Ongoing remediation of Know Your Customer (KYC) records related to pre-existing clients comes with challenges that are difficult to navigate in an ever-changing regulatory landscape. In order to stay compliant, financial institutions (FIs) and non-banking financial institutions (NBFIs) must adapt to new legislation and AML/CTF risks that continue to develop in sophistication and complexity.
Emily Gorman
FIs/NBFIs operating in offshore jurisdictions have the more onerous task of KYC for pre-existing and new clients that are predominantly not domiciled in the same country and therefore come with their own unique context-specific risks.
Notable triggers for KYC refresh projects stem from a myriad of factors, including the implementation or removal of sanctions, changes to regional PEP designations, and mandated reviews on “riskier” customers, to name a few. Operationally this continues to be the norm; but external pressures for ongoing maintenance are made more complex by politics, an increase in customers with a more “universal” level of exposure, and/or stemming from riskier countries.
With sizeable market shifts in the wake of the current sanctions’ climate, customers’ commercial activities have been forced to pivot and diversify in response.
As an example, those that had sizeable exposure to Russia pre-2022 or even pre-2014 have largely faced reputational and regulatory pressure to shift assets or divest resulting in new sectoral and regional exposure that may not have existed at the time of their onboarding or last review.
In this vein, customers with such exposure also likely require ongoing monitoring to ensure that any continuing operations or connections in or to Russia are within regulatory law and are not proxy to other interests. Indeed, conducting targeted and periodic due diligence reviews on such clients is necessary to demonstrate compliance to regulators.
Sanctions exposure and the risk of sanctions circumvention is only one such factor. Geopolitics can similarly affect the risk profile of clients. In just 2024, there are unprecedented incidences of elections in 64 countries and multiple changes to governments are predicted. As a result, reviews on pre-existing customers are critical to ensuring their respective risk profiles are up to date, their political exposure assessment remains accurate, and possible knock on effects that result from political changes are considered in a customer’s geographical risk evaluation. In particular, an understanding of public and private sector interactions in places with weaker oversight is paramount to fully grasp the risks associated with individuals that have notable political exposure, whether they are PEPs themselves or are unflagged but regularly interact with government agencies, state owned enterprises (SoEs), or other entities that have political links in the countries in question.
A new phenomenon, particularly in UK offshore jurisdictions (Channel Islands and Crown dependencies), is similar and rising oversight from regulators as onshore locations. In this vein, FIs/NBFIs domiciled in offshore jurisdictions face their own unique challenges, namely, balancing compliance requirements while remaining attractive destinations for complex ownership structures and trusts. The result is an elevated need for beneficial ownership identification, which can be cumbersome in terms of the often sizeable operational costs and manpower required to perform a comprehensive review.
Due to their diverse client base, offshore FIs/NBFIs are largely conducting KYC on clients with connections to countries that may be more unfamiliar to employees with compliance functions. This is of particular concern in reference to political exposure and PEP designations in more opaque jurisdictions and can have implications on the accuracy of KYC refresh projects when one “doesn’t know where to look” and significant risk indicators can be missed.
Barring the challenges related to jurisdictional and sectoral exposure, attempting to ascertain source of wealth in areas with less access to information poses multiple risks, including in the form of proxy holdings and illicit sources of funds. Data transparency remains an area of concern, with opaque low- and middle-income countries (LMICs) now producing more high net worth individuals (HNWIs) than ever before. Areas without a centralized commercial registry or more limited press freedom hampers accurate identification of corporate holdings and informed reputational risk assessments.
Given the nature and complexity attached to KYC performed by offshore institutions, it is not feasible for FIs/NBFIs to hold targeted expertise in every region, particularly around countries’ unique risks vis-à-vis data transparency, political environment, and the robustness of AML frameworks. Internal KYC processes may not be effective or contextually cognizant of risk indicators connected to a customer’s commercial activity and geography, referring back to the above-noted challenges of jurisdictional and sectoral exposure. Additionally, a client’s global exposure is often not immediately obvious and can be difficult to discern, even after gathering documentation from the customer, which can lead to a misclassification or underestimation of a customer’s risk profile.
Indeed, the ongoing and persistent need for KYC remediation processes can be burdensome on resources to FIs and NBFIs, particularly amid the ever-changing political situations, increasing globalization of assets and activities, and the related complexity and context that requires niche understanding. This can be mitigated by increasing the knowledge of those engaged in the first line of defence and having robust options for outside expertise on the variety of complexities, from jurisdictional risk to sanctions and money-laundering typologies to implications of political exposure within the local context. This can significantly alleviate operational and reputational risks that could ensue if KYC remediation projects are not carefully conducted.