Compliance Checklist: What a Company Needs to Do to Be AML Compliant

by Dmitri Laush
  • Every company obliged to follow AML regulations needs to set up policies that work for their unique needs.
Compliance Checklist: What a Company Needs to Do to Be AML Compliant
GetID
Join our Telegram channel

Global penalties for AML Regulation non-compliance are increasing year after year. Overall, the number of fines in 2020 was $10.4 billion. Major banks like Deutsche Bank (USA) and Commerzbank (UK) were fined millions of dollars for non-compliance. In this article, I will try to review what is necessary for any company to stay compliant.

What Is Necessary for KYC

Nowadays, many companies want to make the process of KYC smooth and fast so as not to lose potential customers. However, it is necessary to scrupulously check every potential customer. For example, a Deutsche Bank branch in the U.S. was hit with a $150 million penalty for their relationship to Jeffrey Epstein, convicted of sex trafficking and other abuses. It shows the lack of risk monitoring and KYC compliance. That is why, in order to prevent financial crime and avoid non-compliance fines, every company needs to have a sound customer due diligence process in place.

GetID

GetID

Secondly, once a client is onboarded and approved, financial organizations should have automated transactions monitoring to detect any suspicious activity that waves a red flag. Transaction monitoring is usually performed by banks, payment services and crypto exchanges.

Thirdly, companies should keep all the necessary documentation on the client (securely and safely, do not forget about personal data storage regulations!) and an audit trail ready to be shown to any AML authority if necessary, especially if the client is transacting large amounts of money.

Your compliance team should always be updated on the latest regulatory updates. That is why it is sometimes better and cheaper to outsource the whole KYC process to professional vendors capable of providing complex, fast and secure customer identity checks.

Progressive Screening and Ongoing Risk Monitoring

Smart companies make improvements to their KYC and identity checks, which is an ongoing process. For fintech services, it is important to hold continuous payment screenings and see if the client is involved in unusual Payments or show suspicious activities on the account.

Screenings typically involve checking the first-ever transaction made by the client or if there is unusual, non-ordinary activity (transferring an amount of money exceeding the usual sum or sending money to a foreign country they have never sent to before).

GetID

KYC Outsourcing

Every company chooses between two options: to build the compliance team and software in-house or to trust the compliance and KYC checks to professional vendors. Which is better? There are pros and cons for every variant.

Having a compliance department in-house might be rather expensive. Big companies report that the average cost of maintaining compliance runs approximately $10,000 per employee. Global banks and large brokers that

Dmitri Laush, CEO of GetID,

Dmitri Laush, CEO of GetID,

have upwards of 20,000+ employees could end up spending a staggering $200 million+ on compliance every year. If we talk about advantages, any compliance process that will require a deep understanding of the business processes of the chosen company will, of course, be handled better in-house.

Outsourcing KYC has several advantages. First, modern KYC services offer ready-made solutions with flexible workflows and global coverage. Thus, outsourced solutions are more scalable in short timeframes, while the in-house team has limited working capacity.

Second, KYC services have the needed expertise in identity and document verification and are equipped with all necessary tools for it. All of this combined allows companies to have a comprehensive service that allows them to align with regulatory requirements, and save time with the help of automation.

Following AML-Compliance Program

Every company that is obliged to follow AML regulations needs to set up policies that work for the unique needs of their organization. It is called the AML-compliance program of the organization. There are no standard rules which can fit every company; however, some points can be quite similar.

First of all, if it is a risk assessment, we have talked about it above. Secondly, there should be internal control and auditing to detect any red flags connected to money laundering. Internal control also includes control of employees who should be aware of their responsibilities and the compliance framework. Independent audits or AML consultancy is also a good solution because sometimes third-party companies can notice something which in-house workers cannot. This audit can be maintained no more than once a year.

And finally, all in-house compliance specialists should be upgrading their knowledge and undergoing professional training on a regular basis.

