Recent stories
KYB & AML: What is KYB in the AML process?
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Ben Lachenal
KYB Meaning - Know Your Business (KYB), otherwise known as corporate verification, is a B2B due diligence process of verifying and identifying the legitimacy of business entities. KYB provides the insights required when forming a new business relationship to decrease risk and comply with regulation.
Anti-Money Laundering (AML) is a regulatory process that works in harmony with KYB. Preventative measures to money laundering include checking for Politically Exposed Persons (PEPs), sanctions, adverse media, and watchlists. In the context of KYB, AML is often used to to verify directors or beneficial owners of a business or to verify that the business itself isn't sanctioned or subject to adverse media.
But how closely aligned are KYB and AML? In short, there are multiple crossovers between KYB and AML including the purpose of the processes, how to collect information, and how the information provided leads to a reduction in financial crime.
This article provides all the information required to understand KYB and AML and how to best approach combining the two processes for an enhanced compliance program.
Understanding AML and KYB regulations
In the realm of Know Your Business (KYB), compliance with Anti-Money Laundering (AML) regulations is paramount.
AML and KYB regulations serve as the cornerstone for preventing business from being associated with money laundering, terrorist financing, and other illicit financial crime. Understanding the intersection of KYB and AML regulations is crucial for businesses to uphold their integrity and remain compliant.
One of the most recent primary AML regulations relevant to businesses seeking KYB compliance is the 6th Anti-Money Laundering Directive (6AMLD) which placed a focus on changes to criminal liability.
Before 6AMLD, money laundering prosecutions only applied to individuals, whereas the new directive also expanded the scope to include ‘legal persons’ including organisations, companies, and partnerships.
This has led to regulated entities taking a stricter approach to business verification as businesses themselves are liable for any AML failings of their staff.
You can read our full guide on the latest AML regulations here.
What is the KYB process?
The KYB process involves collecting and verifying information on a business. The first step to this is to gather the business’s legal name, registration number, and date of corporation.
Other identifying information such as address and country of operation can also be helpful to reduce the work required when performing verification and risk assessment.
Once the relevant information about the client has been obtained, businesses have two main options to verify and onboard the client:
- Automated KYB verification
Businesses can use KYB software to gain all the information they require on a business. This involves using a system that aggregates multiple data sources into one application, usually feeding into to data sources such as Companies House in the UK and the Securities and Exchange Commission (SEC) in the United States.
An advanced system will pull business information into an easily digestible report and will include key data such as the business overview, financials, credit, ownership structure, beneficial ownership, and adverse information.
This report can then be reviewed by a member of the compliance team to cross-check internal risk protocols and make recommendations or a decision on if the onboarding should be successful.
- Manual KYB verification
Alternatively, businesses can manually verify information about the client by using sources such as Companies House, publicly available sanctions lists, credit reference agencies, and other specialist data providers to gather the information they need on financials, beneficial ownership, credit, and adverse media.
This method of verification is more time consuming as it requires a significant amount of human input to gather the relevant information and perform the verification. It also can lead to missed information or errors due being a manual approach.
Manual verification is preferred by businesses who have access to a large compliance team or rely on legacy systems and where changing to new software isn’t feasible.
AML in the KYB process
Once the initial KYB check has been completed and initial information returned, businesses can then perform an AML check on the client and its shareholders.
This involves checking the business and shareholders against global Politically Exposed Persons (PEPs), sanctions, and adverse media lists to obtain information that could impact the business relationship.
If a return is found, the first step is to conduct a manual review to verify the information matches against the business in question. Risk protocols should also be referenced here as it isn’t as simple as a yes or no to onboarding should a match be returned.
For example, if a shareholder of the business is politically exposed, this doesn’t necessarily mean that the onboarding attempt should be rejected. Ongoing monitoring frequency may be increased on the client due to heightened risk.
If the client or any of its shareholders are sanctioned, the onboarding attempt should be rejected as having a business relationship in this context will breach money laundering regulations.
There are various nuances to AML in KYB processes which is why regulated entities produce their own risk-based approach to include various thresholds for acceptance of onboarding or marking certain clients as high-risk.
What industries need KYB and AML compliance?
KYB and AML checks are essential across various industries and businesses, particular those that involve financial transactions or are susceptible to exploitation by criminals for money laundering. Some of the main industries who require KYB and AML include:
- Financial institutions
KYB and AML in banking, credit unions, and other financial entities are at the forefront of implementing compliance. These institutions engage in large volumes of transactions with corporate clients, making them vulnerable to money laundering and fraud.
- FinTech companies
With the rise of digital payment platforms, peer-to-peer lending services, and cryptocurrency exchanges, FinTech businesses often deal with high volumes of transactions and face unique challenges in verifying the identities of corporate clients.
- Legal and professional services
Law firms, accounting firms, and other professional service providers frequently engage with corporate clients for various purposes including legal representation, financial advice, and compliance assistance. KYB checks help these service providers ensure that their clients are legitimate.
- Gambling service providers
Game developers, platform providers, and casino specialists deal with corporate clients as gambling operators look to stand out in the competitive gambling market. Traditionally, gambling operators have been susceptible to money laundering and financial crime with $475 million+ in fines dished out in 2023 alone due to AML failings. It is critical for gambling operators to perform AML screening on their customers but also the B2B providers must employ KYB checks to avoid reputational damage and non-compliance.
KYB checks are essential across a wide range of industries and businesses that engage in financial transactions or provide services to corporate clients. By implementing robust KYB procedures, organisations can mitigate financial crimes, comply with regulatory requirements, and establish trust in their business relationships.
