AML Compliance & the KYC Landscape: 2020 Review

Published Date: 23 November 2020 | 7 min read

AML and KYC compliance in 2020


Money laundering is on the rise – How bad is the state of affairs?

There is no getting around it. Countries worldwide are seeing all-time record numbers of economic crimes – whose potential devastating effects are often underestimated. Large sums of ill-gotten money flooding into a country can ravage the economy, undermine the currency values, and even threaten national and international security.

To make matters worse, the criminal landscape is evolving. Money muling – the practice of fraudulent organizations to select third-party accomplices to launder money through their accounts – is ever-increasing. In such cases, the naïve parties selected referred to as money mules, are often unaware of what they are doing or the gravity of their actions. Such vulnerable subjects are offered money to let transactions run through their accounts – whereas sometimes the money appears and disappears without account holders even noticing. The most targeted individuals are often people in financial hardship and younger generations on social media, recruited through seemingly legitimate job offers, emails, or messaging apps.

As a matter of fact, more than 90% of money mule transactions are linked to cybercrime, according to the European Money Mule Actions. The illegal money often comes from criminal activities like phishing, malware attacks, online auction fraud, e-commerce fraud, business e-mail compromise (BEC) and CEO fraud, and many others.

Looking at some numbers, in less than three months (between September and November 2019), 3833 money mules were identified in the fifth European Money Mule Action (EMMA 5) of the Europol, that resulted in 228 arrests, the opening of 1025 criminal investigations – many of which are still ongoing. More than 650 banks in 31 countries helped to report 7520 fraudulent transactions, preventing a total loss of €12.9 million. That’s how big money laundering is.


Increasing KYC requirements – and the fair reasons behind them

The above information should resonate as a wake-up call and explain the stiffening of KYC requirements.

For instance, KYCC (Know-your-customer’s-customer) procedures are indeed meant to respond to such phenomena. This derivative of the standard KYC process was necessitated from the growing risk of scams originating from fraudulent individuals or companies hiding in second-tier business relationships. While monitoring customers’ transactions and payments to others may seem a little “intrusive”, the extension of identity verification to the assessment of atypical activities with associated peers can be an effective means to protect against unwitting financial crime, where customers aren’t aware they’re being used for illegitimate means.

The widespread increase in financial crimes and money laundering worldwide needs to be addressed. Regulatory bodies are taking on this role by imposing far more stringent KYC and AML standards, which should be welcomed as positive steps toward ridding the economy of illicit gains and evil-intentioned actors. After several major European banking scandals (which have raised questions about the effectiveness of the EU approach to Anti-Money Laundering), EU-based entities will soon need to align to new legal requirements established by the 6th EU AML Directive, that is scheduled to be transposed into national laws by 3 December 2020.


AML fines: Know-your-Costs

Despite everything, it’s far more common hearing complaints about the cost and complexity of AML compliance rather than expressions of concern about the impact of fraud and illicit activity. But even where fraud and economic crimes are not frightening enough to incentivize anti-money laundering practices, the penalties handed out for their violation certainly are.

Just think that 58 AML fines were imposed globally in 2019, totalling € 6.95 billion – that is double the amount, and nearly double the value, of penalties inflicted in 2018 (when 29 fines of € 3.6 billion were enforced).

According to Duff & Phelps research dating back to June 2020, the same cases of AML failings are consistently identified by regulators across the world in their major enforcement actions of the past five years. The four key AML violations from 2015-2020 are:

Customer due diligence (115 significant cases)

AML management (109 cases)

Suspicious activity monitoring (82 cases)

Compliance monitoring and oversight (62 cases)


But why exactly are companies struggling with AML-compliance?

Know Your Customer processes are perhaps the main AML mechanism implemented by firms to verify clients’ identities and meet regulatory compliance. In performing such procedures, mainly during the client onboarding, companies face recurring challenges:


The reliability of reference data

Different institutions may request different forms of PII. As there is no standardization, customers often find this procedure varies each time they apply to a new financial institution. Besides, the lack of a common and systematic approach to legal entity verification causes inconsistency of the data collected, drain on resources, and low levels of transparency.

