and margin of error. We have to heed the mis-management and negligence issue mentioned in point 3 between the compliance department and the counter/front line, but with that aside, a quality supporting computer system that, for example, informs you of customers whose details need to be updated, and can notify counter/front line of customers that are pending as and when they arrive, and when they initiate business, can make a real difference.
There is also the issue of updating the actual KYC forms themselves and the process in general. The environment is always changing and the industry is ever-evolving. Make sure you keep up with the industry standard and new practices, and update as and when needed.
To conduct proper KYC good communication, understanding, and competence is required between the counter/front line and the compliance department. Augmented by a comprehensive computer system, this should assist the relevant parties to work in unison, provide the double checking protocol is required, help keep the records up-to-date, and complete a robust KYC workflow.