Benefits of KYB and AML Compliance
Ensuring KYB & AML compliance not only safeguards businesses from fines, suspensions, and reputational damage due to regulatory breaches but it also builds trust among stakeholders.
By conducting thorough due diligence on corporate clients and complying with global regulations, companies mitigate the risk of being associated with illicit activities and financial crime which, in turn, preserves reputation and integrity.
KYB and AML compliance also instils confidence in customers and partners, facilitates smoother onboarding, and enhances credibility.
Using technology to manage KYB and AML Checks
Business can leverage advanced KYB and AML solutions to streamline the process. This can involve utilising an identity verification platform which can automate the process of authenticating corporate clients and use multiple data feeds to enhance the authenticity of results.
FullCircl works with 700+ clients to verify & onboard clients, with powerful KYC, KYB, AML, and anti-fraud software including information on 365 million global entities, proprietary technology, and an agnostic approach to global data sources. By utilising FullCircl, businesses are safe in the knowledge their onboarding is compliant whilst building trust with their clients.
What is KYC in banking?
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Ben Lachenal
In this article:
- Introduction to KYC in banking
- KYC regulations for banks
- Key processes of KYC in banking
- Common challenges in KYC for banks
Introduction to KYC in banking
Know Your Customer is the process of identifying and verifying individuals at the point of account opening.
This includes collecting personally identifiable information including name, address, and date of birth and then verifying this against data sources such as credit or telco to find a match.
Where the option for verifying using data checks isn't feasible, businesses can also use other methods to verify customers such as document verification. This involves asking the customer to submit a Government approved identity document such as a passport or driver's license and then verifying that the document is real and hasn't been tampered with.
Ultimately, KYC serves to verify that the person attempting to onboard is who they claim to be.
KYC in banking is a regulatory requirement and all banks licensed by organisations such as the Financial Conduct Authority (FCA) must perform relevant Customer Due Diligence (CDD) at the point of onboarding to verify every customer.
Banks are required to use customer information to perform a KYC check during onboarding but must also use Anti-Money Laundering (AML) and anti-fraud checks to identify any customers who may be sanctioned, politically exposed, or where there is the presence of adverse media. Having KYC and AML work in harmony is one of the most critical elements to a complete compliance program.
Banks can then use the information obtained at onboarding and undertake a risk assessment on the customer to decide whether the onboarding attempt should be successful.
KYC regulation in banking
Banks operating globally must navigate a complex regulatory landscape. Ensuring adherence to a variety of KYC and AML regulation to mitigate financial crime.
Some of the key global regulation is as follows:
- European Union Anti-Money Laundering Directives (EU AMLD)
The EU AMLD, now in its 6th iteration, establishes KYC obligations for banks operating within the European Union. It outlines CDD measures, beneficial ownership identification, and reporting requirements.
- Financial Action Task Force (FATF)
FATF develops policies to combat money laundering and terrorist financing. It's "40 recommendations" provide a comprehensive framework for KYC compliance, emphasising risk-based approaches and customer identification procedures.
- Basel Committee on Banking Supervision (BCBS)
The BCBS sets global standards for banking regulations, including guidelines on Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) procedures. Its recommendations influence KYC practices worldwide.
- Dodd-Frank Act (USA)
Enacted in response to the 2008 financial crisis, the Dodd-Frank Act mandates stringent KYC requirements for banks operating in the United States. It includes provisions such as the Customer Identification Program (CIP) and imposes penalties for non-compliance.
- Foreign Account Tax Compliance Act (FATCA)
Implemented by the U.S., the Foreign Account Tax Compliance Act (FATCA) aims to prevent tax evasion by requiring foreign financial institutions to report information about U.S. account holders. Compliance with the act involves a robust KYC procedure to identify and verify account holders' identities.
These are just some of the regulations that banks must comply with when operating globally, and whilst regulatory bodies all share the same goal of ensuring banks are correctly verifying the identity of their customers, there are also nuances to each regulation which, in turn, makes executing a global compliance program a challenge for banks.
How does KYC in banking work?
There are multiple considerations banks must make when designing their KYC checklist. A secure KYC policy is not only critical to regulatory adherence, but it can also be the difference between a new customer and someone dropping off the journey if its too complex.
Particularly in the last decade, customer expectations have increased, and it's no longer fit for purpose for verification to not be a real-time journey. Banks must therefore balance compliance with speed of onboarding to find the right balance.
However, a typical KYC process covers five main areas: identification, customer due diligence, risk assessment, onboarding, and monitoring.
- Identification
The first stage of the KYC process is to obtain identifiable information from the customer, otherwise known as a customer identification program. this typically involves asking for name, address, and date of birth. Some banks will also choose document verification at this stage in the process depending on their risk-based approach or geographic location of the customer.
- Customer Due Diligence (CDD)
Once the information has been received, banks must then perform relevant CDD actions. This includes matching the information provided by the customer against data sources to find a a match, and checking against global Politically Exposed Persons (PEPs), sanctions, and adverse media lists.
If document verification is included in the onboarding journey, banks will verify the document is real and hasn't been tampered with to prevent the risk of successful identity fraud.
- Risk assessment
Once the information provided by the customer has gone through the CDD process, banks must then perform a risk assessment to determine if the individual can be accepted as a customer.
This will include reviewing the returned information from CDD and matching it against the banks' risk thresholds. Banks will often use KYC software to automatically accept customers who pose no risk and then only perform a manual risk assessment on customers who have flagged as high risk.
In some cases, when a customer has been marked as high risk or requiring manual intervention, banks can then ask for more information including a document check, cross-checking other databases, or performing a manual review.
- Onboarding
The banks can then make the decision on whether the customer should be onboarded or rejected, and all information provided by the customer should be stored securely for audit purposes.
