KYC remediation: definition
KYC remediation, or “Know Your Customer”, refers to the process by which a company reviews and updates all existing customer documents to ensure it has the most up-to-date and complete identity verification information. This process is crucial for complying with current regulations and effectively combating illegal financial activities, such as money laundering or terrorist financing.
What is the purpose of KYC remediation?
The aim of KYC remediation is to ensure that customer information corresponds to current reality and complies with all regulatory requirements. This has a dual benefit: on the one hand, it helps prevent and limit the risks associated with fraud and financial crime, and on the other, it ensures that financial services are used in a transparent and responsible way.
For companies, conducting effective KYC remediation also means reducing their exposure to the risks of sanctions, fines or reputational damage that could result from non-compliance with regulations. It is therefore an essential component of responsible corporate governance, aware of the risks involved in modern financial transactions.
Who is concerned by KYC remediation?
All professional establishments in sectors affected by the KYC process must also set up remediation campaigns to update their customers’ files. This includes :
- Financial institutions: banks, insurance companies, asset management companies, stockbrokers, etc.
- Money service businesses offering money transfer, foreign exchange or issuing and managing means of payment solutions
- Designated non-financial organizations: casinos, real estate agents, luxury car dealers, notaries, etc.
- Service providers, such as lawyers and accountants, who may facilitate the creation of business structures or transactions that may conceal the real identity of beneficiaries.
- Cryptocurrency platform operators
- Fintechs and neobanks
It should be noted that the scope of organizations covered by these obligations is constantly expanding as regulators seek to close loopholes that would allow criminals to take advantage of the financial system.
Make an appointment with one of our experts to find out how Netheos solutions can help you verify the identity of your users, securely and without loss of conversion.
KYC remediation in banking: steps and case studies
Imagine a large, internationally-operating bank, let’s call it Global Bank X. Following the discovery of deficiencies in its LCB-FT policies, it launches an extensive KYC remediation campaign.
Campaign schedule :
- Identifying gaps: The compliance team identifies that some customers’ documents have not been updated for several years, posing a risk of non-compliance.
- Customer notification: Customer relationship managers contact affected customers, explaining that updating their information is necessary to comply with the new LCB-FT directives.
- Collection of information: Customers are asked to submit up-to-date documents proving their identity, address, professional status, and for legal entities, the actual beneficiary structure.
- Validation and controls: KYC analysts review submitted documents, carry out additional checks if necessary, and update customer profiles in the bank’s database.
- Corrective action: If suspicious activity is detected during the campaign, further investigations are launched and, if necessary, reports are sent to the regulatory authorities.
LCB-FT regulations and KYC remediation
Update on article R561-12 of the French Civil and Financial Code
Article R561-12 of the French Monetary and Financial Code specifies the measures that reporting entities must take in terms of Know Your Customer (KYC), in order to be part of the system for combating money laundering and the financing of terrorism (LCB-FT).
In essence, this article states that :
- Before establishing a business relationship, the entities concerned must gather and analyze the information needed to understand the purpose and nature of the commercial partnership. This means that you need to actively seek out elements that can build a reliable profile of your customers before you even start doing business with them.
- Throughout the customer relationship, these same entities must not only collect, but also update and analyze information to maintain an adequate and up-to-date knowledge of their customers. This involves periodic reassessment to adapt to any changes in the customer’s circumstances that might affect the degree of risk associated with the business partnership.
The article also stipulates that the nature and extent of the information gathered, the frequency with which it is updated and the scope of the analyses carried out must be proportionate to the LCB-FT risk associated with each business relationship. In concrete terms, if you establish that the business partnership poses a high risk, then more intensive monitoring and more frequent updates will be required.
Finally, the article requires entities to be able to demonstrate to the supervisory authorities the effective application of these measures and their appropriateness to the level of risk represented by the partnership. It is therefore essential that you rigorously document all KYC remediation actions you undertake.
The 5th and 6th directives of the LCB-FT regulations
The 5th and 6th LCB-FT directives aim to refine the European regulatory framework by adding more stringent requirements. What impact does this strengthening of existing measures have on KYC remediation processes?
