By: Oleksandr Shchybun, CAMS, MLRO at Remittance360 Ltd
Compliance requirements for establishing ultimate beneficiaries, verifying complex ownership structures, and the practice of using external resources and independent compliance product providers.
In many jurisdictions, the AML law requires the establishment of the ultimate beneficial owner of the client or his absence, including obtaining the ownership structure in order to understand it, and data that allows establishing the ultimate beneficial owner, and taking measures to verify his identity.
In order to establish the ultimate beneficial owner, compliance officers:
• receive from the client, a legal entity: the ownership structure of such client;
• establish, in respect of a trust or other similar legal entity, information about the founders, trustees, protectors, beneficiaries or group of beneficiaries, as well as about any other natural persons who exercise decisive influence over the activities of the trust or other similar legal entity;
• have the right to use data contained in official documents, official and/or other sources;
• should take appropriate measures to verify the accuracy of the information regarding the ultimate beneficial owner and ensure that he knows who the ultimate beneficial owner is, taking reasonable steps to understand the ownership and ownership structure.
The ultimate beneficial owner is any natural person who exercises decisive influence over the activities of the client and/or the natural person on whose behalf the financial transaction is carried out.
In particular, the ultimate beneficial owner may be:
• for legal entities, an individual who influences the activities of the legal entity directly or through the chain of ownership control;
• for trusts, the founder, trustee, protector, beneficiary or their group, as well as any other natural person who exercises decisive influence over the activities of the trust, including through the chain of ownership;
• for other legal entities, a natural person equivalent or similar to the persons specified for trusts.
Normally, a sign of influence is the direct ownership by an individual of a share of at least 25% of the authorized (shared) capital or voting rights of a legal entity.
Practice of Using External Resources and Independent Providers of Compliance Products
There are a huge number of compliance consulting companies in the world. Some of them have a certain specialization, for example, some implement software for monitoring transactions, others provide consulting on the implementation of the compliance function itself in the enterprise, and do not have technological products to sell. There are also firms that combine the creation of compliance consulting and technology.
In practice, enterprises either create the necessary compliance resources themselves or use the capabilities of companies that specialize in providing such services.
Compliance solutions from independent providers provide companies operating in the USA with an effective means to comply with their AML requirements, sanctions checks, and other requests, depending on the industry and type of business. Some offer a suite of compliance tools that automate AML, handle customer registration, and transaction monitoring. By implementing these solutions, companies can significantly streamline their compliance processes, ensuring that they remain fully compliant with financial monitoring regulations while operating in the USA.
Sometimes, the complexity associated with properly verifying beneficial owners is a problem. The legislation places increased emphasis on transparency of beneficial ownership, and, therefore, financial institutions need to have effective data collection, identification, and verification processes in place to meet strict regulatory requirements.
Therefore, using a reputable compliance information resource provider in the industry is a good way to get the necessary beneficial ownership data already collected in one product. With experience working in different geographies, compliance product providers can demonstrate the entire existing and hidden network of the client, all levels of ownership, subsidiaries and affiliates, key principals, sometimes even key customers and employees of the company being audited, which are important for the identification and verification of the beneficial owner. Especially when it comes to high-risk clients, PEPs, non-resident companies, foreign clients, and other categories for which there is a need to conduct enhanced due diligence.
The following questions should be asked when evaluating a third-party data provider to assist in determining the beneficial owner:
Data accuracy and detail: How accurate is the ownership structure of the entity being verified through the service provider’s data? Are all layers of ownership covered? What percentage of ownership is tracked if not all beneficiaries are identified?
Data relevance: how often is the data updated, what triggers a re-update, and how quickly does an update in the state register appear in the service provider’s data?
Coverage states: how many countries does the selected third-party data provider cover and what percentage of organizations are covered in each region compared to the total number of registered entities?
Data security: How is data transferred between third-party data providers and your company? How is it processed and stored within the provider organization, and is there any risk of data leakage, privacy breaches, or other digital security risks?
Legitimacy, consistency, and reliability: from what sources is the data used, and what are the methods of its collection? Is the process of information collection legal and justified? To what extent is the legislation consistently followed, and does the supplier have a compliance program?
Stability: find out how long the third-party data provider has been in business, its size, reputation, and financial performance.
Integrity: How smoothly does the data received from the provider integrate into your existing corporate systems and adapt to any future updates?
