The pain is real
We work with the biggest and smallest of firms around the globe and the frustration is the same everywhere. AML pain usually falls into two camps; cost and clarity. The good news is, there are ways to make AML more bearable and easier to on-charge where applicable.
We’ve collated some of our best local advice and combined it with global expertise to help you have a less painful compliance journey.
Costly KYC / CDD
Pain 1: Non-billable hours
This point almost always stems from the fact that most KYC / CDD is manual. And the longer it takes, the less revenue-generating hours are available. Over the years technology has sprung up to address point issues; EIV, transaction monitoring, document storage. Many of these technologies also integrate with popular PMS, CRM and ERP systems.
But they don’t get to the root of the problem. Someone still has to:
- Know what information to ask for
- Remember to chase ID documents
- Find, read and understand company summaries
- Manually create entity structures
- Remember to chase again for more documents
- Identify Ultimate Beneficial Owners (UBOs)
- Query source of wealth or source of funds
- Run PEP and sanction checks across multiple sources
- Chase for even more documents
Only then can the information be analysed and a risk based assessment be completed. We created a calculator for our customers to understand how much CDD is really costing them. The opportunity costs associated to disjointed workflows and moving between seperate systems alone are eye watering.
This is just the pain for onboarding. Reporting entities must also:
- Provide annual reports (again, finding and collating manual documents for batch reports).
- Prepare files for audit and engage in a lengthy audit process.
- File suspicious activity/transaction reports.
- Review risk assessments.
- Conduct firm wide training for frontline staff, compliance teams and the board.
- Update policies, procedures and controls and keep on top of the latest in AML regulations and trends.
Here’s what other companies are doing to minimise non-billable hours associated to KYC:
- Use integrated KYC technology. Point solutions (EIV, document storage, transaction monitoring etc) create more inefficiencies.
- Create an in-house database of high frequency client information (documents, structures etc) which can be updated only as needed.
- Split the effort across job roles;
- front-line, juniors or admin staff do the manual chasing based on specified requirements,
- mid-level staff define and analyse results
- managers sign-off based on the internal risk appetite
- Choose an AML solution like First AML which streamlines the workflows, consolidates all point solutions into one platform and provides recommendations on what information to collect based on risk assessments, entity structures and your risk appetite.
Pain 2: No on-charge ability / unknown costs
This pain is most keenly felt with new clients, when the length of time taken to complete CDD is unknown because their entity structure isn’t clearly defined. Complex entities can be dozens of layers deep and cross multiple jurisdictions.
The other common complaint is that point solution data vendors charge based on volume. Going direct as an individual firm means high, variable costs and uncertainty for on-charging. Because how can you on-charge if you don’t know what the rate will be until after the service is delivered?
Here’s what other companies are doing to address unknown costs:
- Conduct Ongoing CDD (OCDD) only as often as required, it’s a common misconception that proof of identity needs to be updated annually. It doesn’t. It only needs to be completed every three years or when it is triggered depending on your risk based approach.
- Negotiate a fixed fee for each EIV check, lock in volume pricing if possible
- Apportion the cost of software (EIV platform fees, document storage fees, PEP, adverse media and sanction check fees, transaction monitoring fees; the list is long) across the average client base and on-charge at a fixed price
- Utilise Google to conduct initial PEP and adverse media checks. If something unusual comes up, engage your software supplier then (if they’ll allow ad-hoc checks)
- Increase hourly rates by the average percent of time spent on KYC. A lot of small charges add up over time.
- Automate as much as possible via forms and timed emails
- Choose an AML solution like First AML which consolidates all data sources in one platform and provides data costs at a set unit consumption rate.
Pain 3: Poor or overwhelming guidance
Every company is different; different specialities, different client types, different risk attitudes.
It’s because of this, that local AML authorities seem to give either opaque or overwhelming guidance. They must walk a fine line between offering general guidance that allows for unique risk appetites and providing specifics for the never ending list of nuances, exemptions and other situations.
This opaque proliferation is far too many for the average company to understand and retain. Let alone when a junior or office admin is expected to do all the legwork and understand the guidance in order to collect and analyse correctly.
It was because of this that we created a Compliance Guide that guides you through requirements and best practice in a clear and concise way. But there are a number of other things you can do to remove the pain.
Here are seven ways other companies are addressing unclear or overwhelming guidance:
- Regularly conduct spot checks via registered AML auditors to ensure you’re on track.
- Conduct quarterly quality assurance checks internally to review files.
- Adopt best practice standard operating procedures, don't reinvent the wheel. AML consultants can help with this.
- Assign a dedicated compliance officer.
- Review risk assessments and compliance programmes regularly.
- Be active in AML industry events and conferences in order to hear and share best practices.
- Provide training for your employees. Ensure it has real life examples and impacts such as how lawyers have inadvertently laundered money for overseas entities, and how they get involved in creating complex structures. You could also touch on the higher risk parts of AML
And if you're still stuck, check out our Compliance Guide.