Cyber Attacks – The Big Reputation Risk for Companies
Financial crime is on the rise worldwide and is considered a major risk to the global economy. To counter this growing type of crime, financial institutions and banks must follow the Customer Due Diligence (CDD) process. The approach to CDD is by no means rigid. It is designed to be flexible so that different countries can adapt and implement their own requirements and regulations. The CDD process involves thoroughly verifying a bank customer’s identity (for example, by running a Know Your Customer (KYC) review of the customer) and an assessment of a customer's trustworthiness. Furthermore, the bank must develop an understanding of the business relationship with the customer, determine whether the potential customer is a politically exposed person (PEP), conduct a risk assessment and monitor all transactional activities of the customer. The banks must keep all related records. However, even after successful identity verification, customer identities must be managed securely to make it more difficult for criminals to hijack an account and misuse it for financial purposes. Consequently, CIAM systems are also becoming part of CDD measures.
Joint global efforts to curb financial crime are rising: Governments, international organisations and banks are working together to reinforce CDD measures and enhance information sharing between countries and financial institutions. The MEA (Middle East and Africa) region, as a business hub, is often strongly impacted by financial crime. In this blog, you can read about how global efforts in CDD can help in the fight against financial crime.
Definition of CDD and appropriate measures
CDD is a process that companies and banks use to collect information about their customers in order to identify risks (such as money laundering, terrorist financing, cyber fraud and other illegal activities) and take appropriate action. CDD is therefore an important risk management strategy. But as each country has different requirements and standards to combat financial crime, there is no “one size fits all” in CDD.
To harmonise standards for combating financial crime, the international body Financial Action Task Force (FATF), consisting of 35 member states, has included the CDD process in its recommendations. More than 170 countries have recognised these standards and adopted them as binding measures.
One of these standards mandates accurate verification of the customer's identity. This means a potential customer must prove their identity through official documents or proof of residence before opening a bank account. In addition to initial identity verification, banks must also conduct a risk assessment of the customer and analyse the purpose of the business relationship between the bank and the customer. This is primarily used to assess the potential risk of money laundering and terrorist financing. If the person requesting a business relationship with the bank is politically exposed (PEP), special due diligence requirements must be observed. Simply put, people holding high and important offices, such as ministers or ambassadors, are scrutinised more closely.
Once the account is established, CDD requires the monitoring of a customer’s transactions and activities to identify unusual or suspicious transactions.
The CDD processes and the recommendations of the FATF are frequently amended and follow a risk-based approach.
Increase in international financial crime or “money moves in mysterious ways”
The MEA region is especially impacted by terrorist financing and money laundering. However, this is also country-specific and often attributable to weak regulation and enforcement of AML/CFT measures. Political conflicts and a shadow economy can also create a favourable environment for financial crime.
But globalisation and the networking of financial systems it is bringing about, as well as the growing number of transactions, also contribute to the increase in financial crime. Money is not only laundered or moved within a country but across national borders as well. The international links can be opaque and difficult for international authorities to dismantle. Criminals and organised crime syndicates are constantly expanding and improving on the techniques and methods they employ to circumvent increasingly complex CDD procedures. Developments in the financial sector itself are also causing new risks to emerge. With the advent of cryptocurrencies, a whole new world has opened up for financial crime.
Many countries in the MEA region are trying to implement the measures recommended by the FATF and are working more closely with international authorities to curb financial crime. Anti-money laundering measures have also been reinforced in some countries, such as South Africa and the United Arab Emirates and play a vital role in the MEA region.
Eliminating the roots of financial crime with KYC and CIAM
KYC is an important CDD compliance measure and makes the process much easier. It is used to verify the identity of potential customers and thus makes onboarding much easier. Since cybercriminals can also hijack accounts and steal a customer's verified identity, banks must use a secure authentication method to ensure a smooth customer experience. By implementing CIAM, customers can log into their accounts securely and easily. Authentication methods can also be applied downstream, for example, through risk-based authentication, so that the ‘real’ identity of a customer is guaranteed throughout the entire account session.