The Indispensability of Databases and Relationship Analytics in Comprehensive Customer Due Diligence
The modern financial world is evolving rapidly, and the need for improved customer identification and anti-money laundering requirements cannot be overstated. The more complex financial transactions are, the more difficult it is to detect new money laundering methods and prevent illegal activities.
However, data analytics has opened up new opportunities to strengthen AML compliance efforts and combat financial crime.
Processing large and complex data that cannot be easily managed or analyzed using traditional (manual) methods creates process analytics for AML compliance with several advantages:
Improved risk assessment: Data analytics allows AML professionals to gain a deeper understanding of customer behavior, transaction patterns, and risk indicators, contributing to more accurate risk assessment.
Advanced detection capabilities: By analyzing data, you can uncover complex relationships, hidden patterns, and anomalies that will indicate suspicious activity.
Real-time monitoring: Data analytics technologies allow you to track financial transactions in real time.
The Importance of Enhanced Customer Due Diligence (CDD)
Due diligence is a critical component of KYC procedures, allowing organizations to assess the risks associated with ultimate beneficial owners. In particular, they can be grouped according to certain characteristics and subject to compliance verification measures. Using data, anti-money laundering professionals can improve customer due diligence processes in the following way:
Integrate data from multiple sources, such as public records, social media, and business registration lists. This helps verify customer identities, detect potential fraud, and identify politically exposed persons (PEPs) and sanctioned individuals.
Such network analytics has the potential to significantly improve the effectiveness of AML programs. For example, for banks, where the right external data sources are needed, their analysis capabilities are also needed. It examines the connections between related parties to better identify relationships. This includes reviewing network elements for similarities to known money laundering methods and atypical customer behavior.
Networks are formed by connections between the owners and related activities. These links can be internal data, such as account transfers or shared ownership, or external data, such as a shared address or sharing the same ATM. Such analytics are part of a compliance program with a focus on AML. In practice, network statistics (for example, how similar it is to a known money laundering typology) will be incorporated into existing customer risk scoring and transaction monitoring models as input to improve model accuracy. New capabilities, such as accomplice detection, will help speed up investigations and uncover hidden risks.
Relationship analysis is displayed as graphs that look like vertices, nodes, or points that are connected by arcs or lines. This is useful for those working in compliance because it allows analysts to process information more quickly due to the visual format. Visualizing the analysis provides an easier way to track account cash flow and account relationships. It looks like intertwined networks of data, similar to a spider’s web.
When a bank is tasked with conducting an anti-money laundering investigation, the task can be daunting due to the sheer volume of information that needs to be verified. Most money launderers do not conduct their illegal business in a single transaction, but rather attempt to conceal their illegal behavior through the guise of normal, complex activities.
The benefits of ultimate beneficial ownership data processing for KYC and AML compliance are undeniable. By leveraging the extensive capabilities of data analytics, anti-money laundering professionals can gain a deeper understanding of customer behavior, detect suspicious activity, and reduce compliance risks. The integration of data and predictive analytics has huge potential for further development in AML compliance.
Combining Internal and External Compliance Resources
A combination of internal compliance resources with external compliance consultants can be effective in complex AML investigations, when verification of identity and existence of business partners in a high risk jurisdictions need to be confirmed independently, when the value of deals being approved by Compliance is substantial and an external assessment of a potential counterpart can enhance your decisions, and when there is a need for an independent external AML compliance audit.
The reliance factor is key when choosing external consultants. Some of them operate only within the USA, the others have an international coverage with offices based on the ground in many countries, or their representatives can arrive at a particular destination for your AML compliance investigation.
There are vendors and suppliers of AML compliance products and services. They provide outsourced services for regulatory reports submissions, advisory on compliance matters, help with obtaining licenses, and create written policies and procedures. These vendors may have a specialization in particular businesses, e.g., money remittance, or be able to support different industries without the compliance specialization.
The enhancement of using your own compliance personnel in conjunction with compliance external service providers is clear and helpful when working in a regulatory environment.
About the Author
Oleksandr Shchybun is a certified AML specialist (CAMS, USA) and a certified financial crime investigator (Utica University, USA). He specializes in money remittance and card issuing businesses. O. Shchybun has spent more than 15 years working as a compliance officer at a number of financial institutions, including conglomerates such as American Express, MoneyGram, and financial startups, e.g., Remittance360 Ltd. He is based in London, United Kingdom. For more information, you can visit his LinkedIn.