- Ongoing monitoring
The KYC process for banks doesn't stop when the customer completes onboarding. It is also required that banks routinely monitor their customers to understand if circumstances have changes.
For example, if John Doe signs up to a bank today and doesn't flag against any AML or fraud databases, that doesn't mean that the customer won't match as a risk of money laundering or fraud in the future. It is critical that banks re-screen the customers' identity to flag any potential issues.
Banks must also use a transaction monitoring system which analyses customer transactions including transfers, deposits, and withdrawals to identify any risk of fraudulent activity.
Common challenges in KYC for banks
One of the biggest banking KYC challenges, particularly 'traditional' banks who rely on manual processes or legacy systems, is digital transformation.
In the last decade, the emergence of digital challenger brands such as Monzo, Revolut, and Starling have based their business model on being entirely digital. The success of the new era of digital banks has been largely based on ensuring that the customer experience is seamless by providing a real-time onboarding journey.
This has also been coupled with expectations from customers rising due to a digitised world and brought real-time verification to the forefront of priority. Customers are no longer willing for verification at account opening to take longer than a few minutes and banks have had to develop their KYC systems to ensure they can deliver digital onboarding.
Another key challenge faced by banks is the increased risk of financial crime and money laundering. According the United Nations Drugs and Crime (UNODC), an estimates 2-5% of global GDP is laundered each year.
A significant proportion of this laundered money is targeted through banks. Not only have banks has to focus on real-time verification but also have had to double down on AML processes to identify customers who pose a risk to their business.
How FullCircl can help
FullCircl works with 7 out of the top 10 UK banks and 700+ regulated entities to support their KYC requirements.
FullCircl's identity verification platform includes access to a full suite of compliance services including, but not limited to, KYC software, AML (PEPs sanctions, adverse media, and watchlists), anti-fraud tools, automated document verification, and more.
To find out more about how FullCircl can support your KYC banking needs by delivering real-time verification through a single access point, book a free demonstration here.
Know Your Customer (KYC) Checklist: A Comprehensive Guide
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Ben Lachenal
In this article:
- Why is KYC important?
- What is a KYC checklist for companies?
- KYC checks: customer identification
- KYC checks: customer due diligence
- KYC checks: ongoing monitoring
Introduction to KYC
Know Your Customer (KYC) refers to the policies and procedures put in place by businesses to manage risk and verify the identities of customers from the initial onboarding stage, and through the entire customer lifecycle.
These policies and procedures (or a Know Your Customer Checklist) are particularly vital to regulated industries, ensuring compliance with national and international regulations targeting Anti-Money Laundering (AML), terrorism financing, fraud, and other forms of corruption and bribery.
In the UK, compliance with KYC & AML regulations is monitored by a range of regulatory bodies and government agencies including the Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), National Crime Agency (NCA) and HM Revenue and Customs (HMRC).
In today’s uncertain political and economic environment, it’s more important than ever that all regulated business, and particularly those operating in the banking and financial services markets, design and implement a KYC checklist approach to compliance. By leveraging Know Your Customer checks, businesses can streamline onboarding, continuous monitoring, and ensure real-time compliance with the evolving regulatory landscape.
Why is KYC important?
According to NASDAQ’s recent Global Scale of Financial Crime report, an estimated $3.1trillion in illicit funds flowed through the global financial system in 2023, with money laundering accounting for a large proportion of these funds. Likewise, fraud scams and bank fraud schemes totaled $485.6B in projected losses globally.
59% of organisations expect financial crime levels to rise in 2024. In a world where the risk landscape is constantly evolving, it’s never been more important for businesses to build resilience.
An effective KYC, AML checklist is the first step in identifying and verifying customers/clients and preventing the risk of unwittingly embarking upon a relationship with individuals or organisations involved in illegal activity.
It pays to be compliant – the cost of getting KYC wrong is high! According to data issued in January 2024, the value of penalties imposed on firms has surged by 57%, with penalties for non-compliance totalled $6.6 billion in 2023, up considerably from $4.2 billion in 2022 and $5.4 billion in 2021.
What is a KYC checklist for companies?
The design and implementation of a comprehensive KYC checklist procedures are the foundation of best practice KYC compliance.
A KYC checklist will vary across different industries and sectors, each of which will have varying risk levels associated with customer activities, as well as differences in term of the stringency of regulatory requirements.
In all circumstances KYC checks must be clear, comprehensive, maintained and updated in line with all relevant jurisdictional regulatory requirements, and should encompass the entire customer lifecycle from customer identification, customer due diligence at onboarding stage, and ongoing monitoring.
Let’s explore each stage in more detail.
KYC Checks: Customer identification
Customer identification ensures regulated businesses can have confidence that the individuals and entities they are dealing with are who they claim to be.
For individuals, these KYC checks typically involve the collection of distinguishing data from the customer including name, address, and date of birth. This will then be match against data sources such as credit or telco to find a match. Verification of a variety of official documentation (proof of address, photo identification, passport, driving license, employment information) can also be used for KYC where database checks aren’t valid or in data poor jurisdictions.
For entities, or producing a Know Your Client checklist, the process involves collecting and verifying a range of information and documentation, including company registration documents, business licenses, director information, proof of address, nature of business and ownership structure (ultimate beneficial owners, shareholders); as well as database searches for potential AML red flags such as sanctions and Politically Exposed Persons (PEPS) lists, and adverse media screening.
It can be a complex and rigorous process, but a vital step in ensuring the integrity of the organisation and preventing financial crime.
KYC Checks: Customer Due Diligence (CDD)
Regulated businesses must carry out CDD measures when establishing a new business relationship, undertaking occasional transactions, when it suspects nefarious activity, or when it doubts the accuracy or adequacy of customer information.