All those measures will definitely improve AML-crime prevention and will help any company stay compliant and avoid penalties.

Dmitri Laush, CEO of GetID

Global penalties for AML Regulation non-compliance are increasing year after year. Overall, the number of fines in 2020 was $10.4 billion. Major banks like Deutsche Bank (USA) and Commerzbank (UK) were fined millions of dollars for non-compliance. In this article, I will try to review what is necessary for any company to stay compliant.

What Is Necessary for KYC

Nowadays, many companies want to make the process of KYC smooth and fast so as not to lose potential customers. However, it is necessary to scrupulously check every potential customer. For example, a Deutsche Bank branch in the U.S. was hit with a $150 million penalty for their relationship to Jeffrey Epstein, convicted of sex trafficking and other abuses. It shows the lack of risk monitoring and KYC compliance. That is why, in order to prevent financial crime and avoid non-compliance fines, every company needs to have a sound customer due diligence process in place.

GetID

GetID

Secondly, once a client is onboarded and approved, financial organizations should have automated transactions monitoring to detect any suspicious activity that waves a red flag. Transaction monitoring is usually performed by banks, payment services and crypto exchanges.

Thirdly, companies should keep all the necessary documentation on the client (securely and safely, do not forget about personal data storage regulations!) and an audit trail ready to be shown to any AML authority if necessary, especially if the client is transacting large amounts of money.

Your compliance team should always be updated on the latest regulatory updates. That is why it is sometimes better and cheaper to outsource the whole KYC process to professional vendors capable of providing complex, fast and secure customer identity checks.

Progressive Screening and Ongoing Risk Monitoring

Smart companies make improvements to their KYC and identity checks, which is an ongoing process. For fintech services, it is important to hold continuous payment screenings and see if the client is involved in unusual Payments or show suspicious activities on the account.

Screenings typically involve checking the first-ever transaction made by the client or if there is unusual, non-ordinary activity (transferring an amount of money exceeding the usual sum or sending money to a foreign country they have never sent to before).

GetID

KYC Outsourcing

Every company chooses between two options: to build the compliance team and software in-house or to trust the compliance and KYC checks to professional vendors. Which is better? There are pros and cons for every variant.

Having a compliance department in-house might be rather expensive. Big companies report that the average cost of maintaining compliance runs approximately $10,000 per employee. Global banks and large brokers that

Dmitri Laush, CEO of GetID,

Dmitri Laush, CEO of GetID,

have upwards of 20,000+ employees could end up spending a staggering $200 million+ on compliance every year. If we talk about advantages, any compliance process that will require a deep understanding of the business processes of the chosen company will, of course, be handled better in-house.

Outsourcing KYC has several advantages. First, modern KYC services offer ready-made solutions with flexible workflows and global coverage. Thus, outsourced solutions are more scalable in short timeframes, while the in-house team has limited working capacity.

Second, KYC services have the needed expertise in identity and document verification and are equipped with all necessary tools for it. All of this combined allows companies to have a comprehensive service that allows them to align with regulatory requirements, and save time with the help of automation.

Following AML-Compliance Program

Every company that is obliged to follow AML regulations needs to set up policies that work for the unique needs of their organization. It is called the AML-compliance program of the organization. There are no standard rules which can fit every company; however, some points can be quite similar.

First of all, if it is a risk assessment, we have talked about it above. Secondly, there should be internal control and auditing to detect any red flags connected to money laundering. Internal control also includes control of employees who should be aware of their responsibilities and the compliance framework. Independent audits or AML consultancy is also a good solution because sometimes third-party companies can notice something which in-house workers cannot. This audit can be maintained no more than once a year.

And finally, all in-house compliance specialists should be upgrading their knowledge and undergoing professional training on a regular basis.

All those measures will definitely improve AML-crime prevention and will help any company stay compliant and avoid penalties.

Dmitri Laush, CEO of GetID

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}