Why are KYC and CDD required?

Friday, 3 July 2020 00:00 -     - {{hitsCtrl.values.hits}}

 Money laundering is not a single act but is in fact a process that is accomplished in three stages

With the outbreak of the COVID-19 pandemic, the people faced great difficulties in visiting banks to open accounts and also to operate their existing accounts. However some banks have the facility of opening the accounts for the new customers online, without the prospective customer visiting the bank in person, while most of the banks do not have this facility and as a result they could not open new accounts for anybody without the appearance of the prospective customer in front of their counters. 

Although the people do not mind in filling a form giving their personal details in order to open the account, some customers are highly puzzled and even annoyed when they have to give details for the Know Your Customer (KYC), document, which is required to be completed prior to opening the account.

Most people still do not understand what the requirement of KYC is and in this article I will try to explain how it originated and the role the financial institutions have to play.

I also read in the print media in certain occasions where the writers have been trying to position the KYC document as a nuisance to the customers and thereby the customers get the impression that it is not an important document. Some customers even try to think that filling or giving details to fill the KYC document is an unnecessary hassle to the customers created by all financial institutions.

The KYC document has come into the scene because of the threat of money laundering all over the world, which is truly a global criminal phenomenon. Now we need to understand what money laundering is.

What is money laundering?

The criminals who are making huge amounts of money through criminal activities, including drug trafficking, arms smuggling, people smuggling, security frauds, robbery and a variety of other crimes, want to show the proceeds are from a legitimate source or activity. This process is called the laundering of dirty money or illicit proceeds. In other words the definition of money laundering is “a practice that turns money received illegally in to money that is deemed legal”. 

The money washed in this manner allows the criminals to spend that money without any fear of reprisal. If not the spending of stolen money represent a risk, the law enforcement officials will run down the cash transactions stemming from such illegal activity and tie such transaction back to the crime.

Once the money is laundered, it can be used for various purposes by these criminals such as:

  • Day-to-day living
  • Luxurious living
  • Purchasing properties 

Investment in business and so on without any fear. 

More enterprising of them would use these funds to commit further criminal activities. It is said that the biggest source of illicit profits comes from the drug trafficking. 

Global money laundering and development in technology 

According to survey carried out by the United Nations Office on Drugs and Crimes (UNODC) in 2013/’14, it is estimated that globally, between $ 800 billion to $ 2 trillion, or in other words 2-5% of global GDP, is washed every year. 

The development in technology has created a new twist to the old crimes. The rise of online banking, online payments and peer to peer transfer with mobile phones have made detecting illegal transfer of money more difficult at present, if the banks neglect in taking the correct precautionary measures on time. 

Phases of money laundering

Money laundering is not a single act but is in fact a process that is accomplished in three stages:

  • Placement
  • Layering
  • Integration

Placement: This is the first step in the process. At this stage, dirty money or the proceeds of the crime enter in to the financial system. There are several methods of doing it. One such method is where the launders deposit illicit money in bank accounts. On some occasions, criminals break large amounts in to several small amounts and deposit at different financial institutions. This step usually serves two purposes.

a.) Avoiding the burden of holding on to and guarding of large sum of cash in hand.

b.) Entering the money into the legitimate financial system. 

Placement is the most vulnerable step for the launderer. They have the high risk of getting caught to the law enforcement officials at this stage. 

Layering: Main purpose of this stage is to separate the illicit money from its original source. At this stage the launderer, get involved in a series of methods to move the funds. They even use electronic system to move fund from one country to another. They invest such funds in advanced financial options, overseas markets and each time exploiting the loopholes or discrepancies in legislation and taking advantage of delays in judicial or police intervention. 

Integration: This is the final stage in the whole process. At this stage the illicit money is successfully integrated to the financial system and the money is returned to the launderer or being withdrawn from what seems to be legitimate source and the launderer might decide to invest the money in different ways. They commonly choose to purchase high-end automobiles, valuable property, high value jewellery or expensive art work, without making true amount of investment obvious to others. There is also likelihood that these funds would end up in the criminal enterprises once again.

Once the process reaches this stage it is exceedingly difficult to distinguish legal and illegal wealth. 

Responsibility of banks

Money laundering is carried out preliminary through the financial institutions and therefore the role of banks and other financial institutions as entities in the system of preventing money laundering is crucial in the present context. 