When carrying out CDD measures a regulated business must verify the customer identity, identify and verify beneficial owners, understand the ownership and control structures, access and obtain information pursuant to the purpose and nature of the business relationship and build risk profiles based on an understanding of the nature and purpose of anticipated transactions.
In addition, for customers considered to be of high-risk, businesses should undertake Enhanced Due Diligence (EDD) - a risk-based approach to investigation and the gathering of more detailed intelligence. High-risk customers might include, for example, those subject to economic sanctions or operating in countries without adequate AML controls, customers with complex ultimate beneficial ownership structures, companies managed by politically exposed persons (PEPs), businesses operating in countries with significant levels of corruption, criminal or terrorist activity. EDD measures include adverse media screening, obtaining additional identifying information, analysing the source of funds, scrutinising Ultimate Beneficial Ownership (UBO) and transaction screening.
KYC Checks: Ongoing Monitoring
Customer behaviour changes, and risk profiles evolve. Ongoing monitoring, or as it is often referred to Continuous Due Diligence, Ongoing Customer Due Diligence (OCDD) or Perpetual Due Diligence (PDD), refers to a risk-based in-life customer monitoring approach, based upon risk events and triggers to identify risk patterns, for maintaining KYC checks and monitoring customers for the risks they pose for AML and other financial crimes.
This involves monitoring and evaluating changes in customer profiles, business activities, ownership and organisation structures, legal status as well as sanctions and PEPs watchlists screening, adverse media screening, payment and transaction monitoring.
Need help with your KYC compliance checklist?
FullCircl goes beyond a standard know your customer requirements checklist. Using automated data collection, identity verification, data matching, execution of critical checks and watchlist screening, and adverse media monitoring, we assist regulated businesses to implement a best practice approach at every stage of the customer lifecycle - identify & acquire, verify & onboard, retain & grow.
FullCircl’s KYC capabilities deliver:
- Onboarding in seconds - up to 94% faster through a low-code API integration and prepopulated onboarding forms
- Compliance with AML directives – develop a powerful compliance stack combining KYC software and AML services including PEPs, sanctions, and adverse media
- Agile customer verification - custom orchestration workflow, triggering different identity checks for different risk groups.
- Scalability - KYC verification designed to scale with your growth plans from 100 to 100,000+ customers per month.
- Ongoing monitoring - detect and respond to suspicious or unusual behaviour with routine re-screening of your customer base.
- Data powered by all major Credit Reference Agencies and global data sources for efficient identification and verification.
- Case management - a single customer view linking onboarding and monitoring in a real-time journey.
Enhance your KYC compliance checks - contact us today for a free demonstration.
Guide to KYC and AML: Know Your Customer & Anti-Money Laundering Checks
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Ben Lachenal
Know Your Customer (KYC) and AML are processes in the Customer Due Diligence (CDD) framework to help regulated businesses identify customers at the point of onboarding and prevent illicit activities from taking place within a business.
Money laundering costs the UK alone more than £100bn a year. The need for a highly intelligent AML system whilst offering instant verification to align with rising customer expectations is one of the biggest challenges for compliance teams in 2024.
AML, KYC, CDD are all interconnected terms so it can sometimes be difficult to understand the similarities and differences between them. This blog will give you a clear definition of the terms, processes, and trends for KYC/AML.
AML and KYC meaning
Know Your Customer (KYC) is the process of verifying the identity of customers to ensure they are who they claim to be. Businesses must collect at least the name, address, and date of birth of customers at the point of account opening and then verify this data by using Credit Reference Agencies or other data sources.
Additional measures in the KYC process can include document verification which is used when KYC data is unavailable or Enhanced Due Diligence (EDD) where there is a high degree of risk. By collecting relevant information, businesses can assess the risk associated with each customer and monitor their activities accordingly.
Anti-Money Laundering (AML) refers to a set of laws, regulations and procedures aimed at detecting and preventing money laundering activities. Money laundering involves disguising the origins of illegally obtained funds to make them appear legitimate which helps fund financial crime and terrorist financing.
To combat money laundering, regulated entities use AML checks which include checking for Politically Exposed Persons (PEPs), sanctioned individuals and entities, adverse media, and watchlists to identify where there is a risk of money laundering.
It is illegal to do business with sanctioned individuals so it can be argued that this is the most important check in the AML process. However, identifying if the customer if politically exposed or has adverse media against them is also a critical aspect of preventing illicit activities.
Difference between KYC and AML
Whilst the AML and KYC difference is evident in their focus and scope, the processes work in harmony to deliver a complete compliance program. Regulated entities are required by law to use KYC and AML processes in their customer onboarding and ongoing monitoring procedures. However, there are some key differences to AML & KYC and the role they serve in customer due diligence.
KYC checks are focused entirely on identity verification. KYC is typically the first step in the identification process as it confirms that the individual or entity attempting to onboard are who they claim to be. Regulated entities achieve this by matching name, address, and date of birth against various data sources to find a match.
AML checks on the other hand are intended to prevent financial crime and illicit activities. By identifying PEPs, sanctions, and adverse media, businesses can begin to understand the risk associated with customers and perform manual intervention or, in some cases, reject the onboarding attempt.
Despite this, due to rising customer expectations and complexity of global KYC and AML regulations, the process has shifted away from being siloed and both are critical to achieving regulatory adherence.
How to combine KYC and AML
In an increasingly digitised world, the KYC, AML process has become more of a combined exercise as part of a wider identity verification function.
Customers expectations are constantly increasing and it’s no longer fit for purpose to perform manual verification which can take days to complete. Not only does using technology to perform real-time verification get to revenue faster but it also avoids the risk of human error.