- The 5th Directive (AMLD5) extended the regulatory scope of LCB-FT to include players in the cryptoasset market. It has also enabled us to step up verification measures for customers from countries deemed to be high-risk, and for unusual transactions. Finally, the requirement for each EU member state to create and update a single list of PEPs (Politically Exposed Persons) has made it necessary to collect additional information on the origin of funds and the presence of business relationships during a KYC remediation campaign.
- The 6th Directive (AMLD6) increased the severity of criminal sanctions for breaches of LCB-FT regulations and established a list of 22 predicate offences to unify the understanding of money laundering within the EU.
Find out more by downloading our free replay of the Webinar entitled “Webinars & Replays”.Infographic: Automate your KYC remediation campaign in 3 steps”
Webinar
What information should be collected for KYC remediation?
During a KYC remediation campaign, the companies concerned must collect a set of relevant supporting documents that will enable them to authenticate the identity of customers and assess the associated LCB-FT risks. This information varies according to the type of customer: individual or corporate.
Individuals
For individuals, the data typically required is as follows:
- Full identity: Surname, first names, date and place of birth.
- Identity documents: Copies of valid official documents, such as identity card, passport or driving license.
- Home address: Proof of current address, such as a recent utility bill or tax notice.
- Occupation and economic activity: Information on job, position held and source of income.
- Purpose and nature of the business partnership: Description of the reasons why the customer wishes to establish or maintain the business relationship.
- Financial information: Statements on the origin of funds and assets, and on the customer's expected transaction profile.
- PEP status: If the customer or a member of his or her immediate family or a known person closely associated with him or her is a Politically Exposed Person.
Legal entities
For legal entities, the data required is more complex and includes:
- dentification of the company: Name, legal form, registered office address, and trade register.
- Legal documents: Articles of association, recent Kbis extract or equivalent depending on country of origin.
- Ownership and control structure: Identification of significant shareholders or associates (generally holding more than 10 to 25% of capital or voting rights) and beneficial owners.
- Company officers: List of officers and persons authorized to bind the company.
- Business activity: Description of core business, sources of financing and expected cash flows.
- Regulatory and compliance information: Licenses, accreditations or regulations specific to the company's industry and field of activity.
- Reputation and behavior: Public or database information that could indicate potential reputational risks or links with illegal activities.
For each of these customers, further due diligence measures may also be required depending on the perceived level of risk or the particularities of the case, such as the volume and nature of transactions, countries of operation or affiliations with public entities.
Make an appointment with one of our experts to find out how Netheos solutions can help you verify the identity of your users, securely and without loss of conversion.
Netheos KYC Check: the solution for automating remediation campaigns
Regulatory obligation need not be synonymous with a poor user experience. To achieve this, fluid processes must be put in place so as not to impede the customer experience and relationship.
Our Netheos KYC Check solution automates your KYC remediation campaigns, allowing you to concentrate on higher value-added tasks.
-70%
Processing costs.
28 days
Average duration of a remediation campaign.
85%
Automatically complete and compliant files.
Our solution is accessible via all media (computers, mobiles, tablets). The entire process is carried out online, in 3 quick and easy steps:
-
Assess your level of compliance
Identify valid customer receipts in EDM (Electronic Document Management). Our technologies cross-reference the data available in EDM and in the database. They automatically check all receipts, so you can quickly target customers in need of remediation (customers whose receipts don't comply).
-
Launch your KYC remediation campaign
Based on this targeting, the next step is to update non-compliant files. The process begins by sending an e-mail or SMS to the customer, enabling them to submit their new documents via a secure online space. It continues with automatic reminders if necessary.
-
Industrialize manual processing of anomalies
Because it's impossible to process everything automatically, the final step is to speed up the manual processing of those files that require it. Most of these files can be caught up via our dedicated back-office interface. The part that cannot be made up can be reopened, i.e. treated as incomplete.
- What is the PVID standard and its certification by ANSSI?
- eIDAS Qualified Electronic Signature (QES): complete guide
- All you need to know about Digital Identity and its European portfolio
- Easily increase the conversion of your digital customer onboarding
Fill in the form and we will contact you as soon as possible.
You can discover :
- How we can meet your specific needs and expectations
- A personalized demo, allowing you to appreciate the fluid experience we offer
- Customer feedback and case studies of similar companies that have integrated our solutions
- Advantages, benefits and value according to your use case