87% of corporate treasurers have abandoned banking applications due to lengthy onboarding Read here

Introducing Encompass remediate

By Dr Henry Balani | Mon 14 March, 2022

Regulated businesses, particularly banks and financial services firms, face mounting pressures when onboarding new customers.

The ever-increasing frequency of changes to requirements, as dictated by global anti-financial crime regulations, and heightened expectations around customer experiences have made initial onboarding processes much more expensive, arduous and complex than necessary.

For banks and financial services firms, however, the new customer onboarding scenario is only half the story.

Once customers have been successfully onboarded, there is still the requirement for regulated businesses to remediate their existing customers, as their Anti-Money Laundering (AML) and Counter Terrorism Financing (CTF) policies change to adapt to these new regulations.

The Russian sanctions regime, driven by the invasion of Ukraine, is currently driving large-scale remediation projects within global banks, as the new regulations require financial institutions to identify sanctioned entities and corporations, or risk enforcement actions by their local regulators. Failure to identify, terminate existing customer relationships and properly freeze assets can result in both hefty penalties and negative press, leading to reputational repercussions.

Sanctions enforcements are now increasingly used to apply political pressure to rogue governments and given the wide-ranging scope and global nature of these regulations, extensive due diligence will certainly be required for the customer remediation process.


Remediation applies to all regulated businesses, including banks and financial services firms, which must monitor existing customers throughout the lifecycle of their relationship to ensure they continue to fit within the firms’ risk appetite. When legislation is updated, AML and CTF policies are adjusted, meaning clients onboarded prior to changes may no longer be suitable.

The purpose of remediation is to bring a firm’s back book of existing customers in line with their existing standards for AML/CTF due diligence. This involves checking and refreshing the information held on file about a customer and evaluating this against current AML/CTF policies.

Risk based assessment continues with remediation

Regulated businesses can no longer use simplified Customer Due Diligence (CDD) as a matter of course. Instead, they must assess the risk posed by an individual customer and apply a risk-based approach in reviewing their current standing. By using a risk-based approach, businesses can make an assessment on each individual customer, and apply an enhanced level of due diligence, as required.

Which businesses are at risk?

All regulated businesses are subject to remediation requirements, which means banks and financial services firms are no exception.

The Ukraine crisis highlights the need for regulated businesses to review their risk management processes because of the announced sanctions against Russian corporations and individuals. Western governments have been coordinated in their response, which requires banks to assess their exposure across their global customer portfolio. In this case, remediation processes require a review of Russian customers, their corporate structures and their percentage holdings of subsidiaries across multiple jurisdictions. They must also identify sanctioned individuals that have a controlling interest in these companies. Both the US and EU have majority ownership provisions, where any subsidiary that is 50% or more owned by a sanctioned entity is also sanctioned, irrespective of if they have been explicitly listed as sanctioned. This means that regulated businesses will need to conduct due diligence to identify these relationships. Specifically, they need to identify if the customer has assets held in US dollars, British pounds, Euro or Japanese Yen across the corporation.

Another remediation consideration is the need to identify the different types of sanctions that have been announced, and how they must be applied as part of the remediation process. The Russian sanctions fall into three buckets, each with differing levels of impact and severity. The most impactful type of sanction would be a complete asset freeze – also known as a blocking sanction – where financial institutions (typically banks) would be required to freeze customer accounts that have been designated on the OFAC sanction list, as issued by the US Department of the Treasury or the HMT List, as issued by the UK.

A second level of sanctions have been targeted specifically at Russian financial institutions, designed to limit their ability to conduct foreign exchange transactions. While not a blocking sanction, as previously described, this type of sanction prevents banks from opening or maintaining a correspondent or payable-through account on behalf of a sanctioned Russian financial institution. A third level of sanctions are designed to limit Russia’s ability to finance existing debt. In this case, any new debt of longer than 14 days maturity and new equity of Russian state-owned enterprises or entities that operate in financial services are subject to restrictions. Effectively, they are now restricted from raising money through Western financial markets, which could be used to continue to finance the war.

How is remediation carried out?

Banks and other financial institutions hold huge amounts of data on existing customers. This will have been collected during the period when the customer was onboarded (opened an account or sold a product) and during various remediation processes for customers that have been with them for a substantial length of time.

For many financial institutions, extensive fragmentation of customer data across disparate legacy systems is commonplace. Collating legacy records for existing, long-standing business relationships is a real challenge – both from a technology and business perspective. The percentage ownership of subsidiaries may have also changed over time, making it challenging to identify majority ownership status of a sanctioned entity. Layering on expensive, time-consuming and often manual KYC processes to this already difficult task only acts as a further impediment to compliance.

Leveraging bulk processing and intelligent process automation technology can lessen this burden dramatically.

Introducing Encompass remediate

Encompass remediate effortlessly conducts KYC on existing books of customers to the same high standards of due diligence applied to new business KYC processing. An easy three step guide helps compile, upload and process remediation data using Encompass’ automated KYC policy. Customer profiles are automatically created and remediated with the chosen KYC policy, providing assurance of compliance at both volume and speed. Encompass remediate delivers faster and cheaper remediation, proven regulatory compliance and safe risk management.

Benefits of Encompass remediate

Consistent compliance
Ensure the same KYC standard is applied to existing customers as for newly onboarded customers

Proven compliance
Encompass Remediate generates full audit trails and proof documentation, which can be shared with auditors and regulators as evidence of compliance

Save time and cost
Benefit from effortless bulk processing and automated KYC checking of large volumes of customer data using intelligent process automation technology

Remediation management
With automated KYC profile creation and results updates

Remediation for today’s compliance world

Current remediation processes can be manual, which makes compliance with fast changing regulations difficult and error-prone, potentially resulting in missed sanctioned entities and penalties. These manual remediation processes can be costly, as they typically involve significant human labor, with a high probability of missed identification.

The collation of customer data stored across disparate systems between departments can also be challenging, but automation can aid in the collation process. Once collated, compliance managers must apply a risk-based approach to ascertain the correct level of due diligence to be performed. With information missing, incorrectly filed, or misinterpreted by an individual, the process is ripe for mistakes, omissions, and project overruns.

Sanctions will continue to be used by governments globally as a geopolitical tool to force compliance by rogue nations. As a result, remediation of existing customers will continually required.

Encompass remediate can help. Using the KYC policy already installed within the Encompass platform, Encompass can automate the process, at scale and speed.

Encompass KY automation platform

Transforming KYC remediation with automation

Reduce risk and increase efficiency of KYC remediation

Editor’s note: This blog was first published on 26 October 2017 and has been updated to its current form for accuracy and comprehensiveness

Author: Dr Henry Balani

Dr. Henry Balani is Global Head of Industry and Regulatory Affairs at Encompass. He is a noted industry thought leader and commentator on Regulatory Compliance issues and trends affecting the financial services industry. As a published academic, Dr. Balani also lectures on international business, economics, and regulatory compliance courses globally. Dr. Balani holds a Doctorate in Business Administration from the University of Wisconsin, an M.B.A. from Northern Illinois University in the USA, and a B.S. in Economics from the London School of Economics.

LinkedIn Profile | Dr Henry Balani

You also might be interested in


Discover corporate digital identity from Encompass


Find out more