The emergence of RegTech in the last decade has provided regulated entities with automated KYC and AML software to provide a seamless, real-time customer onboarding journey.
RegTech solutions also provide more detailed reporting and remediation functionality to ensure that compliance teams can not only provide a real-time solution but can also leverage the software to spend less time reviewing results or performing unnecessary remediation, and more time dealing with complex or high-risk cases.
KYC and AML processes
In the KYC process, several key pieces of information must be collected from customers. The critical elements that need to be collected are name, address, and date of birth. By having access to this information, businesses can then use data sources to such as credit or telco to find a match. Ultimately, that match will confirm that the customer attempting to onboard is who they claim to be.
However, as identity theft and fraud advance it has become easier for criminals to access the name, address, and date of birth of other individuals and begin to create fake accounts under that person’s name.
Therefore, the emergence of document verification is now also a popular choice during the KYC process. This typically involves asking the customer to take a photo of an official government issued document, such as a passport or driver’s license, and then perform relevant checks to ensure that the document is legitimate and hasn’t been tampered with.
Further to this, facial comparison is deployed in conjunction with the document verification check which will ask a user to take a ‘selfie’ and then match the image taken against the image on the identity document. Advanced facial comparison will include technology such as liveness, providing a strong degree of confidence that the person behind the camera is the person attempting to onboard.
To perform an Anti-Money Laundering (AML) check the only required field is full name although having access to date of birth will significantly cut down the number of returned matches.
The AML process serves a slightly different purpose to KYC in that its objective is to identify any suspicious customers who could pose a risk to the business. Entities must comply with global AML regulation as set out by organisations such as the Financial Conduct Authority (FCA) and the Financial Action Task Force (FATF).
AML at the point of account opening will check against global Politically Exposed Persons (PEPs), sanctions, adverse media, and watchlists to discover any risk of financial crime. Businesses are notified when a match is found and then advised to act on the decision to accept or reject onboarding.
Next steps will involve performing a manual review, asking the customer for more information, or in some cases (particularly if the customer is sanctioned), automatically rejecting the onboarding attempt.
Not only is it critical to perform AML checks at the point of onboarding, but businesses must also perform routine re-screening of their client base to understand if circumstances have changed. An individual attempting to onboard today might not pose a risk of illicit activities, but in the future the risk might have increased.
Overall, this demonstrates the importance of synergy in the AML, KYC compliance process. Whilst the data collected from customers is the same for both AML and KYC policies, there is a significant amount of work involved at the onboarding process to extract the relevant information. Real-time solutions can perform AML KYC checks instantly and trigger automatically leading to a more efficient onboarding experience.
How FullCircl can help
FullCircl exists to remove the regulatory and verification roadblocks that drive revenue growth through a leading IDV orchestration platform. The W2 by FullCircl platform offers AML, KYC software in 160+ countries to ensure regulated entities can satisfy regulatory requirements whilst improving the effectiveness of their customer due diligence and onboarding efforts.
“We were instantly attracted to W2 [by FullCircl] because it has continuity built in,” explained Alison Cleggett, Head of Compliance at Caxton. “W2 also fits with the ethos of Caxton and our focus on putting clients at the heart of everything we do. By partnering with W2 we’ve been able to satisfy the need for custom screening methods for different data sets. It’s a highly intelligent platform that support all of our needs, and the team delivers a dedicated level of service.”
FullCircl provides more than an off-the-shelf product. We collaborate with every client to understand their AML, KYC requirements and craft a custom solution to empower compliant growth.
Interested in hearing more? Contact us today for a free consultation and demonstration of the FullCircl platform.
FullCircl’s Complete Guide to Money Laundering Regulations 2024
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Ben Lachenal
In this article:
- What is money laundering?
- Core components of money laundering regulations
- How does money laundering work?
- Evolution of money laundering regulations
- The impact of money laundering
- The future of money laundering regulations
- How FullCircl can help
What is money laundering?
Money laundering is the process of disguising the proceeds of criminal activity as legitimate funds. This is typically done by moving money through a series of transactions to obscure its origin and make it appear as though it was obtained through legal means.
To prevent money laundering, law requires regulated entities to implement measures to detect and prevent money laundering. A variety of regulatory bodies such as the Financial Conduct Authority (FCA) enforce these measures to form money laundering regulation, requiring businesses to actively monitor money laundering, terrorist financing, and transfer of funds.
The United Nations Office on Drugs and Crime (UNODC) estimates that between 2 and 5% of global GDP is laundered each year, equaling between EUR 715 billion and 1.87 trillion each year. Therefore, the regulation of businesses to prevent money laundering is of paramount importance.
However, more stringent regulation correlates with increased friction so regulated entities must balance complying with regulation whilst ensuring that the customer journey doesn’t suffer.
Core components of money laundering regulations
There are many aspects to money laundering regulations which includes a significant amount more than the initial regulatory guidance. The entire process of money laundering regulation includes input from the regulatory bodies, through to regulated entities, auditors, and beyond.
The typical Money Laundering Regulations (MLRs) process is as follows:
1. Legal frameworks
Across the globe, countries have implemented laws and regulations to assist with Anti-Money Laundering compliance. Major legislation includes the USA PATRIOT Act in the United States and the EU 6th Anti-Money Laundering Directive in the European Union, setting stringent standards for regulated entities.
The Financial Conduct Authority (FCA) enforce the money laundering regulations and are primarily comprised of ‘The Money Laundering and Terrorist Financing (Amendment) Regulations 2023’ which builds upon the initial regulation set out in 2017. The amendment placed a focus on the requirement of Enhanced Due Diligence (EDD) on domestic Politically Exposed Persons (PEPs) to be less than in relation to foreign PEPs, which is a requirement by the Financial Services and Markets Act 2023.
