Over the years, I’ve had the opportunity to review compliance manuals for all types of regulated entities and even a few compliance manuals for other businesses caught by AML/CFT laws. More often than not, those compliance manuals waste a huge opportunity. How? By not having provisions for simplified due diligence. Here are four critical issues that you may be missing.
Critical Issue 1 – Understanding and Integrating a True Risk-Based Approach
Consider this: the baseline due diligence requirements are largely informed by risk assessments of customers. That risk assessment process itself requires work to carefully craft against typologies, emerging trends and local regulatory guidance. Without going further into the nuanced variabilities of risk assessment frameworks... The alignment of the laws relevant to you and the international standards developed by FATF in this area enable the application of simplified due diligence.
Quick Wins derived from applying Simplified CDD
By providing a bracket for customers that present the lowest risks to the business, firms can achieve several quick-wins by:
(a) demonstrating that they have a deeper understanding of the premise of taking a risk-based approach;
(b) reduce the friction of onboarding low-risk customers; and
(c) eliminate unnecessary activities and allow resources to be focused on areas of higher risk.
Critical Issue 2 – Consideration of Regulations and Risk Tolerances
For savvy compliance professionals, the option of simplified due diligence may be something that they are fully aware of but reluctant or unable to implement. The risk tolerances of the firm are a primary driver of whether simplified due diligence is even considered. If this is the case, there may be a need for a well-communicated strategy to introduce this facet to due diligence, if not currently in place. Barriers to implementation may be the mindset of the compliance officer or the fear of an overly risk-averse regulator.
Five Steps to Integrating Simplified CDD
The first step to take is to determine the scope of your local laws and regulations in this area. Once you are confident in the fact that the law permits it (legal opinions don’t hurt), the second step is to review the firm’s risk tolerances and ensure that directors will permit broadening of the scope of current due diligence provisions to integrate simplified due diligence. It would also be useful to canvas staff that interact directly with customers to determine whether there would be utility in applying simplified due diligence at this stage. It is also important to be vigilant to ensure that any feedback is not driven by other staff that would want to ease off on necessary due diligence, which could present its own risks.
The third step involves a review and revision of existing procedures. In this step, compliance officers must ensure that the integrity of the due diligence process is not undermined by being oversimplified – remember the core tenets of due diligence: identifying and verifying the identity of the customer, have sufficient information to assess risks and how/where they can be reached (in the event that a competent authority requires this information). Before implementation (but after Board sign-off), the fourth step is to submit the revised procedures to the relevant competent authority; this may be your prudential regulator, financial investigation unit or other regulatory authority with responsibility for AML/CFT supervision. In the context of possible conflicts with other competent authorities that impact record keeping requirements (typically for the purposes of tax reporting), a determination should also be made on any possible impacts in implementing a change to due diligence driven by laws and regulations within your country.
Once a ‘no objection’ response has been provided by the relevant competent authority, the fifth step is the training of staff and the introduction of simplified due diligence provisions. In totality, some may come to the view that integrating simplified due diligence provisions may be more trouble than it is worth.
Critical Issue 3 – Changing Mindsets of Individuals and International Standard Setters
There are proponents that appear to support more due diligence and not less given recent technological advances. Having had a small amount of experience in ‘scrubbing’ data, I am not a supporter of collecting more because the technology allows it. The touchpoints for compliance are many, and more information can, if improperly done, create gaps that may be more dangerous – having information that should inform other actions (and not taking those actions) because of the inertia excessive data points can trigger. Simplified due diligence can allow for business growth and better leveraging of resources to higher-risk drivers. Beyond the helicopter view of the benefits to MSMEs and traditional financial services, better adoption will be largely influenced by mindsets and forward-looking compliance professionals.
The World Bank and other supranational bodies also appear to support the increased use of simplified due diligence. The push for improving financial inclusion and providing the necessary space for the growth of MSMEs is evidence for this. At the time of writing, it is not sufficiently clear whether the apparent conflict between customer due diligence requirements and financial inclusion has been contemplated by FATF, it is clear to my mind that there is a case (and a space) for simplified due diligence to be embraced. In my opinion, FATF could leverage significant goodwill by providing more substantial guidance in this space, particularly for countries that would see tangible and material benefits from simplified due diligence being permitted and supported.
Changing mindsets can be a process, and at times, the resistance to change is the only issue towards achieving more useful outcomes in life (and compliance).
Critical Issue 4 – Cost of Compliance and its impact on Financial Inclusion
Understanding that the impact of the cost of compliance on MSMEs and in some cases, traditional financial services in developing countries, and its negative impact on financial inclusion is often underappreciated by stakeholders that contribute to legislative reform. Beyond potential political ‘brownie points’ that could be had, there could be very real resistance in broaching this opportunity given the tone and approach of country assessors, whose evaluations of a country and subsequent ratings can derail economic development from the resultant ‘derisking’ that has occurred in some countries.
Recap
Critical Issue 1 – Understanding and Integrating a True Risk-Based Approach
Critical Issue 2 – Consideration of Regulations and Risk Tolerances
Critical Issue 3 – Changing Mindsets of Individuals and International Standard Setters
Critical Issue 4 – Cost of Compliance and its impact on Financial Inclusion
Want to learn more about Customer Due Diligence? Check out our courses.
Meet the Author