In recent decades, governments world over have stepped up their efforts to combat money laundering, with regulations that require financial institutions to have systems in place to detect and report any suspicious activity. Accordingly world over governments have brought in certain regulations under the caption Anti Money Laundering Regulations [AML Regulations].

These efforts are further augmented by the revised 40 Recommendations of the Financial Action Task Force, the global policy setter of AML/CFT.

Know Your Customer (KYC) and Customer Due Diligence (CDD) are some of the most vital requirements in these regulations. More importantly, KYC and CDD are fundamental practices to protect the organisation from fraud and losses resulting from illegal funds and transactions. 

Know Your Customer procedures 

In the financial industry, the KYC is the process that institutions must take in order to verify their customer’s identities before providing services. The risk of any financial institution do business with a Money Launderer or a Terrorist, is damaging to both the institution and to the financial systemic as a whole.

Under KYC process the financial institutions are required to adhere to carry out the following steps.

Establish customer’s identity

Understand the nature of the customer’s activities (primary goal is to satisfy that the sources of income and wealth where the customer’s funds are being generated are legitimate)

Assess money laundering risks associated with that customer for purposes of monitoring the customer’s activities

Prior to the establishment of Anti Money Laundering regulations, financial institutions asked only for the following basic information from a prospective client.

  • Name
  • Date of birth
  • Address
  • Identification number

But now it’s crucial the financial institutions to do a detail interview with the prospective client to get the following information. 

  • Exact location of the person
  • Occupation of the person
  • Type of transactions
  • Expected pattern of activity in terms of transaction types, rupee value and frequency
  • Expected method of payment

Customer Due Diligence (CDD)

Under the same regulations, the financial institutions are not only required to obtain the above information from the prospective client, but also to risk grade the client at the time of onboarding. Thereafter the financial institutions are required to monitor the account regularly depending on the Risk Level of the customer. This is called Customer Due Diligence (CDD).

CDD is a critical element of effectively managing the risks and protecting the financial institution against criminals, terrorists, and Politically Exposed Persons (PEPs) who might present a risk.

There are three levels of due diligence:

Simplified Due Diligence (SDD) are situations where the risk of money laundering or threat of terrorist financing is very is low and a full CDD is not necessary. For example, low value and low risk accounts stemming from agriculture sector, etc.

Customer Due Diligence (CDD) is information obtained for all customers to verify the identity of a customer and asses the risks associated with that customer. This is the standard level.

Enhanced Due Diligence (EDD) is additional information collected for higher-risk customers to provide a deeper understanding of customer activity to mitigate associated risks. In the end, while some EDD factors are specifically enshrined in a country’s legislations, it’s up to the financial institution to determine their risk and take measures to ensure that their customers are genuine.

Financial institutions are required to maintain records of all the CDD and EDD performed on each customer, or potential customer, to be examined in case of a regulatory audit.

Corporate KYC

As in the case of individual customers, the corporate customers are also required to undergo the KYC procedures. They need the identification, due diligence and monitoring, similar to the individual customers but the procedures are more involved. Identify and verify an accurate company records such as information regarding registered number, company name, address, status, and key management personnel are very vital in corporate accounts.

Monitoring of transaction volumes, transaction amounts, and the risk factors are more crucial in case of corporate customers than individual customers.

Financial institutions are also required have a procedures to identify and verify beneficial owners of legal entity customer. 

Noncompliance with AML regulations

Non-compliance with AML regulations could result in severe enforcement actions, administrative penalties and penal sentences as punishments, but more importantly, damage to the reputation of the financial institution. 

The size of these administrative fines could depend on the nature and the gravity of the violation, and onboarding a customer without carrying out having the required knowledge of the customer is considered as one of the most serious violations in which case the penalties could be extremely high.

Apart from the damage done to the reputation of the institution and fines, the institution would lose its rating as a sound financial institution, face higher premiums on financing options available. Also lose its custodian and correspondence banking relationships locally and abroad. 

Systemically, the financial system would suffer as a whole due to the repercussions of one weak member of the system being reflected on the AML/CFT regime of the entire system. The country would suffer as international ratings would be taking into consideration the AML/CFT standards, the policy setters and regional bodies would evaluate Sri Lanka lower on the 40 Recommendations and Sri Lanka’s effectiveness in adhering to the AML/CFT process would also be dampened.  

Combating money laundering in Sri Lanka

It is mandatory that all financial institutions in Sri Lanka follow the laws and regulations that are related to AML policies and proactively monitor their clients in order to prevent money laundering and terrorist funding. 