The complexity for regulated businesses is that the FCA money laundering regulations are only applicable in certain jurisdictions. Whilst the FCA and other governing bodies are seeking to achieve the same goal, there are various nuances which complicates the compliance process.
The initial Money Laundering and Terrorist Financing Regulations 2017 required regulated entities to do the following:
- Conduct a money laundering and terrorist risk assessment.
- Implement systems, policies, controls, and procedures to address money laundering and terrorist financing risks and meet the requirements under the MLR 2017.
- Apply policies, procedures, and controls across a business’ group structure.
- Adopt appropriate internal controls.
- Provide training to staff.
- Apply for approval if someone is the Ultimate Beneficial Owner (UBO), officer, or manager of a firm.
- Comply with new customer due diligence, enhanced due diligence, and simplified due diligence requirements.
- Comply with requirements relating to Politically Exposed Persons (PEPs).
- Make sure record keeping and data protection systems, policies and procedures meet the requirement of the regulations.
- Comply with new obligations relating to record keeping and the provision of information about beneficial ownership if a business acts as a trustee of a relevant trust.
- Source - “Quick guide to the Money Laundering Regulations 2017”
2. Customer Due Diligence (CDD)
Identifying and verifying customer identities at onboarding is the first crucial obligation for regulated entities to prevent money laundering. The requirement for Know Your Customer (KYC) procedures includes identity verification and checking against Politically Exposed Persons (PEPs), sanctions, adverse media and watchlists. Some of these checks such as adverse media are optional but help build a better picture of a customer risk profile, whereas sanctions and money laundering go hand in hand as sanctioned individuals, entities, and vessels are solid indicators of potential financial crime. Enhanced Due Diligence (EDD) is also required for high-risk customers.
3. Transaction monitoring & reporting
As part of money laundering regulations, businesses are also required to monitor customers past the point of account opening. This includes re-screening customers against PEP, sanctions, adverse media, and watchlists to identify any changes to customers. Transaction monitoring is also required which is the process of monitoring transactions such as transfers, withdrawals, and deposits to identify suspicious behaviour.
4. Recordkeeping
Regulation requirements mandate the maintenance of transaction records and evidence of all AML checks performed for auditing purposes. This holds regulated entities accountable for all Customer Due Diligence (CDD) performed.
5. Compliance programs and internal controls
Regulated entities must establish robust AML compliance programs which is a set of responsibilities for both financial and designated non-financial businesses, and implement internal controls to actively prevent money laundering activities.
6. Training and awareness
The emergence of IDV RegTech businesses such as FullCircl has helped significantly to automate the majority of the AML identity verification process. However, AML training is also imperative for employees as Money Laundering Reporting Officers (MLROs) and compliance teams may need to perform manual intervention. Strategies to enhance awareness and foster a culture of compliance are emphasised.
7. Penalties and enforcement
Non-compliance with Anti-Money Laundering regulations can result in severe penalties enforced by regulators. In banking alone, there were $835 million+ in fines incurred in 2023, ranging from inadequate AML systems to acceptance of onboarded customers without the correct investigation. Enforcement agencies play a pivotal role in ensuring adherence to AML laws to safeguard financial integrity.
One of the biggest enforcement actions from 2023 was a fine given to Binance of $4.3million for failings related to money laundering. Upon investigation, Binance had let the flow of illicit funds from countries including Russia, Cuba, and Iran and multiple sanctions failings. This fine alone demonstrates the importance of a secure AML system.
How does money laundering work?
In the last decade, financial transactions have become increasingly digitised, offering new avenues for laundering money through online platforms. Here’s how it typically works:
1. Placement
Financial systems accept illicit funds, often through small and discreet transactions to avoid detection. Cybercriminals may use techniques such as structuring, where large sums are broken into smaller ones, or smurfing, which involves using numerous individuals to make deposits.
2. Layering
The layering stage involves moving funds through various accounts or financial instruments to further hide their origins. Online banking services, cryptocurrency exchanges, and offshore accounts are commonly used for layering due to their anonymity and ease of access.
3. Integration
The final stage involves the laundered funds being reintroduced into the legitimate economy, appearing to be from legal sources. Online investment platforms, real estate transactions, and shell companies are used to integrate the laundered money back into the financial system.
As financial transactions have become more digitised, emerging threats have followed. Virtual currencies like Bitcoin offer pseudonymity, making them attractive for money laundering activities, online banking services provide avenues for rapid and global movement of funds, making tracking and detection more challenging, and the use of anonymising tools such as virtual private networks (VPNs) and encrypted communication further complicates efforts to trace illicit transactions.
The digital landscape has provided criminals with sophisticated tools to launder money through financial transactions online, requiring constant vigilance and collaboration between regulators, law enforcement, and financial institutions to combat illicit activities.
Evolution of money laundering regulations
Historically, money laundering emerged as a global concern in the 20th century with the rise of organised crime and the proliferation of illicit activities such as drug trafficking and smuggling. As criminal enterprises became more complex and sought to conceal the origins of their funds, the need for effective methods to launder money became apparent.
Milestones in the development of Anti-Money Laundering (AML) regulations include the establishment of the Financial Action Task Force (FATF) in 1989, which set global standards and guidelines for combating money laundering. The USA Patriot Act of 2001 in the United States initially introduced comprehensive AML measures, including enhanced due diligence requirements and the creation of financial intelligence units. More recently, The UK Government imposed The Money Laundering and Terrorist Financing (Amendment) Regulations 2023 to implement stricter requirements for regulated entities to track high-risk factors, e-money thresholds for due diligence, a closer focus on identifying Ultimate Beneficial Ownership, and reporting discrepancies to Companies House.