Adding to these issues are the drawbacks that arise from outdated systems, manual tuning of rules to adapt to changes, and the paper-dependence of the process, leaving significant room for human errors and security concerns. 84% of businesses interviewed feel that legacy procedures can’t guarantee customers’ identities as the human element in the system can easily be tricked. The constant back and forth of documentation opens the way for interception by corrupt actors, as well as a trail of clerical errors. Therefore, traditional KYC procedures are clearly neither efficient nor effective enough at protecting against financial crime.


The resources needed (time, people, money)

The average annual spending to meet AML obligations – including labour, third-party costs, and remediation – exceeds € 500 million for the largest financial institutions. KYC costs (governance, risk, and compliance) account for 15-20% of the total run the bank cost base of most major banks (and GRC demand drives roughly 40% of costs for change the bank projects underway). Besides, the total cost of client onboarding is expected to increase due to a number of factors:

the regulation tightening and new requirements that translate into more thorough checks which, in turn, require more resources

the cost of secure data storage – not only to comply with the data retention requirements but also to ensure the protection and safety of the sensitive data involved

the increase in customers means an overload of checks – the cost of onboarding new clients must also be considered among the costs of business growth

the need to hire more compliance staff (in short supply, and therefore at a high price) or provide existing staff with periodical training on ever-increasing compliance

the error-proneness of manual KYC and the cost of fixing human mistakes – when relying on paper records, that can easily get misplaced, it can be challenging to keep sensitive data such as social security numbers safe from information theft

the potential fines for poor KYC – as the inobservance of any of the above points can cause failure to comply with the rules imposed by law, hence pecuniary penalties


The length of the process (especially for KYB)

In some cases, it can take up to over 2 months to onboard a new client, and 1 in 2 firms believes client onboarding time is going to rise over the next year due to increased fraud, stricter regulations, and business growth.

The stages of onboarding that require most of the time are usually data collection, document management, and ensuring compliance with KYC requirements. This, however, varies from firm to firm, especially when comparing mid-sized firms (with less than 250 employees) and larger enterprises – and the little consensus as to what is the longest step points to a lack of consistency in the process.

All these problems have a negative impact on customer experience – and, consequently on the company revenue. Most of the prospect clients turn to competitors if the onboarding process doesn’t live up to their expectations. As a result, 64% of banks reported lost business due to the client losing patience with the process that is too difficult and takes too long (15%), or because the transaction has to be rejected as not enough information is known to verify the client identity (14%), or the transaction is not completed quickly enough to meet the client’s time needs (12%).

Moreover, these primary issues don’t end after the new customer has been onboarded as KYC is an ongoing activity: a thorough risk assessment is also necessary subsequently and periodically throughout the business relationships, as obliged entities have to conduct regular reviews to re-verify existing users and ensure constant compliance. In point of fact, only 29% of clients promptly report changes to their legal entity’s status, 58% of companies said that their clients’ data is not up-to-date, and 63% of organizations review information held on client organizations at least every 12 months.


Looking for the silver lining?

Thankfully, there seems to be a light at the end of the tunnel: modern technologies can help compliance departments address many of these issues and upgrade financial institutions’ approach to money laundering risks at large. 85% of respondents agree about it: the implementation of a dedicated digital solution for AML operations is, indeed, a leading area for resource and budget spend in coming years. KYC utilities are generally deemed as a positive development, contributing to the enhancement of the areas with the greatest need for improvements, such as document management (42%), identification of legal entities (37%), and collection and validation of customer information (34%).

Efficiency optimization, time and cost reductions, security and customer experience improvements are just some of the many benefits a company can gain from digitizing the client onboarding process – while strengthening the privacy of the sensitive data involved and achieving full AML compliance.

31% of the BFSI entities participating in the survey had started using a centralized digital solution to collect KYC information on counterparty relationships. What about your company? Is your business on the right track?


Penneo is here to help you

Streamline Anti-Money Laundering compliance today with CLA by Penneo, our KYC solution! Our solution is easy to use and intuitive and will allow you to carry out the onboarding process much faster and with greater security. Such benefits extend to your customers who will enjoy a safer digital experience – providing you with their identification documents from their smartphone and in just a few minutes.

Document collection, risk assessment, tracking and monitoring – everything you might need is expertly built into our software, that can also be easily integrated with your ERP system to let you effortlessly import your customer information with just one click.

Curious to gain more insights on client onboarding? Take a look at our new Infographic: Client Onboarding Automation & AML Compliance and have a glance at the benefits of KYC automation.