The Sri Lankan Parliament has enacted following three important acts to combat money laundering:

  • Prevention of Money Laundering Act No. 5 of 2006
  • The Financial Transactions Reporting Act No. 6 of 2006
  • The Convention on the Suppression of Terrorist Financing Act No. 25 of 2005

Listing of Sri Lanka as a high risk country (Grey List/Black List)

Noncompliance with AML/CFT laws, rules and regulations could result in Sri Lanka being identified as a non-compliant jurisdiction – a country that has serious AML/CFT deficiencies. The Financial Action Task Force( FATF) carry out listing the country in what is known as the Grey List, where the country has to carry out stringent measures to get itself out of such precarious position. 

For extreme cases of deficiencies and failure to adhere to required timelines and action plans allocated to the country, the FATF maintains a Black List of countries – countries that are deemed as high risk and other jurisdictions have to take countermeasures from carrying out transactions with the identified country. 

A similar mechanism is in place with the European Union where the country is black listed as a non-compliant third country, which brings the European Union members to consider the jurisdiction listed as a non-compliant high risk jurisdiction.

When a country is blacklisted, every financial transaction would be closely scrutinised, and doing business in that country would become costly and cumbersome. Furthermore restrictions could be imposed on international lending agencies, including the International Monetary Fund, Asian Development Bank and the World Bank, when providing financial support to such a country. 

Commercial borrowing and other transactions would carry a hefty AML/CFT premium due to non-compliance status of the country. The rating of the financial institutions would suffer and the commercial transactions and international borrowings would fail to bring out the desired results as jurisdictions and institutions globally are asked to keep away from the listed country and its institutions. 

The citizens too would face dire consequences, in processing payments abroad, obtaining visas for foreign travel, overseas credit card transactions, etc. too would suffer with withdrawals and restrictions. Likewise there will be huge constraints to its citizens as well. 

This highlights the importance of doing KYC and CDD by the financial institutions as one of the steps to adhere to AML/CFT Regulations in a proper manner. 

Why is it important for Sri Lanka?

We should understand why it is necessary for Sri Lanka to be very concerned in adopting strict AML practices.

As tight money laundering regulations and monitoring are now implemented in the advanced economies such as the USA, UK and Europe, criminals are trying to move their money laundering activities in to the countries where the regulations and monitoring are not quite stringent, in order to avoid detection. It is therefore imperative, that all units related to financial investigations, financial institutions and associated stakeholders to improve their AML practices.

Although Sri Lanka is not a leading financial hub at the moment, the Government is looking forward to make the country a financial hub in the region, with the establishment of the Port City complex and other major developments and in that context, the country is exposed to a high risk of money laundering and financing of terrorism. 

However if the policymakers, the financial investigation units, financial institutions and associated stakeholders neglect their responsibilities and as a result the country is blacklisted, it would be a serious blow as the country is trying to boost its faltering economy and attract foreign investments.

Sri Lanka’s achievement

In October 2017 the Financial Action Task Force (FATF) identified Sri Lanka as a country with strategic AML and CFT deficiencies in its global compliance document. As a result Sri Lanka was placed in the Grey List. The European Union following the FATF listing of Sri Lanka, placed our country among its list of High Risk Third Countries in the world which was called the Black List.

Since then our Financial Intelligence Unit at the Central Bank of Sri Lanka (FIU) together with other stakeholders have taken measures to implement a time-bound action plan, provided to Sri Lanka by FATF and strengthen the effectiveness of the country’s AML/CFT procedures. As a result, Sri Lanka was delisted from the FATF in October 2019, at the October Plenary of the FATF held in Paris, France. Subsequently, the European Union delisted Sri Lanka from its list of High Risk Third countries with AML/CFT strategic deficiencies published in May 2020, in other words our country has been taken off from the Black List of the EU and the Grey List of the FATF.

This is a great achievement for our country and now Sri Lanka is no longer subject to the FATF monitoring process under its global AML/CFT compliance process. 

However, one must not be complacent over these achievements but consider it not only as a duty but also as a moral obligation of every citizen of the country to cooperate with the Financial Intelligence Unit of the Central Bank of Sri Lanka, the financial institutions in the country and other stakeholders to safeguard and raise country’s position in the future. 

(The writer is a senior banker who had been a member in the corporate management in one of the leading banks in Sri Lanka, and presently functions as an independent board member of a leading non-banking financial institution in Sri Lanka.)

Recent columns