The time-consuming demand that financial services providers `know their customers' can now be outsourced and automated, says Kenneth Bryant.

The world of financial services regulation is changing rapidly, increasing the cost of business for every financial services provider (FSP). FSPs around the world are required to have adequate controls and procedures in place so that their businesses cannot be used for criminal or fraudulent purposes. Adequate due diligence on new and existing customers, as well as monitoring, reporting, training and record-keeping, are a key part of these controls.

Now, there are organisations offering a set of services for outsourcing the burdensome components of these controls and procedures, and acting on behalf of the entire financial community. These dedicated services provide a higher level of due diligence and ongoing compliance than could be achieved by most FSPs working on their own, saving time and money. Internet Financial Services Ltd (IFS) is one such company.

When requested, KYC Outsourced Services (KYC-OS, an IFS company) will provide FSPs with a high risk enhanced due diligence investigation, on an ongoing comprehensive background basis, on clients. Scrubbing or data mining consists of initial and periodic searching of various internal and external, public and private databases.

Proprietary database screening

The various databases that KYC-OS accesses are compiled from thousands of reputable international public sources, including newspapers, newsletters, newswires, technical journals and periodicals, industry publications, official law enforcement wants and warrants lists, governmental sanction lists and regulatory enforcement actions.

The high risk enhanced due diligence search is designed to identify individuals or entities worldwide that are known, suspected or substantially alleged to be involved in (directly or indirectly) money laundering, fraud, drug trafficking, terrorism, public corruption, or who are subject to official sanction. To reflect new developments, the database is updated weekly with hundreds of additional individual/entity names being added monthly, including photographs when these are available.

IFS regularly scans the databases against new and existing FSP clients for new reports of these types of illicit activities. If a client is discovered on any of the databases, an alert will be sent to it. Additional official hard copies of actual discovery can be provided wherever possible for an additional fee, if requested. This ongoing discovery process assists FSP employees in meeting the requirements of ongoing compliance due diligence without the time or expense associated with manual procedures.

Due diligence processing

In addition to data mining and scrubbing for derogatory or negative information on prospective account holders, IFS also offers authentication of passports. This includes alerts for pseudo-official or non-governmental entities that issue camouflage or spurious passports.

Additional measures are taken to independently verify name and address (wherever possible, depending on jurisdiction), and geographical high risk profiling.

High risk profiles include those countries identified as `high risk' by international agencies concerning money laundering, drugs (either drug producing or trans-shipment points), terrorism (state-initiated or -sponsored), propensity or history of public corruption (referred to as `potentate' or `politically exposed persons' risk), non-existent or inadequate financial regulation, fictitious or non-recognised jurisdictions that issue fraudulent financial services licensing, and international sanction.

Document collection

KYC document collection removes the most burdensome task involved with regulatory compliance from the FSP. The time necessary to track down missing documents, phone calls and filing nightmares is now a thing of the past. The FSPs are still completely responsible for the KYC requirements imposed by law, but they outsource the tedious and laborious components of document collection and storage to KYC-OS.

The company works to establish a protocol, a list of all required documentation, with each FSP for each type of entity, account, relationship or individual, necessary to satisfy internal and external regulatory requirements. The FSP simply instructs the prospective client to deliver the documents to its compliance paperwork processing centre. Upon receipt of all the necessary documents and completion of the background research, IFS notifies the FSP that the client has complied with the regulations and may proceed with the proposed transaction.

FSPs may wish to compile more data on a client than is required by law. This would be the responsibility of the FSP, for its own satisfaction and comfort. IFS maintains the documents necessary to guarantee compliance with the law, and then makes those documents available to the FSP and the regulatory authorities via its private network system of encrypted online access.

Digitising, encrypting and securing documents online

Electronic transactions and documents are now recognised under law. As such, documents no longer need to be kept physically, stored in files or filing cabinets requiring space, time and money.

After collecting, sorting and verifying the required due diligence documents necessary to meet regulatory compliance, IFS digitises, encrypts and stores them electronically. Each document is digitally signed, watermarked and time stamped, absolutely guaranteeing its authenticity.

FSP members are able to access all of their information, including the digitised due diligence documents, from the electronically-stored, KYC-secured and encrypted systems. These systems are available 24 hours a day, 365 days per year. The regulatory authority also has access to the records, enabling faster response to requests to compel documents.

FSPs save the entire cost of finding, retrieving, copying and delivering compelled due diligence documents to the regulators. This system is believed to be the fastest, totally secure and reliable resource ever developed to assist FSPs with their compliance efforts.

Reporting

KYC-OS provides a mechanism for member FSPs to securely file a suspicious activity report (SAR) to the appropriate reporting authority. This method is secure, fast, reliable and easy to use. An FSP representative need only log in to the KYC website and select the report function after locating the account, entity or individual in question. The FSP types in the information as required and presses the send button. The system then automatically sends the encrypted SAR, via private intranet, directly to the reporting authority. The reporting authority is notified immediately of an SAR or submission filed. Only at the FSP's request will the compliance documents on file be forwarded to the reporting authority.

The report section also provides a means of communication between the FSP and the KYC-OS processing centre. The company notifies the FSP and reports when due diligence is complete or why it may be pending. It also notifies the FSP and reports when the ongoing due diligence process has turned up information that may be of interest.

Training

The regulatory compliance personnel at KYC-OS are skilled in the provision of tailored training sessions for FSP employees. The company imparts the necessary information to assist FSP staff in understanding their general obligations under the law, recognising and reporting unusual transactions, and awareness monitoring for all high risk issues on an ongoing basis.

IFS delivers induction, refresher and specific training on anti-money laundering and other regulatory compliance issues. The company assists clients in achieving compliance training goals and objectives by providing the training to FSP staff, so that the FSP need not incur the time and expense, or meet the additional demand on its resources.

IFS offers comprehensive compliance officer/MLRO (money laundering reporting officer) training packages and special training for senior management, officers and directors. These packages are designed to provide the necessary information for their demanding roles and to keep them informed of relevant local and international developments.

All training is documented for regulatory purposes and a certificate of attendance is issued to each participant upon completion. Training is free to clients as a part of membership.

There are several reasons why organisations should consider membership, including:

  • the due diligence investigative process is costly;

  • there is no secure and efficient way to report unusual, abnormal or suspicious client behaviour;

  • FSPs must hire compliance managers and project staff at high salaries and benefits; and

  • the storage and retrieval process for compliance data is expensive, archaic and slow. Clients must repeat the process with every FSP even if it was just completed by another.

    Benefits of membership include:

  • lower overall costs for regulatory compliance;

  • comprehensive, consistent and compliant data;

  • instant online access to compliance data if authorised;

  • a single point of entry for clients to the entire financial services sector, trusted by all;

  • an immediate reporting mechanism for suspected wrongdoing; and

  • potential interoperability between jurisdictions, using digital certificates.

    By Kenneth L Bryant

    Kenneth L Bryant MSCJ, CPP, CPE, CFE, AcoI is a director of KYC Outsourced Services, a division of Internet Financial Services Ltd, based in Grand Cayman.