Due to the ever-evolving nature of complexity of money laundering, regulation is constantly developing, and the goalposts are moving for regulated entities to ensure they are fully compliant.
Key global organisations and initiatives to combat money laundering include the Financial Action Task Force (FATF), which coordinates efforts among member countries to prevent money laundering and terrorist financing through policy development, evaluation, and cooperation. Additionally, the United Nations Office on Drugs and Crime (UNODC) works to enhance global cooperation. These organisations underscore the importance of global collaboration in addressing the complex challenges posed by money laundering.
The impact of money laundering
Money laundering comes in many forms, ranging from drug trafficking and human smuggling to cybercrime and corruption. Drug trafficking remains one of the most lucrative criminal enterprises with organised crime syndicates funnelling massive sums of money through illicit channels.
Cybercrime, including hacking, identity theft, and online fraud has become increasingly prevalent in the digital age, providing criminals with more opportunities to launder money. Corruption, whether in the form of bribery, embezzlement, or illicit government contracts, also generate funds that require laundering to conceal their origins.
The consequences of money laundering for society and the economy are profound. Money laundering facilitates the growth and sustainability of criminal enterprises, perpetuating violence, exploitation, and global instability.
The flow of illicit funds distorts economic systems, undermining fair competition and fostering a climate of corruption. Money laundering enables criminals to evade taxes, depriving governments of vital revenue for public services and infrastructure. Therefore, the Defence Against Money Laundering (DAML) through stringent regulation aims to safeguard society and preserve the integrity of the global financial system whilst reducing and preventing financial crime.
The future of money laundering regulations
As digitisation of financial institutions continues globally, regulation is only going to become stricter and more complex. Criminals are becoming more intelligent, cross-border transactions are the norm, and the emergence of AI poses a serious threat. The importance of a strict compliance program has never been more important.
The future outlook of Anti-Money Laundering regulations and enforcement emphasises the necessity for a more collaborative approach. If regulators and regulated entities want to truly prevent money laundering over and above it being a tick box exercise, there cannot be a disconnect between the two. Global harmonisation of regulation, advanced technology to fight financial crime, and cooperation between regulatory bodies and entities can provide the balance needed to counter money laundering whilst ensuring regulated entities can maximise revenue by providing an efficient customer journey.
How FullCircl can help
FullCircl provides a full suite of AML screening and monitoring including global PEPs, sanctions, and adverse media to actively identify the risk of money laundering at onboarding and through ongoing monitoring. On top of that, we understand that service providers need to offer much more than AML checks alone. We offer a consultative and collaborative approach to understand your unique requirements, the regulation you must comply with, and have a core understanding of how best to balance regulatory requirements with great customer experience.
FullCircl removes the regulatory and verification roadblocks to drive revenue growth by providing a full IDV orchestration platform including KYC in 160+ countries, document verification with facial comparison, Know Your Business (KYB) checks, anti-fraud, and more. FullCircl is data agnostic and uses 20+ data suppliers delivered via leading technology to provide clients with the most secure AML compliance product on the market.
Clients trust FullCircl to keep ahead of evolving regulation whilst giving their customers the best possible onboarding experience to drive customer advocacy and revenue growth.
Interested in hearing more? Contact us today for a free consultation and demonstration of the FullCircl platform.
The Ultimate Guide to Anti-Money Laundering (AML) Checks
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Ben Lachenal
Anti-Money Laundering (AML) is part of the Customer Due Diligence (CDD) process in which regulated businesses are required to prove that individual and corporate clients are who they say they are.
What is an AML check?
AML checks specifically are in place to prevent money laundering and transfer of illicit funds through a business. As of 2022, an estimated £88 billion is laundered in the UK every year so countering and reducing this figure is at the forefront of priority. Businesses in industries such as financial services, online gambling, cryptocurrency, and regulated commerce are required by law to conduct AML checks outlined in various global regulation set out by regulators including the Financial Conduct Authority (FCA), BaFin, the Securities Exchange Commission (SEC), and more.
By implementing a robust Anti-Money Laundering program, businesses can identify Politically Exposed Persons (PEPs) who may pose a higher risk of laundering money, sanctioned individuals, and adverse media checks on individuals and businesses. AML checks not only prevent money being laundered through a business but also prevent fines, suspensions, and reputational damage by ensuring that businesses aren’t working with bad actors.
Types of AML checks
There are several checks included to comply with AML requirements, ensuring that businesses are doing everything they can for effective Anti-Money Laundering, Counter Terrorist Funding (CTF), and financial crime prevention.
PEP checks
A Politically Exposed Person (PEP) is someone who holds a position of power and is therefore more susceptible to money laundering or bribery. Examples include heads of state, government officials, judges, and military officers.
PEP checks pull data from a variety of global sources to enable regulated businesses to conduct due diligence, ensuring they are not involved in any illegal activities. If a customer attempting to onboard is a PEP, this doesn’t necessarily mean that the business should automatically reject them, but instead they should take a calculated approach to find out more information from said customer.
It’s also important to verify the identity of those associated with PEPs including family members and close associates who could be equally exposed to the potential risk of money laundering as PEPs themselves.
Robust PEP checks will be able to discover information on PEPs, associates, and family members globally and in real-time.
Sanctions checks
Sanctions are measures imposed by governments or international organisations to restrict financial transactions with certain individuals, organisations, countries, entities, and vessels. Sanctions can be imposed for a variety of reasons including terrorism, human rights abuses, weapons proliferation and more.
Sanctions checks are designed to identity anyone or anything which has been sanctioned globally. Employing sanctions checks can be argued as more important than PEP checks as it is prohibited in a variety of regulation to do business with those who are sanctioned.
