MLROs.com: Examining the KYC Operational Landscape & Enhancing Corporate Customer Due Diligence
We were delighted to present and host a panel discussion at the Money Laundering Reporting Officers conference in London recently.
MLROs.com was founded in 2005 by Ben Hur with 140 members. Since then, the group has continued to grow with the aim of equipping financial crime professionals with the knowledge and expertise to stop financial criminals determined to ply their nefarious trade with increasing sophistication and regularity.
Hosted by law firm Squire Patton Boggs, it was a pleasure for us at Encompass to not only speak, but to sponsor the day.
During the conference, a number of presentations covered the new Money Laundering Regulations (MLR 2017) to varying depths, including the major changes to be aware of. This was, I felt, to be welcomed, as this is certainly one of the key pieces of legislation from the UK Government designed to block potential money launderers and financiers of terrorism and will have huge repercussions for all regulated industries.
It was a real pleasure to be asked to present and speak on the Know Your Customer (KYC) Operational Landscape. I focussed specifically on what the new regulations demand in terms of increased levels of customer due diligence for corporate customers. I reviewed the KYC operational landscape including the tools and information available to MLROs today which should be considered as part of a modern response to the new regulations – everything from information sources available to automation technology.
In short this covered:
- Corporate Customer Due Diligence; New regulations: new demands
- The KYC operational landscape; what’s available and how you can respond including an overview of managed service options, information providers and workflow tools
- The future of KYC operations. What’s coming down the line, how far away is it and will it help?
The KYC operational landscape
The overwhelming message was that many firms in both professional and financial services continue to attempt to manage their corporate CDD requirements using a manual process. Today, people are typically using some combination of third party information sources, manual labour and workflow tools.
While adding headcount has been a go-to option in recent years, the new regulations are increasing the focus on a risk based approach and ultimate beneficial ownership (among other factors), so analysts working in KYC teams will now need even more time to do this research and assessment. We heard on the day that compliance budgets are already stretched and organizations can’t recruit and train talent at a fast enough rate to enable business growth, so they are being forced to seek other solutions.
Following my own presentation, I was delighted to be joined on stage by Nick Parfitt of C6 Intelligence to take questions from delegates. Nick is the Director of Product Management & Marketing at C6 Intelligence. As Product Director he has over 18 years of industry experience, 9 of which has been focused on Financial Crime Compliance. Prior to joining C6 Nick was the Global Customer Risk Assessment Methodology owner at HSBC and has held senior roles at EY and Accenture.
From the Panel: Thoughts from Nick Parfitt and Graeme Port…
…On the the biggest challenge you see with the operations of KYC today?
Coping with regulatory change while ensuring operational robustness. When the complexity and volume of day to day tasks increases, it’s a constant challenge to maintain quality of operations while the business grows. At the same time new regulations need to be overlaid on existing practices. Ultimately heads of KYC operations want to be able to proactively manage risk, not feeling like they spend their time in the trenches trying to ensure steps in the process have been followed.
…On how MLROs can ensure KYC operations in their organizations are robust – even when you’re not the one managing the team day to day?
MLROs are responsible yet depending on the size of your organization, the “operations” of KYC will likely be managed by others, if not teams of others. Therefore it’s important that you get the right governance in place early. We heard some examples of MLROs earlier in the day who did not escalate issues appropriately where they had concerns. To do this you need to have the reporting in place and ideally systems with “built in proofs” so that you and others in your organization supervising the operations can instantly sight and retrieve evidence of compliance. Technology can now enable real-time oversight and permissions access which previously would not have been possible.
…On the pros and cons of outsourcing some of these activities; the options and what should organizations look for ?
Nothing in Regulation 38 (7) prevents a relevant person applying customer due diligence measures by means of an agent or an outsourcing service provider provided that the arrangements between the relevant person and the agent or outsourcing service provider provide for the relevant person to remain liable for any failure to apply such measures.
With the regulatory environment becoming increasingly complex, even getting to operational level can be a huge task. Interpreting new legislation and getting an initiative off the ground up and running before the next compelling regulatory deadline raises the question of how fast can MLROs and their organizations act?
….On the Differences between how well professional and financial services are preparing for and acting on MLR2017
There were a number of lawyers speaking at the conference and much expertise held among the professional service delegates in the room who regularly advise financial service firms on Financial Crime Compliance. However it was also acknowledged that there is some catching up to do when it comes to the KYC operations inside legal and accounting firms. It’s well understood that financial service firms have been subject to stringent legislation for some number of years, and only now has it been expanded to cover financial services, and legal and professional services equally.
The future of KYC operations
What’s coming down the line, how far away is it and will it help?
I was excited to attend this seminar, and it was really pleasing that it met expectations. As well as a top notch list of speakers who all added their own unique insights into the day, I found all delegates really on point with their questions, on what can be done to mitigate the impact of MLR 2017 and other legislation. Unquestionably, this is both a challenging, and also an exciting time to work in the field of compliance. While challenges such as new legislation and more stringent penalties for non-compliance are a very real threat, new ways of undertaking the KYC process, such as through automation, AI and machine learning all mean that it will likely become very exciting also. I look forward to coming back for the 2018 conference to learn how much headway will be made over the next 12 months.