This week, our Secret Crime Fighter is reminding us how important it is to stay on top of your Know Your Customer checks, and that customer risk assessments should be built up over time. Have you got the right controls in place to identify this typology? Read on to find out more.
When our Secret Crime Fighter onboarded a customer ~4 years ago, there were a couple of small red flags that went to financial crime risk. For example, the company had little to no online presence, the Directors had a number of other directorships in recently incorporated companies, and the ultimate owner was a company registered in the British Virgin Islands. In addition, on that first day they were onboarded, the company changed their name on Companies House.
Small puzzle pieces that, when viewed together might indicate a higher risk profile, but for many people, not outside of risk appetite.
Over the intermittent years, the customer behaved exactly as expected based on the kind of company it was. The transaction volume and sizes were inline with other similar companies, and there was nothing else indicating an elevated level of financial crime risk. This led our Crime Fighter to believe the customer was low risk.
And then suddenly the ultimate beneficial owner (UBO) of the customer changed. The new UBO was a newly incorporated business in the UK, with no online presence. When asked, the Directors were guarded about the identity of the person behind the new UBO.
Our Secret Crime Fighter reviewed the entire history of the customer’s account, including the early red flags, which led them to push for more information. When they finally received some, a simple adverse media check connected the UBO to multiple previous cases of financial crime using companies similar to the one they now owned.
At a basic level there are some clear controls here, such as making sure to automatically screen Companies House for any change in beneficial ownership, and requesting new KYC information off the back of those changes.
But what if you operate in a country with no central source of beneficial ownership? How are you refreshing your KYC and UBO information?
It’s worth thinking about the other elements to this typology, such as risk ratings and the information you have available to you when investigating accounts.
For many, a number of normal years of transaction history like our Crime Fighter saw here would result in lowering the risk rating of a customer. What do years of good service mean in your own Customer Risk Assessment? Does something that is low risk, for example transaction history, outweigh something that is high risk, for example red flags at onboarding?
Additionally, when investigating a customer’s account, do you consider events or information received a number of years ago, or do you only have access to recent account history?
As well as controlling for this typology by reviewing UBO changes, this provides a useful reminder to review things like how your risk ratings are set and changed, and how your operational tools are set up to encourage the best use of the most relevant data.
Thanks for reading our latest Secret Crime Fighters newsletter. If you have an interesting typology that you’d like to share, we’d love to hear about it! Please email us at [email protected].
Senator Warren Calls for Strong Oversight in BaaS: A Critical Moment for Banks to Embrace Automated Compliance
Exploring AI and Automation in Financial Crime Compliance: A Conversation with Cable and Greenlite CEOs
100% Automated Compliance Testing Is the Only Way Banks and Fintechs Can Grow