There are a variety of sanctions lists available including the European Union, United Nations, HMT (His Majesty’s Treasury Department), and the US Treasury Department.
Interested in learning more? Check out our complete guide to PEPs and sanctions here.
Adverse media checks
Adverse media checks scrape open-source information from around the web to report on activities from businesses and / or individuals which may pose a risk to a working relationship. Whilst adverse media can pull information which isn’t necessarily relevant to due diligence, it can also be used effectively to supplement PEP and sanctions checks to form a more robust AML process.
Transaction monitoring
Transaction monitoring occurs post onboarding and is a systematic process that involves scrutinising financial transactions to identify suspicious activities related to money laundering or terrorist financing. Providers of transaction monitoring, including FullCircl partner Comply Advantage, use advanced algorithms and pattern recognition to track transactional behaviour such as frequency, amount, and unusual patterns to identify the risk of money laundering from current customers.
AML as part of a wider KYC program
As AML regulations globally continue to become more stringent coupled with rising expectations from customers to complete onboarding more efficiently, combining Know Your Customer (KYC) and AML is becoming increasingly critical to business growth.
It's no longer fit for purpose for regulated businesses to have a fragmented approach to compliance leading to the popularity of providers who can offer a full compliance stack has risen exponentially in the past decade. For example, AML in banking has traditionally been a manual approach but even those reliant on legacy systems are turning to technology and AI to increase the efficiency of compliance teams.
For many regulated industries, just performing anti money laundering checks isn’t enough to comply with regulatory requirements. Instead, it’s required to not only verify that customers aren’t politically exposed or on sanctions lists, but to also verify the identity of customers with KYC checks, document verification, and anti-fraud measures.
Although, as the list of AML, KYC checks required to complete onboarding gets longer year on year, the risk of customer drop-offs due to clunky onboarding continues to rise.
Regulated industries are now putting more emphasis on the compliance program at the forefront of priority, ensuring they partner with technology providers who can offer them all of the checks they need whilst delivering the checks seamlessly to achieve real-time onboarding.
What data is required for AML checks?
Depending on the context around performing AML checks, a variety of personal information is required to best find a match. When performing AML checks on individuals at the point of account opening, the following information is required at a minimum:
- Name
- Address
- Date of birth
If the business is using an AML provider who is pulling multiple sources of AML data and can confidently access name, address, and date of birth from their customers then this information will suffice in finding an accurate match.
However, it’s not always as easy to receive this information from customers so businesses can supplement this with asking for an official identity document such as a passport, driving license, proof of residence, or source of funds to assist in the process.
Advanced AML providers will also offer the option to implement customisable matching thresholds which will allow compliance teams to investigate multiple results. For example, a business might want to receive an alert if the name and date of birth match, but address is misspelled. This ensures that businesses lower the risk that falsely inputted data leads to missed matches.
In the context of performing AML checks on businesses or directors associated with businesses then there is more information to be collected before an accurate check can be made.
Again, stressing the importance of using a system designed to offer a full suite of compliance tools, verification of corporate customers should include a Know Your Business (KYB) check in the first instance. This will ensure that the AML checks are performed on the correct entity, similar to how a KYC checks ensures the right individual is being checked but will also provide initial indication into risk by analysing financial information and share structure.
Once the KYB report is performed, an accurate AML checks can then be used on both the business itself, related shareholders / directors, and most importantly, the Ultimate Beneficial Owner (UBO).
What systems support AML checks?
It’s not only critical to identify the correct information needed to effectively perform AML checks, but also that the system powering the checks can support accurate identification and efficiency.
Client screening tools such as FullCircl allow regulated businesses to perform AML checks seamlessly at the point of onboarding and through ongoing monitoring. This means that clients of FullCircl use AML checks on all of their customers at the point of onboarding without requiring manual collection of data.
A single API integration can perform AML checks automatically when a customer attempts to onboard and ongoing monitoring can be performed on customers which includes the ability to categorise clients by risk group.
The regulation from the Financial Conduct Authority (FCA) and other associated entities requires AML not only at the point of onboarding but also proactive use of AML where there is a risk of terrorist financing, money laundering, suspicious behaviour, and transactions exceeding the threshold of 15,000 (USD, EUR, GBP). Therefore, AML at the point of onboarding is only one part of the puzzle, active monitoring of clients is just as important to identify risk and avoid the potential of money laundering.
How long do money laundering checks take?
This entirely depends on the systems used to consume AML data. Manual verification can take anywhere from a few hours to a few weeks depending on the risk level of the subject. Automated AML solutions can perform checks in seconds by aggregating multiple sources of data into a single access point.
There are many different sources of data in a comprehensive AML check meaning that any businesses who are required to implement an AML program should conduct in-depth analysis of both the data required to comply with regulations and the technology providers who can deliver the checks to an industry leading standard.
How FullCircl can help
FullCircl provides a full suite of AML screening and monitoring including global PEPs, sanctions, and adverse media to actively identify the risk of money laundering at onboarding and through ongoing monitoring.
FullCircl is designed to remove the regulatory and verification roadblocks to drive revenue growth by providing a full IDV orchestration platform including KYC in 160+ countries, document verification with facial comparison, Know Your Business checks, anti-fraud, and more. FullCircl pulls data from 20+ global sources to ensure that the best quality of data is provided to clients whilst ensuring that onboarding is aligned to rising customer expectations.
Clients use FullCircl to keep ahead of evolving regulation whilst giving their customers the best possible onboarding experience to drive customer advocacy and revenue growth.
Interested in hearing more? Contact us today for a free demonstration and learn how to access FullCircl's AML integration.